diff options
author | Rich Salz <rsalz@openssl.org> | 2016-04-18 07:43:54 -0400 |
---|---|---|
committer | Rich Salz <rsalz@openssl.org> | 2016-04-18 08:22:00 -0400 |
commit | 9021a5dfb37fd3a6f7726f07ef0f27dcb71048e2 (patch) | |
tree | 1676ab2e59a9fe9a859c2b7e55a4ddfcd7e2be21 | |
parent | 84f4f0bdd49dd162305685d76caa194165b56635 (diff) |
Rename some lowercase API's
Make OBJ_name_cmp internal
Rename idea_xxx to IDEA_xxx
Rename get_rfc_xxx to BN_get_rfc_xxx
Rename v3_addr and v3_asid functions to X509v3_...
Reviewed-by: Richard Levitte <levitte@openssl.org>
-rw-r--r-- | apps/speed.c | 6 | ||||
-rw-r--r-- | apps/version.c | 2 | ||||
-rw-r--r-- | crypto/bn/bn_const.c | 16 | ||||
-rw-r--r-- | crypto/evp/e_idea.c | 16 | ||||
-rw-r--r-- | crypto/idea/i_cbc.c | 12 | ||||
-rw-r--r-- | crypto/idea/i_cfb64.c | 6 | ||||
-rw-r--r-- | crypto/idea/i_ecb.c | 6 | ||||
-rw-r--r-- | crypto/idea/i_ofb64.c | 4 | ||||
-rw-r--r-- | crypto/idea/i_skey.c | 4 | ||||
-rw-r--r-- | crypto/x509/x509_vfy.c | 4 | ||||
-rw-r--r-- | crypto/x509v3/ext_dat.h | 3 | ||||
-rw-r--r-- | crypto/x509v3/v3_addr.c | 84 | ||||
-rw-r--r-- | crypto/x509v3/v3_asid.c | 46 | ||||
-rw-r--r-- | crypto/x509v3/v3_utl.c | 1 | ||||
-rw-r--r-- | crypto/x509v3/v3err.c | 2 | ||||
-rw-r--r-- | include/openssl/bn.h | 27 | ||||
-rw-r--r-- | include/openssl/idea.h | 28 | ||||
-rw-r--r-- | include/openssl/x509v3.h | 64 | ||||
-rw-r--r-- | ssl/t1_lib.c | 4 | ||||
-rw-r--r-- | test/ideatest.c | 30 | ||||
-rw-r--r-- | util/libcrypto.num | 71 |
21 files changed, 231 insertions, 205 deletions
diff --git a/apps/speed.c b/apps/speed.c index ee6a4b2d57..160841d040 100644 --- a/apps/speed.c +++ b/apps/speed.c @@ -1667,7 +1667,7 @@ int speed_main(int argc, char **argv) Camellia_set_key(ckey32, 256, &camellia_ks3); #endif #ifndef OPENSSL_NO_IDEA - idea_set_encrypt_key(key16, &idea_ks); + IDEA_set_encrypt_key(key16, &idea_ks); #endif #ifndef OPENSSL_NO_SEED SEED_set_key(key16, &seed_ks); @@ -2202,7 +2202,7 @@ int speed_main(int argc, char **argv) } Time_F(START); for (count = 0, run = 1; COND(c[D_CBC_IDEA][testnum]); count++) - idea_cbc_encrypt(loopargs[0].buf, loopargs[0].buf, + IDEA_cbc_encrypt(loopargs[0].buf, loopargs[0].buf, (unsigned long)lengths[testnum], &idea_ks, iv, IDEA_ENCRYPT); d = Time_F(STOP); @@ -2693,7 +2693,7 @@ int speed_main(int argc, char **argv) #endif printf("%s ", AES_options()); #ifndef OPENSSL_NO_IDEA - printf("%s ", idea_options()); + printf("%s ", IDEA_options()); #endif #ifndef OPENSSL_NO_BF printf("%s ", BF_options()); diff --git a/apps/version.c b/apps/version.c index d261a2355c..0a252e75b2 100644 --- a/apps/version.c +++ b/apps/version.c @@ -222,7 +222,7 @@ int version_main(int argc, char **argv) printf("%s ", DES_options()); #endif #ifndef OPENSSL_NO_IDEA - printf("%s ", idea_options()); + printf("%s ", IDEA_options()); #endif #ifndef OPENSSL_NO_BF printf("%s ", BF_options()); diff --git a/crypto/bn/bn_const.c b/crypto/bn/bn_const.c index 12fdf2c84b..881b4cc915 100644 --- a/crypto/bn/bn_const.c +++ b/crypto/bn/bn_const.c @@ -11,7 +11,7 @@ * RFC2412 specifies a generator of of 22. */ -BIGNUM *get_rfc2409_prime_768(BIGNUM *bn) +BIGNUM *BN_get_rfc2409_prime_768(BIGNUM *bn) { static const unsigned char RFC2409_PRIME_768[] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, @@ -39,7 +39,7 @@ BIGNUM *get_rfc2409_prime_768(BIGNUM *bn) * RFC2412 specifies a generator of 22. */ -BIGNUM *get_rfc2409_prime_1024(BIGNUM *bn) +BIGNUM *BN_get_rfc2409_prime_1024(BIGNUM *bn) { static const unsigned char RFC2409_PRIME_1024[] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, @@ -71,7 +71,7 @@ BIGNUM *get_rfc2409_prime_1024(BIGNUM *bn) * RFC2312 specifies a generator of 22. */ -BIGNUM *get_rfc3526_prime_1536(BIGNUM *bn) +BIGNUM *BN_get_rfc3526_prime_1536(BIGNUM *bn) { static const unsigned char RFC3526_PRIME_1536[] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, @@ -110,7 +110,7 @@ BIGNUM *get_rfc3526_prime_1536(BIGNUM *bn) * RFC3526 specifies a generator of 2. */ -BIGNUM *get_rfc3526_prime_2048(BIGNUM *bn) +BIGNUM *BN_get_rfc3526_prime_2048(BIGNUM *bn) { static const unsigned char RFC3526_PRIME_2048[] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, @@ -157,7 +157,7 @@ BIGNUM *get_rfc3526_prime_2048(BIGNUM *bn) * RFC3526 specifies a generator of 2. */ -BIGNUM *get_rfc3526_prime_3072(BIGNUM *bn) +BIGNUM *BN_get_rfc3526_prime_3072(BIGNUM *bn) { static const unsigned char RFC3526_PRIME_3072[] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, @@ -220,7 +220,7 @@ BIGNUM *get_rfc3526_prime_3072(BIGNUM *bn) * RFC3526 specifies a generator of 2. */ -BIGNUM *get_rfc3526_prime_4096(BIGNUM *bn) +BIGNUM *BN_get_rfc3526_prime_4096(BIGNUM *bn) { static const unsigned char RFC3526_PRIME_4096[] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, @@ -299,7 +299,7 @@ BIGNUM *get_rfc3526_prime_4096(BIGNUM *bn) * RFC3526 specifies a generator of 2. */ -BIGNUM *get_rfc3526_prime_6144(BIGNUM *bn) +BIGNUM *BN_get_rfc3526_prime_6144(BIGNUM *bn) { static const unsigned char RFC3526_PRIME_6144[] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, @@ -410,7 +410,7 @@ BIGNUM *get_rfc3526_prime_6144(BIGNUM *bn) * RFC3526 specifies a generator of 2. */ -BIGNUM *get_rfc3526_prime_8192(BIGNUM *bn) +BIGNUM *BN_get_rfc3526_prime_8192(BIGNUM *bn) { static const unsigned char RFC3526_PRIME_8192[] = { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, diff --git a/crypto/evp/e_idea.c b/crypto/evp/e_idea.c index 598dd3f172..38e0c0a77b 100644 --- a/crypto/evp/e_idea.c +++ b/crypto/evp/e_idea.c @@ -64,7 +64,7 @@ # include "internal/evp_int.h" # include <openssl/idea.h> -/* Can't use IMPLEMENT_BLOCK_CIPHER because idea_ecb_encrypt is different */ +/* Can't use IMPLEMENT_BLOCK_CIPHER because IDEA_ecb_encrypt is different */ typedef struct { IDEA_KEY_SCHEDULE ks; @@ -74,7 +74,7 @@ static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, const unsigned char *iv, int enc); /* - * NB idea_ecb_encrypt doesn't take an 'encrypt' argument so we treat it as a + * NB IDEA_ecb_encrypt doesn't take an 'encrypt' argument so we treat it as a * special case */ @@ -87,10 +87,10 @@ static int idea_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, } BLOCK_CIPHER_func_cbc(idea, idea, EVP_IDEA_KEY, ks) - BLOCK_CIPHER_func_ofb(idea, idea, 64, EVP_IDEA_KEY, ks) - BLOCK_CIPHER_func_cfb(idea, idea, 64, EVP_IDEA_KEY, ks) +BLOCK_CIPHER_func_ofb(idea, idea, 64, EVP_IDEA_KEY, ks) +BLOCK_CIPHER_func_cfb(idea, idea, 64, EVP_IDEA_KEY, ks) - BLOCK_CIPHER_defs(idea, IDEA_KEY_SCHEDULE, NID_idea, 8, 16, 8, 64, +BLOCK_CIPHER_defs(idea, IDEA_KEY_SCHEDULE, NID_idea, 8, 16, 8, 64, 0, idea_init_key, NULL, EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, NULL) @@ -104,12 +104,12 @@ static int idea_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key, enc = 1; } if (enc) - idea_set_encrypt_key(key, &EVP_C_DATA(EVP_IDEA_KEY,ctx)->ks); + IDEA_set_encrypt_key(key, &EVP_C_DATA(EVP_IDEA_KEY,ctx)->ks); else { IDEA_KEY_SCHEDULE tmp; - idea_set_encrypt_key(key, &tmp); - idea_set_decrypt_key(&tmp, &EVP_C_DATA(EVP_IDEA_KEY,ctx)->ks); + IDEA_set_encrypt_key(key, &tmp); + IDEA_set_decrypt_key(&tmp, &EVP_C_DATA(EVP_IDEA_KEY,ctx)->ks); OPENSSL_cleanse((unsigned char *)&tmp, sizeof(IDEA_KEY_SCHEDULE)); } return 1; diff --git a/crypto/idea/i_cbc.c b/crypto/idea/i_cbc.c index e1c5b2d719..5cdcc64a67 100644 --- a/crypto/idea/i_cbc.c +++ b/crypto/idea/i_cbc.c @@ -58,7 +58,7 @@ #include <openssl/idea.h> #include "idea_lcl.h" -void idea_cbc_encrypt(const unsigned char *in, unsigned char *out, +void IDEA_cbc_encrypt(const unsigned char *in, unsigned char *out, long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv, int encrypt) { @@ -78,7 +78,7 @@ void idea_cbc_encrypt(const unsigned char *in, unsigned char *out, tin1 ^= tout1; tin[0] = tin0; tin[1] = tin1; - idea_encrypt(tin, ks); + IDEA_encrypt(tin, ks); tout0 = tin[0]; l2n(tout0, out); tout1 = tin[1]; @@ -90,7 +90,7 @@ void idea_cbc_encrypt(const unsigned char *in, unsigned char *out, tin1 ^= tout1; tin[0] = tin0; tin[1] = tin1; - idea_encrypt(tin, ks); + IDEA_encrypt(tin, ks); tout0 = tin[0]; l2n(tout0, out); tout1 = tin[1]; @@ -107,7 +107,7 @@ void idea_cbc_encrypt(const unsigned char *in, unsigned char *out, tin[0] = tin0; n2l(in, tin1); tin[1] = tin1; - idea_encrypt(tin, ks); + IDEA_encrypt(tin, ks); tout0 = tin[0] ^ xor0; tout1 = tin[1] ^ xor1; l2n(tout0, out); @@ -120,7 +120,7 @@ void idea_cbc_encrypt(const unsigned char *in, unsigned char *out, tin[0] = tin0; n2l(in, tin1); tin[1] = tin1; - idea_encrypt(tin, ks); + IDEA_encrypt(tin, ks); tout0 = tin[0] ^ xor0; tout1 = tin[1] ^ xor1; l2nn(tout0, tout1, out, l + 8); @@ -134,7 +134,7 @@ void idea_cbc_encrypt(const unsigned char *in, unsigned char *out, tin[0] = tin[1] = 0; } -void idea_encrypt(unsigned long *d, IDEA_KEY_SCHEDULE *key) +void IDEA_encrypt(unsigned long *d, IDEA_KEY_SCHEDULE *key) { register IDEA_INT *p; register unsigned long x1, x2, x3, x4, t0, t1, ul; diff --git a/crypto/idea/i_cfb64.c b/crypto/idea/i_cfb64.c index 557cd4d2ac..f6ed632749 100644 --- a/crypto/idea/i_cfb64.c +++ b/crypto/idea/i_cfb64.c @@ -64,7 +64,7 @@ * used is contained in *num; */ -void idea_cfb64_encrypt(const unsigned char *in, unsigned char *out, +void IDEA_cfb64_encrypt(const unsigned char *in, unsigned char *out, long length, IDEA_KEY_SCHEDULE *schedule, unsigned char *ivec, int *num, int encrypt) { @@ -82,7 +82,7 @@ void idea_cfb64_encrypt(const unsigned char *in, unsigned char *out, ti[0] = v0; n2l(iv, v1); ti[1] = v1; - idea_encrypt((unsigned long *)ti, schedule); + IDEA_encrypt((unsigned long *)ti, schedule); iv = (unsigned char *)ivec; t = ti[0]; l2n(t, iv); @@ -102,7 +102,7 @@ void idea_cfb64_encrypt(const unsigned char *in, unsigned char *out, ti[0] = v0; n2l(iv, v1); ti[1] = v1; - idea_encrypt((unsigned long *)ti, schedule); + IDEA_encrypt((unsigned long *)ti, schedule); iv = (unsigned char *)ivec; t = ti[0]; l2n(t, iv); diff --git a/crypto/idea/i_ecb.c b/crypto/idea/i_ecb.c index e7eeb4f937..9ab64b7dca 100644 --- a/crypto/idea/i_ecb.c +++ b/crypto/idea/i_ecb.c @@ -59,12 +59,12 @@ #include "idea_lcl.h" #include <openssl/opensslv.h> -const char *idea_options(void) +const char *IDEA_options(void) { return ("idea(int)"); } -void idea_ecb_encrypt(const unsigned char *in, unsigned char *out, +void IDEA_ecb_encrypt(const unsigned char *in, unsigned char *out, IDEA_KEY_SCHEDULE *ks) { unsigned long l0, l1, d[2]; @@ -73,7 +73,7 @@ void idea_ecb_encrypt(const unsigned char *in, unsigned char *out, d[0] = l0; n2l(in, l1); d[1] = l1; - idea_encrypt(d, ks); + IDEA_encrypt(d, ks); l0 = d[0]; l2n(l0, out); l1 = d[1]; diff --git a/crypto/idea/i_ofb64.c b/crypto/idea/i_ofb64.c index 64f128eff4..174f6354d6 100644 --- a/crypto/idea/i_ofb64.c +++ b/crypto/idea/i_ofb64.c @@ -63,7 +63,7 @@ * The extra state information to record how much of the 64bit block we have * used is contained in *num; */ -void idea_ofb64_encrypt(const unsigned char *in, unsigned char *out, +void IDEA_ofb64_encrypt(const unsigned char *in, unsigned char *out, long length, IDEA_KEY_SCHEDULE *schedule, unsigned char *ivec, int *num) { @@ -86,7 +86,7 @@ void idea_ofb64_encrypt(const unsigned char *in, unsigned char *out, l2n(v1, dp); while (l--) { if (n == 0) { - idea_encrypt((unsigned long *)ti, schedule); + IDEA_encrypt((unsigned long *)ti, schedule); dp = (char *)d; t = ti[0]; l2n(t, dp); diff --git a/crypto/idea/i_skey.c b/crypto/idea/i_skey.c index c30547795f..c86140ffba 100644 --- a/crypto/idea/i_skey.c +++ b/crypto/idea/i_skey.c @@ -59,7 +59,7 @@ #include "idea_lcl.h" static IDEA_INT inverse(unsigned int xin); -void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks) +void IDEA_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks) { int i; register IDEA_INT *kt, *kf, r0, r1, r2; @@ -99,7 +99,7 @@ void idea_set_encrypt_key(const unsigned char *key, IDEA_KEY_SCHEDULE *ks) } } -void idea_set_decrypt_key(IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk) +void IDEA_set_decrypt_key(IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk) { int r; register IDEA_INT *fp, *tp, t; diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c index c16762632c..efa6bcaa67 100644 --- a/crypto/x509/x509_vfy.c +++ b/crypto/x509/x509_vfy.c @@ -284,9 +284,9 @@ static int verify_chain(X509_STORE_CTX *ctx) #ifndef OPENSSL_NO_RFC3779 /* RFC 3779 path validation, now that CRL check has been done */ - if ((ok = v3_asid_validate_path(ctx)) == 0) + if ((ok = X509v3_asid_validate_path(ctx)) == 0) return ok; - if ((ok = v3_addr_validate_path(ctx)) == 0) + if ((ok = X509v3_addr_validate_path(ctx)) == 0) return ok; #endif diff --git a/crypto/x509v3/ext_dat.h b/crypto/x509v3/ext_dat.h index d43b83c1ca..4e213f3884 100644 --- a/crypto/x509v3/ext_dat.h +++ b/crypto/x509v3/ext_dat.h @@ -55,7 +55,8 @@ * Hudson (tjh@cryptsoft.com). * */ -/* This file contains a table of "standard" extensions */ + +int name_cmp(const char *name, const char *cmp); extern const X509V3_EXT_METHOD v3_bcons, v3_nscert, v3_key_usage, v3_ext_ku; extern const X509V3_EXT_METHOD v3_pkey_usage_period, v3_sxnet, v3_info, v3_sinfo; diff --git a/crypto/x509v3/v3_addr.c b/crypto/x509v3/v3_addr.c index 7ffafa5b53..49d0d4d392 100644 --- a/crypto/x509v3/v3_addr.c +++ b/crypto/x509v3/v3_addr.c @@ -130,7 +130,7 @@ static int length_from_afi(const unsigned afi) /* * Extract the AFI from an IPAddressFamily. */ -unsigned int v3_addr_get_afi(const IPAddressFamily *f) +unsigned int X509v3_addr_get_afi(const IPAddressFamily *f) { return ((f != NULL && f->addressFamily != NULL && f->addressFamily->data != NULL) @@ -248,7 +248,7 @@ static int i2r_IPAddrBlocks(const X509V3_EXT_METHOD *method, int i; for (i = 0; i < sk_IPAddressFamily_num(addr); i++) { IPAddressFamily *f = sk_IPAddressFamily_value(addr, i); - const unsigned int afi = v3_addr_get_afi(f); + const unsigned int afi = X509v3_addr_get_afi(f); switch (afi) { case IANA_AFI_IPV4: BIO_printf(out, "%*sIPv4", indent, ""); @@ -573,8 +573,8 @@ static IPAddressFamily *make_IPAddressFamily(IPAddrBlocks *addr, /* * Add an inheritance element. */ -int v3_addr_add_inherit(IPAddrBlocks *addr, - const unsigned afi, const unsigned *safi) +int X509v3_addr_add_inherit(IPAddrBlocks *addr, + const unsigned afi, const unsigned *safi) { IPAddressFamily *f = make_IPAddressFamily(addr, afi, safi); if (f == NULL || @@ -629,10 +629,10 @@ static IPAddressOrRanges *make_prefix_or_range(IPAddrBlocks *addr, /* * Add a prefix. */ -int v3_addr_add_prefix(IPAddrBlocks *addr, - const unsigned afi, - const unsigned *safi, - unsigned char *a, const int prefixlen) +int X509v3_addr_add_prefix(IPAddrBlocks *addr, + const unsigned afi, + const unsigned *safi, + unsigned char *a, const int prefixlen) { IPAddressOrRanges *aors = make_prefix_or_range(addr, afi, safi); IPAddressOrRange *aor; @@ -647,10 +647,10 @@ int v3_addr_add_prefix(IPAddrBlocks *addr, /* * Add a range. */ -int v3_addr_add_range(IPAddrBlocks *addr, - const unsigned afi, - const unsigned *safi, - unsigned char *min, unsigned char *max) +int X509v3_addr_add_range(IPAddrBlocks *addr, + const unsigned afi, + const unsigned *safi, + unsigned char *min, unsigned char *max) { IPAddressOrRanges *aors = make_prefix_or_range(addr, afi, safi); IPAddressOrRange *aor; @@ -687,10 +687,10 @@ static int extract_min_max(IPAddressOrRange *aor, /* * Public wrapper for extract_min_max(). */ -int v3_addr_get_range(IPAddressOrRange *aor, - const unsigned afi, - unsigned char *min, - unsigned char *max, const int length) +int X509v3_addr_get_range(IPAddressOrRange *aor, + const unsigned afi, + unsigned char *min, + unsigned char *max, const int length) { int afi_length = length_from_afi(afi); if (aor == NULL || min == NULL || max == NULL || @@ -726,7 +726,7 @@ static int IPAddressFamily_cmp(const IPAddressFamily *const *a_, /* * Check whether an IPAddrBLocks is in canonical form. */ -int v3_addr_is_canonical(IPAddrBlocks *addr) +int X509v3_addr_is_canonical(IPAddrBlocks *addr) { unsigned char a_min[ADDR_RAW_BUF_LEN], a_max[ADDR_RAW_BUF_LEN]; unsigned char b_min[ADDR_RAW_BUF_LEN], b_max[ADDR_RAW_BUF_LEN]; @@ -754,7 +754,7 @@ int v3_addr_is_canonical(IPAddrBlocks *addr) */ for (i = 0; i < sk_IPAddressFamily_num(addr); i++) { IPAddressFamily *f = sk_IPAddressFamily_value(addr, i); - int length = length_from_afi(v3_addr_get_afi(f)); + int length = length_from_afi(X509v3_addr_get_afi(f)); /* * Inheritance is canonical. Anything other than inheritance or @@ -909,7 +909,7 @@ static int IPAddressOrRanges_canonize(IPAddressOrRanges *aors, /* * Whack an IPAddrBlocks extension into canonical form. */ -int v3_addr_canonize(IPAddrBlocks *addr) +int X509v3_addr_canonize(IPAddrBlocks *addr) { int i; for (i = 0; i < sk_IPAddressFamily_num(addr); i++) { @@ -917,12 +917,12 @@ int v3_addr_canonize(IPAddrBlocks *addr) if (f->ipAddressChoice->type == IPAddressChoice_addressesOrRanges && !IPAddressOrRanges_canonize(f->ipAddressChoice-> u.addressesOrRanges, - v3_addr_get_afi(f))) + X509v3_addr_get_afi(f))) return 0; } (void)sk_IPAddressFamily_set_cmp_func(addr, IPAddressFamily_cmp); sk_IPAddressFamily_sort(addr); - OPENSSL_assert(v3_addr_is_canonical(addr)); + OPENSSL_assert(X509v3_addr_is_canonical(addr)); return 1; } @@ -1006,7 +1006,7 @@ static void *v2i_IPAddrBlocks(const struct v3_ext_method *method, * optimize this (seldom-used) case. */ if (strcmp(s, "inherit") == 0) { - if (!v3_addr_add_inherit(addr, afi, safi)) { + if (!X509v3_addr_add_inherit(addr, afi, safi)) { X509V3err(X509V3_F_V2I_IPADDRBLOCKS, X509V3_R_INVALID_INHERITANCE); X509V3_conf_err(val); @@ -1037,7 +1037,7 @@ static void *v2i_IPAddrBlocks(const struct v3_ext_method *method, X509V3_conf_err(val); goto err; } - if (!v3_addr_add_prefix(addr, afi, safi, min, prefixlen)) { + if (!X509v3_addr_add_prefix(addr, afi, safi, min, prefixlen)) { X509V3err(X509V3_F_V2I_IPADDRBLOCKS, ERR_R_MALLOC_FAILURE); goto err; } @@ -1063,13 +1063,13 @@ static void *v2i_IPAddrBlocks(const struct v3_ext_method *method, X509V3_conf_err(val); goto err; } - if (!v3_addr_add_range(addr, afi, safi, min, max)) { + if (!X509v3_addr_add_range(addr, afi, safi, min, max)) { X509V3err(X509V3_F_V2I_IPADDRBLOCKS, ERR_R_MALLOC_FAILURE); goto err; } break; case '\0': - if (!v3_addr_add_prefix(addr, afi, safi, min, length * 8)) { + if (!X509v3_addr_add_prefix(addr, afi, safi, min, length * 8)) { X509V3err(X509V3_F_V2I_IPADDRBLOCKS, ERR_R_MALLOC_FAILURE); goto err; } @@ -1088,7 +1088,7 @@ static void *v2i_IPAddrBlocks(const struct v3_ext_method *method, /* * Canonize the result, then we're done. */ - if (!v3_addr_canonize(addr)) + if (!X509v3_addr_canonize(addr)) goto err; return addr; @@ -1118,7 +1118,7 @@ const X509V3_EXT_METHOD v3_addr = { /* * Figure out whether extension sues inheritance. */ -int v3_addr_inherits(IPAddrBlocks *addr) +int X509v3_addr_inherits(IPAddrBlocks *addr) { int i; if (addr == NULL) @@ -1171,12 +1171,12 @@ static int addr_contains(IPAddressOrRanges *parent, /* * Test whether a is a subset of b. */ -int v3_addr_subset(IPAddrBlocks *a, IPAddrBlocks *b) +int X509v3_addr_subset(IPAddrBlocks *a, IPAddrBlocks *b) { int i; if (a == NULL || a == b) return 1; - if (b == NULL || v3_addr_inherits(a) || v3_addr_inherits(b)) + if (b == NULL || X509v3_addr_inherits(a) || X509v3_addr_inherits(b)) return 0; (void)sk_IPAddressFamily_set_cmp_func(b, IPAddressFamily_cmp); for (i = 0; i < sk_IPAddressFamily_num(a); i++) { @@ -1188,7 +1188,7 @@ int v3_addr_subset(IPAddrBlocks *a, IPAddrBlocks *b) return 0; if (!addr_contains(fb->ipAddressChoice->u.addressesOrRanges, fa->ipAddressChoice->u.addressesOrRanges, - length_from_afi(v3_addr_get_afi(fb)))) + length_from_afi(X509v3_addr_get_afi(fb)))) return 0; } return 1; @@ -1214,9 +1214,9 @@ int v3_addr_subset(IPAddrBlocks *a, IPAddrBlocks *b) /* * Core code for RFC 3779 2.3 path validation. */ -static int v3_addr_validate_path_internal(X509_STORE_CTX *ctx, - STACK_OF(X509) *chain, - IPAddrBlocks *ext) +static int addr_validate_path_internal(X509_STORE_CTX *ctx, + STACK_OF(X509) *chain, + IPAddrBlocks *ext) { IPAddrBlocks *child = NULL; int i, j, ret = 1; @@ -1241,11 +1241,11 @@ static int v3_addr_validate_path_internal(X509_STORE_CTX *ctx, if ((ext = x->rfc3779_addr) == NULL) goto done; } - if (!v3_addr_is_canonical(ext)) + if (!X509v3_addr_is_canonical(ext)) validation_err(X509_V_ERR_INVALID_EXTENSION); (void)sk_IPAddressFamily_set_cmp_func(ext, IPAddressFamily_cmp); if ((child = sk_IPAddressFamily_dup(ext)) == NULL) { - X509V3err(X509V3_F_V3_ADDR_VALIDATE_PATH_INTERNAL, + X509V3err(X509V3_F_ADDR_VALIDATE_PATH_INTERNAL, ERR_R_MALLOC_FAILURE); ret = 0; goto done; @@ -1258,7 +1258,7 @@ static int v3_addr_validate_path_internal(X509_STORE_CTX *ctx, for (i++; i < sk_X509_num(chain); i++) { x = sk_X509_value(chain, i); OPENSSL_assert(x != NULL); - if (!v3_addr_is_canonical(x->rfc3779_addr)) + if (!X509v3_addr_is_canonical(x->rfc3779_addr)) validation_err(X509_V_ERR_INVALID_EXTENSION); if (x->rfc3779_addr == NULL) { for (j = 0; j < sk_IPAddressFamily_num(child); j++) { @@ -1290,7 +1290,7 @@ static int v3_addr_validate_path_internal(X509_STORE_CTX *ctx, if (fc->ipAddressChoice->type == IPAddressChoice_inherit || addr_contains(fp->ipAddressChoice->u.addressesOrRanges, fc->ipAddressChoice->u.addressesOrRanges, - length_from_afi(v3_addr_get_afi(fc)))) + length_from_afi(X509v3_addr_get_afi(fc)))) sk_IPAddressFamily_set(child, j, fp); else validation_err(X509_V_ERR_UNNESTED_RESOURCE); @@ -1322,25 +1322,25 @@ static int v3_addr_validate_path_internal(X509_STORE_CTX *ctx, /* * RFC 3779 2.3 path validation -- called from X509_verify_cert(). */ -int v3_addr_validate_path(X509_STORE_CTX *ctx) +int X509v3_addr_validate_path(X509_STORE_CTX *ctx) { - return v3_addr_validate_path_internal(ctx, ctx->chain, NULL); + return addr_validate_path_internal(ctx, ctx->chain, NULL); } /* * RFC 3779 2.3 path validation of an extension. * Test whether chain covers extension. */ -int v3_addr_validate_resource_set(STACK_OF(X509) *chain, +int X509v3_addr_validate_resource_set(STACK_OF(X509) *chain, IPAddrBlocks *ext, int allow_inheritance) { if (ext == NULL) return 1; if (chain == NULL || sk_X509_num(chain) == 0) return 0; - if (!allow_inheritance && v3_addr_inherits(ext)) + if (!allow_inheritance && X509v3_addr_inherits(ext)) return 0; - return v3_addr_validate_path_internal(NULL, chain, ext); + return addr_validate_path_internal(NULL, chain, ext); } #endif /* OPENSSL_NO_RFC3779 */ diff --git a/crypto/x509v3/v3_asid.c b/crypto/x509v3/v3_asid.c index 78673ce6b8..73cbbd1b93 100644 --- a/crypto/x509v3/v3_asid.c +++ b/crypto/x509v3/v3_asid.c @@ -197,7 +197,7 @@ static int ASIdOrRange_cmp(const ASIdOrRange *const *a_, /* * Add an inherit element. */ -int v3_asid_add_inherit(ASIdentifiers *asid, int which) +int X509v3_asid_add_inherit(ASIdentifiers *asid, int which) { ASIdentifierChoice **choice; if (asid == NULL) @@ -226,8 +226,8 @@ int v3_asid_add_inherit(ASIdentifiers *asid, int which) /* * Add an ID or range to an ASIdentifierChoice. */ -int v3_asid_add_id_or_range(ASIdentifiers *asid, - int which, ASN1_INTEGER *min, ASN1_INTEGER *max) +int X509v3_asid_add_id_or_range(ASIdentifiers *asid, + int which, ASN1_INTEGER *min, ASN1_INTEGER *max) { ASIdentifierChoice **choice; ASIdOrRange *aor; @@ -383,7 +383,7 @@ static int ASIdentifierChoice_is_canonical(ASIdentifierChoice *choice) /* * Check whether an ASIdentifier extension is in canonical form. */ -int v3_asid_is_canonical(ASIdentifiers *asid) +int X509v3_asid_is_canonical(ASIdentifiers *asid) { return (asid == NULL || (ASIdentifierChoice_is_canonical(asid->asnum) && @@ -531,7 +531,7 @@ static int ASIdentifierChoice_canonize(ASIdentifierChoice *choice) /* * Whack an ASIdentifier extension into canonical form. */ -int v3_asid_canonize(ASIdentifiers *asid) +int X509v3_asid_canonize(ASIdentifiers *asid) { return (asid == NULL || (ASIdentifierChoice_canonize(asid->asnum) && @@ -576,7 +576,7 @@ static void *v2i_ASIdentifiers(const struct v3_ext_method *method, * Handle inheritance. */ if (strcmp(val->value, "inherit") == 0) { - if (v3_asid_add_inherit(asid, which)) + if (X509v3_asid_add_inherit(asid, which)) continue; X509V3err(X509V3_F_V2I_ASIDENTIFIERS, X509V3_R_INVALID_INHERITANCE); @@ -638,7 +638,7 @@ static void *v2i_ASIdentifiers(const struct v3_ext_method *method, goto err; } } - if (!v3_asid_add_id_or_range(asid, which, min, max)) { + if (!X509v3_asid_add_id_or_range(asid, which, min, max)) { X509V3err(X509V3_F_V2I_ASIDENTIFIERS, ERR_R_MALLOC_FAILURE); goto err; } @@ -648,7 +648,7 @@ static void *v2i_ASIdentifiers(const struct v3_ext_method *method, /* * Canonize the result, then we're done. */ - if (!v3_asid_canonize(asid)) + if (!X509v3_asid_canonize(asid)) goto err; return asid; @@ -679,7 +679,7 @@ const X509V3_EXT_METHOD v3_asid = { /* * Figure out whether extension uses inheritance. */ -int v3_asid_inherits(ASIdentifiers *asid) +int X509v3_asid_inherits(ASIdentifiers *asid) { return (asid != NULL && ((asid->asnum != NULL && @@ -722,13 +722,13 @@ static int asid_contains(ASIdOrRanges *parent, ASIdOrRanges *child) /* * Test whether a is a subset of b. */ -int v3_asid_subset(ASIdentifiers *a, ASIdentifiers *b) +int X509v3_asid_subset(ASIdentifiers *a, ASIdentifiers *b) { return (a == NULL || a == b || (b != NULL && - !v3_asid_inherits(a) && - !v3_asid_inherits(b) && + !X509v3_asid_inherits(a) && + !X509v3_asid_inherits(b) && asid_contains(b->asnum->u.asIdsOrRanges, a->asnum->u.asIdsOrRanges) && asid_contains(b->rdi->u.asIdsOrRanges, @@ -755,9 +755,9 @@ int v3_asid_subset(ASIdentifiers *a, ASIdentifiers *b) /* * Core code for RFC 3779 3.3 path validation. */ -static int v3_asid_validate_path_internal(X509_STORE_CTX *ctx, - STACK_OF(X509) *chain, - ASIdentifiers *ext) +static int asid_validate_path_internal(X509_STORE_CTX *ctx, + STACK_OF(X509) *chain, + ASIdentifiers *ext) { ASIdOrRanges *child_as = NULL, *child_rdi = NULL; int i, ret = 1, inherit_as = 0, inherit_rdi = 0; @@ -782,7 +782,7 @@ static int v3_asid_validate_path_internal(X509_STORE_CTX *ctx, if ((ext = x->rfc3779_asid) == NULL) goto done; } - if (!v3_asid_is_canonical(ext)) + if (!X509v3_asid_is_canonical(ext)) validation_err(X509_V_ERR_INVALID_EXTENSION); if (ext->asnum != NULL) { switch (ext->asnum->type) { @@ -817,7 +817,7 @@ static int v3_asid_validate_path_internal(X509_STORE_CTX *ctx, validation_err(X509_V_ERR_UNNESTED_RESOURCE); continue; } - if (!v3_asid_is_canonical(x->rfc3779_asid)) |