diff options
author | Pauli <paul.dale@oracle.com> | 2020-09-30 14:20:14 +1000 |
---|---|---|
committer | Pauli <paul.dale@oracle.com> | 2020-10-07 09:04:51 +1000 |
commit | 23b2fc0b501d6635dd821014aec8ff16689cbb6a (patch) | |
tree | 43e80f2bc60edcddd02ccd2316ca8d218051dca4 /crypto/rsa | |
parent | a21db568bf3d0ab4194fd3e0917ee982f1fc8bfd (diff) |
rsa: add ossl_ prefix to internal rsa_ calls.
The functions being:
rsa_check_crt_components, rsa_check_key, rsa_check_pminusq_diff,
rsa_check_prime_factor, rsa_check_prime_factor_range,
rsa_check_private_exponent, rsa_check_public_exponent,
rsa_digestinfo_encoding, rsa_fips186_4_gen_prob_primes, rsa_fromdata,
rsa_get0_all_params, rsa_get0_libctx, rsa_get0_pss_params_30,
rsa_get_lcm, rsa_mgf_nid2name, rsa_mp_coeff_names, rsa_mp_exp_names,
rsa_mp_factor_names, rsa_new_with_ctx, rsa_oaeppss_md2nid,
rsa_oaeppss_nid2name, rsa_padding_add_PKCS1_OAEP_mgf1_with_libctx,
rsa_padding_add_PKCS1_type_2_with_libctx,
rsa_padding_add_SSLv23_with_libctx, rsa_padding_check_PKCS1_type_2_TLS,
rsa_pkey_method, rsa_pss_params_30_copy, rsa_pss_params_30_fromdata,
rsa_pss_params_30_hashalg, rsa_pss_params_30_is_unrestricted,
rsa_pss_params_30_maskgenalg, rsa_pss_params_30_maskgenhashalg,
rsa_pss_params_30_saltlen, rsa_pss_params_30_set_defaults,
rsa_pss_params_30_set_hashalg, rsa_pss_params_30_set_maskgenalg,
rsa_pss_params_30_set_maskgenhashalg, rsa_pss_params_30_set_saltlen,
rsa_pss_params_30_set_trailerfield, rsa_pss_params_30_todata,
rsa_pss_params_30_trailerfield, rsa_pss_pkey_method, rsa_set0_all_params,
rsa_sp800_56b_check_keypair, rsa_sp800_56b_check_private,
rsa_sp800_56b_check_public, rsa_sp800_56b_derive_params_from_pq,
rsa_sp800_56b_generate_key, rsa_sp800_56b_pairwise_test,
rsa_sp800_56b_validate_strength, rsa_todata, rsa_validate_pairwise,
rsa_validate_private and rsa_validate_public.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13040)
Diffstat (limited to 'crypto/rsa')
-rw-r--r-- | crypto/rsa/rsa_ameth.c | 47 | ||||
-rw-r--r-- | crypto/rsa/rsa_backend.c | 70 | ||||
-rw-r--r-- | crypto/rsa/rsa_chk.c | 18 | ||||
-rw-r--r-- | crypto/rsa/rsa_gen.c | 4 | ||||
-rw-r--r-- | crypto/rsa/rsa_lib.c | 18 | ||||
-rw-r--r-- | crypto/rsa/rsa_local.h | 65 | ||||
-rw-r--r-- | crypto/rsa/rsa_mp_names.c | 6 | ||||
-rw-r--r-- | crypto/rsa/rsa_oaep.c | 19 | ||||
-rw-r--r-- | crypto/rsa/rsa_ossl.c | 10 | ||||
-rw-r--r-- | crypto/rsa/rsa_pk1.c | 19 | ||||
-rw-r--r-- | crypto/rsa/rsa_pmeth.c | 4 | ||||
-rw-r--r-- | crypto/rsa/rsa_pss.c | 38 | ||||
-rw-r--r-- | crypto/rsa/rsa_schemes.c | 6 | ||||
-rw-r--r-- | crypto/rsa/rsa_sign.c | 4 | ||||
-rw-r--r-- | crypto/rsa/rsa_sp800_56b_check.c | 73 | ||||
-rw-r--r-- | crypto/rsa/rsa_sp800_56b_gen.c | 45 | ||||
-rw-r--r-- | crypto/rsa/rsa_ssl.c | 7 |
17 files changed, 232 insertions, 221 deletions
diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c index aab237aecd..6105b7849a 100644 --- a/crypto/rsa/rsa_ameth.c +++ b/crypto/rsa/rsa_ameth.c @@ -777,7 +777,7 @@ static int rsa_pss_get_param_unverified(const RSA_PSS_PARAMS *pss, RSA_PSS_PARAMS_30 pss_params; /* Get the defaults from the ONE place */ - (void)rsa_pss_params_30_set_defaults(&pss_params); + (void)ossl_rsa_pss_params_30_set_defaults(&pss_params); if (pss == NULL) return 0; @@ -790,11 +790,11 @@ static int rsa_pss_get_param_unverified(const RSA_PSS_PARAMS *pss, if (pss->saltLength) *psaltlen = ASN1_INTEGER_get(pss->saltLength); else - *psaltlen = rsa_pss_params_30_saltlen(&pss_params); + *psaltlen = ossl_rsa_pss_params_30_saltlen(&pss_params); if (pss->trailerField) *ptrailerField = ASN1_INTEGER_get(pss->trailerField); else - *ptrailerField = rsa_pss_params_30_trailerfield(&pss_params);; + *ptrailerField = ossl_rsa_pss_params_30_trailerfield(&pss_params);; return 1; } @@ -838,11 +838,13 @@ static int rsa_sync_to_pss_params_30(RSA *rsa) return 0; md_nid = EVP_MD_type(md); mgf1md_nid = EVP_MD_type(mgf1md); - if (!rsa_pss_params_30_set_defaults(&pss_params) - || !rsa_pss_params_30_set_hashalg(&pss_params, md_nid) - || !rsa_pss_params_30_set_maskgenhashalg(&pss_params, mgf1md_nid) - || !rsa_pss_params_30_set_saltlen(&pss_params, saltlen) - || !rsa_pss_params_30_set_trailerfield(&pss_params, trailerField)) + if (!ossl_rsa_pss_params_30_set_defaults(&pss_params) + || !ossl_rsa_pss_params_30_set_hashalg(&pss_params, md_nid) + || !ossl_rsa_pss_params_30_set_maskgenhashalg(&pss_params, + mgf1md_nid) + || !ossl_rsa_pss_params_30_set_saltlen(&pss_params, saltlen) + || !ossl_rsa_pss_params_30_set_trailerfield(&pss_params, + trailerField)) return 0; rsa->pss_params = pss_params; } @@ -1214,7 +1216,7 @@ static int rsa_int_export_to(const EVP_PKEY *from, int rsa_type, if (RSA_get0_n(rsa) == NULL || RSA_get0_e(rsa) == NULL) goto err; - if (!rsa_todata(rsa, tmpl, NULL)) + if (!ossl_rsa_todata(rsa, tmpl, NULL)) goto err; selection |= OSSL_KEYMGMT_SELECT_PUBLIC_KEY; @@ -1231,11 +1233,12 @@ static int rsa_int_export_to(const EVP_PKEY *from, int rsa_type, goto err; md_nid = EVP_MD_type(md); mgf1md_nid = EVP_MD_type(mgf1md); - if (!rsa_pss_params_30_set_defaults(&pss_params) - || !rsa_pss_params_30_set_hashalg(&pss_params, md_nid) - || !rsa_pss_params_30_set_maskgenhashalg(&pss_params, mgf1md_nid) - || !rsa_pss_params_30_set_saltlen(&pss_params, saltlen) - || !rsa_pss_params_30_todata(&pss_params, tmpl, NULL)) + if (!ossl_rsa_pss_params_30_set_defaults(&pss_params) + || !ossl_rsa_pss_params_30_set_hashalg(&pss_params, md_nid) + || !ossl_rsa_pss_params_30_set_maskgenhashalg(&pss_params, + mgf1md_nid) + || !ossl_rsa_pss_params_30_set_saltlen(&pss_params, saltlen) + || !ossl_rsa_pss_params_30_todata(&pss_params, tmpl, NULL)) goto err; selection |= OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS; } @@ -1257,7 +1260,7 @@ static int rsa_int_import_from(const OSSL_PARAM params[], void *vpctx, { EVP_PKEY_CTX *pctx = vpctx; EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(pctx); - RSA *rsa = rsa_new_with_ctx(pctx->libctx); + RSA *rsa = ossl_rsa_new_with_ctx(pctx->libctx); RSA_PSS_PARAMS_30 rsa_pss_params = { 0, }; int ok = 0; @@ -1269,7 +1272,7 @@ static int rsa_int_import_from(const OSSL_PARAM params[], void *vpctx, RSA_clear_flags(rsa, RSA_FLAG_TYPE_MASK); RSA_set_flags(rsa, rsa_type); - if (!rsa_pss_params_30_fromdata(&rsa_pss_params, params, pctx->libctx)) + if (!ossl_rsa_pss_params_30_fromdata(&rsa_pss_params, params, pctx->libctx)) goto err; switch (rsa_type) { @@ -1278,7 +1281,7 @@ static int rsa_int_import_from(const OSSL_PARAM params[], void *vpctx, * Were PSS parameters filled in? * In that case, something's wrong */ - if (!rsa_pss_params_30_is_unrestricted(&rsa_pss_params)) + if (!ossl_rsa_pss_params_30_is_unrestricted(&rsa_pss_params)) goto err; break; case RSA_FLAG_TYPE_RSASSAPSS: @@ -1286,11 +1289,11 @@ static int rsa_int_import_from(const OSSL_PARAM params[], void *vpctx, * Were PSS parameters filled in? In that case, create the old * RSA_PSS_PARAMS structure. Otherwise, this is an unrestricted key. */ - if (!rsa_pss_params_30_is_unrestricted(&rsa_pss_params)) { + if (!ossl_rsa_pss_params_30_is_unrestricted(&rsa_pss_params)) { /* Create the older RSA_PSS_PARAMS from RSA_PSS_PARAMS_30 data */ - int mdnid = rsa_pss_params_30_hashalg(&rsa_pss_params); - int mgf1mdnid = rsa_pss_params_30_maskgenhashalg(&rsa_pss_params); - int saltlen = rsa_pss_params_30_saltlen(&rsa_pss_params); + int mdnid = ossl_rsa_pss_params_30_hashalg(&rsa_pss_params); + int mgf1mdnid = ossl_rsa_pss_params_30_maskgenhashalg(&rsa_pss_params); + int saltlen = ossl_rsa_pss_params_30_saltlen(&rsa_pss_params); const EVP_MD *md = EVP_get_digestbynid(mdnid); const EVP_MD *mgf1md = EVP_get_digestbynid(mgf1mdnid); @@ -1303,7 +1306,7 @@ static int rsa_int_import_from(const OSSL_PARAM params[], void *vpctx, goto err; } - if (!rsa_fromdata(rsa, params)) + if (!ossl_rsa_fromdata(rsa, params)) goto err; switch (rsa_type) { diff --git a/crypto/rsa/rsa_backend.c b/crypto/rsa/rsa_backend.c index fae09d7067..9279e71857 100644 --- a/crypto/rsa/rsa_backend.c +++ b/crypto/rsa/rsa_backend.c @@ -48,7 +48,7 @@ static int collect_numbers(STACK_OF(BIGNUM) *numbers, return 1; } -int rsa_fromdata(RSA *rsa, const OSSL_PARAM params[]) +int ossl_rsa_fromdata(RSA *rsa, const OSSL_PARAM params[]) { const OSSL_PARAM *param_n, *param_e, *param_d; BIGNUM *n = NULL, *e = NULL, *d = NULL; @@ -75,16 +75,16 @@ int rsa_fromdata(RSA *rsa, const OSSL_PARAM params[]) if (is_private) { if (!collect_numbers(factors = sk_BIGNUM_new_null(), params, - rsa_mp_factor_names) + ossl_rsa_mp_factor_names) || !collect_numbers(exps = sk_BIGNUM_new_null(), params, - rsa_mp_exp_names) + ossl_rsa_mp_exp_names) || !collect_numbers(coeffs = sk_BIGNUM_new_null(), params, - rsa_mp_coeff_names)) + ossl_rsa_mp_coeff_names)) goto err; /* It's ok if this private key just has n, e and d */ if (sk_BIGNUM_num(factors) != 0 - && !rsa_set0_all_params(rsa, factors, exps, coeffs)) + && !ossl_rsa_set0_all_params(rsa, factors, exps, coeffs)) goto err; } @@ -106,7 +106,7 @@ int rsa_fromdata(RSA *rsa, const OSSL_PARAM params[]) DEFINE_SPECIAL_STACK_OF_CONST(BIGNUM_const, BIGNUM) -int rsa_todata(RSA *rsa, OSSL_PARAM_BLD *bld, OSSL_PARAM params[]) +int ossl_rsa_todata(RSA *rsa, OSSL_PARAM_BLD *bld, OSSL_PARAM params[]) { int ret = 0; const BIGNUM *rsa_d = NULL, *rsa_n = NULL, *rsa_e = NULL; @@ -118,7 +118,7 @@ int rsa_todata(RSA *rsa, OSSL_PARAM_BLD *bld, OSSL_PARAM params[]) goto err; RSA_get0_key(rsa, &rsa_n, &rsa_e, &rsa_d); - rsa_get0_all_params(rsa, factors, exps, coeffs); + ossl_rsa_get0_all_params(rsa, factors, exps, coeffs); if (!ossl_param_build_set_bn(bld, params, OSSL_PKEY_PARAM_RSA_N, rsa_n) || !ossl_param_build_set_bn(bld, params, OSSL_PKEY_PARAM_RSA_E, rsa_e)) @@ -142,11 +142,13 @@ int rsa_todata(RSA *rsa, OSSL_PARAM_BLD *bld, OSSL_PARAM params[]) if (!ossl_param_build_set_bn(bld, params, OSSL_PKEY_PARAM_RSA_D, rsa_d) || !ossl_param_build_set_multi_key_bn(bld, params, - rsa_mp_factor_names, factors) + ossl_rsa_mp_factor_names, + factors) || !ossl_param_build_set_multi_key_bn(bld, params, - rsa_mp_exp_names, exps) + ossl_rsa_mp_exp_names, exps) || !ossl_param_build_set_multi_key_bn(bld, params, - rsa_mp_coeff_names, coeffs)) + ossl_rsa_mp_coeff_names, + coeffs)) goto err; } @@ -163,26 +165,27 @@ int rsa_todata(RSA *rsa, OSSL_PARAM_BLD *bld, OSSL_PARAM params[]) return ret; } -int rsa_pss_params_30_todata(const RSA_PSS_PARAMS_30 *pss, - OSSL_PARAM_BLD *bld, OSSL_PARAM params[]) +int ossl_rsa_pss_params_30_todata(const RSA_PSS_PARAMS_30 *pss, + OSSL_PARAM_BLD *bld, OSSL_PARAM params[]) { - if (!rsa_pss_params_30_is_unrestricted(pss)) { - int hashalg_nid = rsa_pss_params_30_hashalg(pss); - int maskgenalg_nid = rsa_pss_params_30_maskgenalg(pss); - int maskgenhashalg_nid = rsa_pss_params_30_maskgenhashalg(pss); - int saltlen = rsa_pss_params_30_saltlen(pss); - int default_hashalg_nid = rsa_pss_params_30_hashalg(NULL); - int default_maskgenalg_nid = rsa_pss_params_30_maskgenalg(NULL); - int default_maskgenhashalg_nid = rsa_pss_params_30_maskgenhashalg(NULL); + if (!ossl_rsa_pss_params_30_is_unrestricted(pss)) { + int hashalg_nid = ossl_rsa_pss_params_30_hashalg(pss); + int maskgenalg_nid = ossl_rsa_pss_params_30_maskgenalg(pss); + int maskgenhashalg_nid = ossl_rsa_pss_params_30_maskgenhashalg(pss); + int saltlen = ossl_rsa_pss_params_30_saltlen(pss); + int default_hashalg_nid = ossl_rsa_pss_params_30_hashalg(NULL); + int default_maskgenalg_nid = ossl_rsa_pss_params_30_maskgenalg(NULL); + int default_maskgenhashalg_nid = + ossl_rsa_pss_params_30_maskgenhashalg(NULL); const char *mdname = (hashalg_nid == default_hashalg_nid - ? NULL : rsa_oaeppss_nid2name(hashalg_nid)); + ? NULL : ossl_rsa_oaeppss_nid2name(hashalg_nid)); const char *mgfname = (maskgenalg_nid == default_maskgenalg_nid - ? NULL : rsa_oaeppss_nid2name(maskgenalg_nid)); + ? NULL : ossl_rsa_oaeppss_nid2name(maskgenalg_nid)); const char *mgf1mdname = (maskgenhashalg_nid == default_maskgenhashalg_nid - ? NULL : rsa_oaeppss_nid2name(maskgenhashalg_nid)); + ? NULL : ossl_rsa_oaeppss_nid2name(maskgenhashalg_nid)); const char *key_md = OSSL_PKEY_PARAM_RSA_DIGEST; const char *key_mgf = OSSL_PKEY_PARAM_RSA_MASKGENFUNC; const char *key_mgf1_md = OSSL_PKEY_PARAM_RSA_MGF1_DIGEST; @@ -207,8 +210,9 @@ int rsa_pss_params_30_todata(const RSA_PSS_PARAMS_30 *pss, return 1; } -int rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params, - const OSSL_PARAM params[], OPENSSL_CTX *libctx) +int ossl_rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params, + const OSSL_PARAM params[], + OPENSSL_CTX *libctx) { const OSSL_PARAM *param_md, *param_mgf, *param_mgf1md, *param_saltlen; const OSSL_PARAM *param_propq; @@ -241,11 +245,11 @@ int rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params, */ if (param_md != NULL || param_mgf != NULL || param_mgf1md != NULL || param_saltlen != NULL) - if (!rsa_pss_params_30_set_defaults(pss_params)) + if (!ossl_rsa_pss_params_30_set_defaults(pss_params)) return 0; if (param_mgf != NULL) { - int default_maskgenalg_nid = rsa_pss_params_30_maskgenalg(NULL); + int default_maskgenalg_nid = ossl_rsa_pss_params_30_maskgenalg(NULL); const char *mgfname = NULL; if (param_mgf->data_type == OSSL_PARAM_UTF8_STRING) @@ -255,7 +259,7 @@ int rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params, /* TODO Revisit this if / when a new MGF algorithm appears */ if (strcasecmp(param_mgf->data, - rsa_mgf_nid2name(default_maskgenalg_nid)) != 0) + ossl_rsa_mgf_nid2name(default_maskgenalg_nid)) != 0) return 0; } @@ -273,8 +277,8 @@ int rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params, goto err; if ((md = EVP_MD_fetch(libctx, mdname, propq)) == NULL - || !rsa_pss_params_30_set_hashalg(pss_params, - rsa_oaeppss_md2nid(md))) + || !ossl_rsa_pss_params_30_set_hashalg(pss_params, + ossl_rsa_oaeppss_md2nid(md))) goto err; } @@ -287,14 +291,14 @@ int rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params, goto err; if ((mgf1md = EVP_MD_fetch(libctx, mgf1mdname, propq)) == NULL - || !rsa_pss_params_30_set_maskgenhashalg(pss_params, - rsa_oaeppss_md2nid(mgf1md))) + || !ossl_rsa_pss_params_30_set_maskgenhashalg( + pss_params, ossl_rsa_oaeppss_md2nid(mgf1md))) goto err; } if (param_saltlen != NULL) { if (!OSSL_PARAM_get_int(param_saltlen, &saltlen) - || !rsa_pss_params_30_set_saltlen(pss_params, saltlen)) + || !ossl_rsa_pss_params_30_set_saltlen(pss_params, saltlen)) goto err; } diff --git a/crypto/rsa/rsa_chk.c b/crypto/rsa/rsa_chk.c index 0bbb6dac03..5a0ef7679b 100644 --- a/crypto/rsa/rsa_chk.c +++ b/crypto/rsa/rsa_chk.c @@ -230,20 +230,20 @@ static int rsa_validate_keypair_multiprime(const RSA *key, BN_GENCB *cb) } #endif /* FIPS_MODULE */ -int rsa_validate_public(const RSA *key) +int ossl_rsa_validate_public(const RSA *key) { - return rsa_sp800_56b_check_public(key); + return ossl_rsa_sp800_56b_check_public(key); } -int rsa_validate_private(const RSA *key) +int ossl_rsa_validate_private(const RSA *key) { - return rsa_sp800_56b_check_private(key); + return ossl_rsa_sp800_56b_check_private(key); } -int rsa_validate_pairwise(const RSA *key) +int ossl_rsa_validate_pairwise(const RSA *key) { #ifdef FIPS_MODULE - return rsa_sp800_56b_check_keypair(key, NULL, -1, RSA_bits(key)); + return ossl_rsa_sp800_56b_check_keypair(key, NULL, -1, RSA_bits(key)); #else return rsa_validate_keypair_multiprime(key, NULL); #endif @@ -257,9 +257,9 @@ int RSA_check_key(const RSA *key) int RSA_check_key_ex(const RSA *key, BN_GENCB *cb) { #ifdef FIPS_MODULE - return rsa_validate_public(key) - && rsa_validate_private(key) - && rsa_validate_pairwise(key); + return ossl_rsa_validate_public(key) + && ossl_rsa_validate_private(key) + && ossl_rsa_validate_pairwise(key); #else return rsa_validate_keypair_multiprime(key, cb); #endif /* FIPS_MODULE */ diff --git a/crypto/rsa/rsa_gen.c b/crypto/rsa/rsa_gen.c index dc4ec0a8d3..58c7806ffd 100644 --- a/crypto/rsa/rsa_gen.c +++ b/crypto/rsa/rsa_gen.c @@ -92,7 +92,7 @@ static int rsa_multiprime_keygen(RSA *rsa, int bits, int primes, } /* A bad value for e can cause infinite loops */ - if (e_value != NULL && !rsa_check_public_exponent(e_value)) { + if (e_value != NULL && !ossl_rsa_check_public_exponent(e_value)) { RSAerr(0, RSA_R_PUB_EXPONENT_OUT_OF_RANGE); return 0; } @@ -429,7 +429,7 @@ static int rsa_keygen(OPENSSL_CTX *libctx, RSA *rsa, int bits, int primes, * the older rsa_multiprime_keygen(). */ if (primes == 2 && bits >= 2048) - ok = rsa_sp800_56b_generate_key(rsa, bits, e_value, cb); + ok = ossl_rsa_sp800_56b_generate_key(rsa, bits, e_value, cb); #ifndef FIPS_MODULE else ok = rsa_multiprime_keygen(rsa, bits, primes, e_value, cb); diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c index 475fca0f89..a73df12dc6 100644 --- a/crypto/rsa/rsa_lib.c +++ b/crypto/rsa/rsa_lib.c @@ -66,7 +66,7 @@ RSA *RSA_new_method(ENGINE *engine) } #endif -RSA *rsa_new_with_ctx(OPENSSL_CTX *libctx) +RSA *ossl_rsa_new_with_ctx(OPENSSL_CTX *libctx) { return rsa_new_intern(NULL, libctx); } @@ -189,7 +189,7 @@ int RSA_up_ref(RSA *r) return i > 1 ? 1 : 0; } -OPENSSL_CTX *rsa_get0_libctx(RSA *r) +OPENSSL_CTX *ossl_rsa_get0_libctx(RSA *r) { return r->libctx; } @@ -654,7 +654,7 @@ const RSA_PSS_PARAMS *RSA_get0_pss_params(const RSA *r) } /* Internal */ -RSA_PSS_PARAMS_30 *rsa_get0_pss_params_30(RSA *r) +RSA_PSS_PARAMS_30 *ossl_rsa_get0_pss_params_30(RSA *r) { return &r->pss_params; } @@ -699,9 +699,9 @@ int RSA_pkey_ctx_ctrl(EVP_PKEY_CTX *ctx, int optype, int cmd, int p1, void *p2) DEFINE_STACK_OF(BIGNUM) -int rsa_set0_all_params(RSA *r, const STACK_OF(BIGNUM) *primes, - const STACK_OF(BIGNUM) *exps, - const STACK_OF(BIGNUM) *coeffs) +int ossl_rsa_set0_all_params(RSA *r, const STACK_OF(BIGNUM) *primes, + const STACK_OF(BIGNUM) *exps, + const STACK_OF(BIGNUM) *coeffs) { #ifndef FIPS_MODULE STACK_OF(RSA_PRIME_INFO) *prime_infos, *old_infos = NULL; @@ -797,9 +797,9 @@ int rsa_set0_all_params(RSA *r, const STACK_OF(BIGNUM) *primes, DEFINE_SPECIAL_STACK_OF_CONST(BIGNUM_const, BIGNUM) -int rsa_get0_all_params(RSA *r, STACK_OF(BIGNUM_const) *primes, - STACK_OF(BIGNUM_const) *exps, - STACK_OF(BIGNUM_const) *coeffs) +int ossl_rsa_get0_all_params(RSA *r, STACK_OF(BIGNUM_const) *primes, + STACK_OF(BIGNUM_const) *exps, + STACK_OF(BIGNUM_const) *coeffs) { #ifndef FIPS_MODULE RSA_PRIME_INFO *pinfo; diff --git a/crypto/rsa/rsa_local.h b/crypto/rsa/rsa_local.h index cc03132d17..f5c6be31a9 100644 --- a/crypto/rsa/rsa_local.h +++ b/crypto/rsa/rsa_local.h @@ -169,37 +169,38 @@ RSA_PRIME_INFO *rsa_multip_info_new(void); int rsa_multip_calc_product(RSA *rsa); int rsa_multip_cap(int bits); -int rsa_sp800_56b_validate_strength(int nbits, int strength); -int rsa_check_pminusq_diff(BIGNUM *diff, const BIGNUM *p, const BIGNUM *q, - int nbits); -int rsa_get_lcm(BN_CTX *ctx, const BIGNUM *p, const BIGNUM *q, - BIGNUM *lcm, BIGNUM *gcd, BIGNUM *p1, BIGNUM *q1, - BIGNUM *p1q1); - -int rsa_check_public_exponent(const BIGNUM *e); -int rsa_check_private_exponent(const RSA *rsa, int nbits, BN_CTX *ctx); -int rsa_check_prime_factor(BIGNUM *p, BIGNUM *e, int nbits, BN_CTX *ctx); -int rsa_check_prime_factor_range(const BIGNUM *p, int nbits, BN_CTX *ctx); -int rsa_check_crt_components(const RSA *rsa, BN_CTX *ctx); - -int rsa_sp800_56b_pairwise_test(RSA *rsa, BN_CTX *ctx); -int rsa_sp800_56b_check_public(const RSA *rsa); -int rsa_sp800_56b_check_private(const RSA *rsa); -int rsa_sp800_56b_check_keypair(const RSA *rsa, const BIGNUM *efixed, - int strength, int nbits); -int rsa_sp800_56b_generate_key(RSA *rsa, int nbits, const BIGNUM *efixed, - BN_GENCB *cb); - -int rsa_sp800_56b_derive_params_from_pq(RSA *rsa, int nbits, - const BIGNUM *e, BN_CTX *ctx); -int rsa_fips186_4_gen_prob_primes(RSA *rsa, RSA_ACVP_TEST *test, - int nbits, const BIGNUM *e, BN_CTX *ctx, - BN_GENCB *cb); - -int rsa_padding_add_SSLv23_ex(OPENSSL_CTX *libctx, unsigned char *to, int tlen, - const unsigned char *from, int flen); -int rsa_padding_add_PKCS1_type_2_ex(OPENSSL_CTX *libctx, unsigned char *to, - int tlen, const unsigned char *from, - int flen); +int ossl_rsa_sp800_56b_validate_strength(int nbits, int strength); +int ossl_rsa_check_pminusq_diff(BIGNUM *diff, const BIGNUM *p, const BIGNUM *q, + int nbits); +int ossl_rsa_get_lcm(BN_CTX *ctx, const BIGNUM *p, const BIGNUM *q, + BIGNUM *lcm, BIGNUM *gcd, BIGNUM *p1, BIGNUM *q1, + BIGNUM *p1q1); + +int ossl_rsa_check_public_exponent(const BIGNUM *e); +int ossl_rsa_check_private_exponent(const RSA *rsa, int nbits, BN_CTX *ctx); +int ossl_rsa_check_prime_factor(BIGNUM *p, BIGNUM *e, int nbits, BN_CTX *ctx); +int ossl_rsa_check_prime_factor_range(const BIGNUM *p, int nbits, BN_CTX *ctx); +int ossl_rsa_check_crt_components(const RSA *rsa, BN_CTX *ctx); + +int ossl_rsa_sp800_56b_pairwise_test(RSA *rsa, BN_CTX *ctx); +int ossl_rsa_sp800_56b_check_public(const RSA *rsa); +int ossl_rsa_sp800_56b_check_private(const RSA *rsa); +int ossl_rsa_sp800_56b_check_keypair(const RSA *rsa, const BIGNUM *efixed, + int strength, int nbits); +int ossl_rsa_sp800_56b_generate_key(RSA *rsa, int nbits, const BIGNUM *efixed, + BN_GENCB *cb); + +int ossl_rsa_sp800_56b_derive_params_from_pq(RSA *rsa, int nbits, + const BIGNUM *e, BN_CTX *ctx); +int ossl_rsa_fips186_4_gen_prob_primes(RSA *rsa, RSA_ACVP_TEST *test, + int nbits, const BIGNUM *e, BN_CTX *ctx, + BN_GENCB *cb); + +int ossl_rsa_padding_add_SSLv23_ex(OPENSSL_CTX *libctx, unsigned char *to, + int tlen, const unsigned char *from, + int flen); +int ossl_rsa_padding_add_PKCS1_type_2_ex(OPENSSL_CTX *libctx, unsigned char *to, + int tlen, const unsigned char *from, + int flen); #endif /* OSSL_CRYPTO_RSA_LOCAL_H */ diff --git a/crypto/rsa/rsa_mp_names.c b/crypto/rsa/rsa_mp_names.c index 2fb1f53c43..8291b79e7a 100644 --- a/crypto/rsa/rsa_mp_names.c +++ b/crypto/rsa/rsa_mp_names.c @@ -20,7 +20,7 @@ * A fixed table of names for the RSA prime factors starting with * P,Q and up to 8 additional primes. */ -const char *rsa_mp_factor_names[] = { +const char *ossl_rsa_mp_factor_names[] = { OSSL_PKEY_PARAM_RSA_FACTOR1, OSSL_PKEY_PARAM_RSA_FACTOR2, #ifndef FIPS_MODULE @@ -40,7 +40,7 @@ const char *rsa_mp_factor_names[] = { * A fixed table of names for the RSA exponents starting with * DP,DQ and up to 8 additional exponents. */ -const char *rsa_mp_exp_names[] = { +const char *ossl_rsa_mp_exp_names[] = { OSSL_PKEY_PARAM_RSA_EXPONENT1, OSSL_PKEY_PARAM_RSA_EXPONENT2, #ifndef FIPS_MODULE @@ -60,7 +60,7 @@ const char *rsa_mp_exp_names[] = { * A fixed table of names for the RSA coefficients starting with * QINV and up to 8 additional exponents. */ -const char *rsa_mp_coeff_names[] = { +const char *ossl_rsa_mp_coeff_names[] = { OSSL_PKEY_PARAM_RSA_COEFFICIENT1, #ifndef FIPS_MODULE OSSL_PKEY_PARAM_RSA_COEFFICIENT2, diff --git a/crypto/rsa/rsa_oaep.c b/crypto/rsa/rsa_oaep.c index ea9ce0dee4..17200e787a 100644 --- a/crypto/rsa/rsa_oaep.c +++ b/crypto/rsa/rsa_oaep.c @@ -40,8 +40,8 @@ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, const unsigned char *from, int flen, const unsigned char *param, int plen) { - return rsa_padding_add_PKCS1_OAEP_mgf1_ex(NULL, to, tlen, from, flen, param, - plen, NULL, NULL); + return ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex(NULL, to, tlen, from, flen, + param, plen, NULL, NULL); } /* @@ -51,11 +51,12 @@ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, * Step numbers are included here but not in the constant time inverse below * to avoid complicating an already difficult enough function. */ -int rsa_padding_add_PKCS1_OAEP_mgf1_ex(OPENSSL_CTX *libctx, unsigned char *to, - int tlen, const unsigned char *from, - int flen, const unsigned char *param, - int plen, const EVP_MD *md, - const EVP_MD *mgf1md) +int ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex(OPENSSL_CTX *libctx, + unsigned char *to, int tlen, + const unsigned char *from, int flen, + const unsigned char *param, + int plen, const EVP_MD *md, + const EVP_MD *mgf1md) { int rv = 0; int i, emlen = tlen - 1; @@ -138,8 +139,8 @@ int RSA_padding_add_PKCS1_OAEP_mgf1(unsigned char *to, int tlen, const unsigned char *param, int plen, const EVP_MD *md, const EVP_MD *mgf1md) { - return rsa_padding_add_PKCS1_OAEP_mgf1_ex(NULL, to, tlen, from, flen, param, - plen, md, mgf1md); + return ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex(NULL, to, tlen, from, flen, + param, plen, md, mgf1md); } int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen, diff --git a/crypto/rsa/rsa_ossl.c b/crypto/rsa/rsa_ossl.c index d1e8535226..139fb16268 100644 --- a/crypto/rsa/rsa_ossl.c +++ b/crypto/rsa/rsa_ossl.c @@ -111,15 +111,17 @@ static int rsa_ossl_public_encrypt(int flen, const unsigned char *from, switch (padding) { case RSA_PKCS1_PADDING: - i = rsa_padding_add_PKCS1_type_2_ex(rsa->libctx, buf, num, from, flen); + i = ossl_rsa_padding_add_PKCS1_type_2_ex(rsa->libctx, buf, num, + from, flen); break; case RSA_PKCS1_OAEP_PADDING: - i = rsa_padding_add_PKCS1_OAEP_mgf1_ex(rsa->libctx, buf, num, from, - flen, NULL, 0, NULL, NULL); + i = ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex(rsa->libctx, buf, num, + from, flen, NULL, 0, + NULL, NULL); break; #ifndef FIPS_MODULE case RSA_SSLV23_PADDING: - i = rsa_padding_add_SSLv23_ex(rsa->libctx, buf, num, from, flen); + i = ossl_rsa_padding_add_SSLv23_ex(rsa->libctx, buf, num, from, flen); break; #endif case RSA_NO_PADDING: diff --git a/crypto/rsa/rsa_pk1.c b/crypto/rsa/rsa_pk1.c index 05c2933407..64f6864740 100644 --- a/crypto/rsa/rsa_pk1.c +++ b/crypto/rsa/rsa_pk1.c @@ -124,9 +124,9 @@ int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen, return j; } -int rsa_padding_add_PKCS1_type_2_ex(OPENSSL_CTX *libctx, unsigned char *to, - int tlen, const unsigned char *from, - int flen) +int ossl_rsa_padding_add_PKCS1_type_2_ex(OPENSSL_CTX *libctx, unsigned char *to, + int tlen, const unsigned char *from, + int flen) { int i, j; unsigned char *p; @@ -164,7 +164,7 @@ int rsa_padding_add_PKCS1_type_2_ex(OPENSSL_CTX *libctx, unsigned char *to, int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen, const unsigned char *from, int flen) { - return rsa_padding_add_PKCS1_type_2_ex(NULL, to, tlen, from, flen); + return ossl_rsa_padding_add_PKCS1_type_2_ex(NULL, to, tlen, from, flen); } int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen, @@ -278,7 +278,7 @@ int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen, } /* - * rsa_padding_check_PKCS1_type_2_TLS() checks and removes the PKCS1 type 2 + * ossl_rsa_padding_check_PKCS1_type_2_TLS() checks and removes the PKCS1 type 2 * padding from a decrypted RSA message in a TLS signature. The result is stored * in the buffer pointed to by |to| which should be |tlen| bytes long. |tlen| * must be at least SSL_MAX_MASTER_KEY_LENGTH. The original decrypted message @@ -298,10 +298,11 @@ int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen, * decrypted data will be randomly generated (as per * https://tools.ietf.org/html/rfc5246#section-7.4.7.1). */ -int rsa_padding_check_PKCS1_type_2_TLS(OPENSSL_CTX *libctx, unsigned char *to, - size_t tlen, const unsigned char *from, - size_t flen, int client_version, - int alt_version) +int ossl_rsa_padding_check_PKCS1_type_2_TLS(OPENSSL_CTX *libctx, + unsigned char *to, size_t tlen, + const unsigned char *from, + size_t flen, int client_version, + int alt_version) { unsigned int i, good, version_good; unsigned char rand_premaster_secret[SSL_MAX_MASTER_KEY_LENGTH]; diff --git a/crypto/rsa/rsa_pmeth.c b/crypto/rsa/rsa_pmeth.c index 261f347a2d..edaa769a6f 100644 --- a/crypto/rsa/rsa_pmeth.c +++ b/crypto/rsa/rsa_pmeth.c @@ -798,7 +798,7 @@ static const EVP_PKEY_METHOD rsa_pkey_meth = { pkey_rsa_ctrl_str }; -const EVP_PKEY_METHOD *rsa_pkey_method(void) +const EVP_PKEY_METHOD *ossl_rsa_pkey_method(void) { return &rsa_pkey_meth; } @@ -874,7 +874,7 @@ static const EVP_PKEY_METHOD rsa_pss_pkey_meth = { pkey_rsa_ctrl_str }; -const EVP_PKEY_METHOD *rsa_pss_pkey_method(void) +const EVP_PKEY_METHOD *ossl_rsa_pss_pkey_method(void) { return &rsa_pss_pkey_meth; } diff --git a/crypto/rsa/rsa_pss.c b/crypto/rsa/rsa_pss.c index a5bcdfe1ff..e3a548d2e3 100644 --- a/crypto/rsa/rsa_pss.c +++ b/crypto/rsa/rsa_pss.c @@ -288,7 +288,7 @@ static const RSA_PSS_PARAMS_30 default_RSASSA_PSS_params = { 1 /* default trailerField (0xBC) */ }; -int rsa_pss_params_30_set_defaults(RSA_PSS_PARAMS_30 *rsa_pss_params) +int ossl_rsa_pss_params_30_set_defaults(RSA_PSS_PARAMS_30 *rsa_pss_params) { if (rsa_pss_params == NULL) return 0; @@ -296,7 +296,7 @@ int rsa_pss_params_30_set_defaults(RSA_PSS_PARAMS_30 *rsa_pss_params) return 1; } -int rsa_pss_params_30_is_unrestricted(const RSA_PSS_PARAMS_30 *rsa_pss_params) +int ossl_rsa_pss_params_30_is_unrestricted(const RSA_PSS_PARAMS_30 *rsa_pss_params) { static RSA_PSS_PARAMS_30 pss_params_cmp = { 0, }; @@ -305,15 +305,15 @@ int rsa_pss_params_30_is_unrestricted(const RSA_PSS_PARAMS_30 *rsa_pss_params) sizeof(*rsa_pss_params)) == 0; } -int rsa_pss_params_30_copy(RSA_PSS_PARAMS_30 *to, - const RSA_PSS_PARAMS_30 *from) +int ossl_rsa_pss_params_30_copy(RSA_PSS_PARAMS_30 *to, + const RSA_PSS_PARAMS_30 *from) { memcpy(to, from, sizeof(*to)); return 1; } |