diff options
34 files changed, 449 insertions, 444 deletions
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt index 45f315c383..1724982709 100644 --- a/crypto/err/openssl.txt +++ b/crypto/err/openssl.txt @@ -1168,7 +1168,6 @@ RSA_F_RSA_CHECK_KEY:123:RSA_check_key RSA_F_RSA_CHECK_KEY_EX:160:RSA_check_key_ex RSA_F_RSA_CMS_DECRYPT:159:rsa_cms_decrypt RSA_F_RSA_CMS_VERIFY:158:rsa_cms_verify -RSA_F_RSA_FIPS186_4_GEN_PROB_PRIMES:168:rsa_fips186_4_gen_prob_primes RSA_F_RSA_ITEM_VERIFY:148:rsa_item_verify RSA_F_RSA_METH_DUP:161:RSA_meth_dup RSA_F_RSA_METH_NEW:162:RSA_meth_new @@ -1212,10 +1211,6 @@ RSA_F_RSA_PUB_DECODE:139:rsa_pub_decode RSA_F_RSA_SETUP_BLINDING:136:RSA_setup_blinding RSA_F_RSA_SIGN:117:RSA_sign RSA_F_RSA_SIGN_ASN1_OCTET_STRING:118:RSA_sign_ASN1_OCTET_STRING -RSA_F_RSA_SP800_56B_CHECK_KEYPAIR:169:rsa_sp800_56b_check_keypair -RSA_F_RSA_SP800_56B_CHECK_PUBLIC:170:rsa_sp800_56b_check_public -RSA_F_RSA_SP800_56B_PAIRWISE_TEST:171:rsa_sp800_56b_pairwise_test -RSA_F_RSA_SP800_56B_VALIDATE_STRENGTH:172:rsa_sp800_56b_validate_strength RSA_F_RSA_VERIFY:119:RSA_verify RSA_F_RSA_VERIFY_ASN1_OCTET_STRING:120:RSA_verify_ASN1_OCTET_STRING RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1:126:RSA_verify_PKCS1_PSS_mgf1 diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c index 8f84230dcf..fc06a101c8 100644 --- a/crypto/evp/pmeth_lib.c +++ b/crypto/evp/pmeth_lib.c @@ -50,7 +50,7 @@ static STACK_OF(EVP_PKEY_METHOD) *app_pkey_methods = NULL; /* This array needs to be in order of NIDs */ static pmeth_fn standard_methods[] = { # ifndef OPENSSL_NO_RSA - rsa_pkey_method, + ossl_rsa_pkey_method, # endif # ifndef OPENSSL_NO_DH dh_pkey_method, @@ -62,7 +62,7 @@ static pmeth_fn standard_methods[] = { ec_pkey_method, # endif # ifndef OPENSSL_NO_RSA - rsa_pss_pkey_method, + ossl_rsa_pss_pkey_method, # endif # ifndef OPENSSL_NO_DH dhx_pkey_method, diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c index aab237aecd..6105b7849a 100644 --- a/crypto/rsa/rsa_ameth.c +++ b/crypto/rsa/rsa_ameth.c @@ -777,7 +777,7 @@ static int rsa_pss_get_param_unverified(const RSA_PSS_PARAMS *pss, RSA_PSS_PARAMS_30 pss_params; /* Get the defaults from the ONE place */ - (void)rsa_pss_params_30_set_defaults(&pss_params); + (void)ossl_rsa_pss_params_30_set_defaults(&pss_params); if (pss == NULL) return 0; @@ -790,11 +790,11 @@ static int rsa_pss_get_param_unverified(const RSA_PSS_PARAMS *pss, if (pss->saltLength) *psaltlen = ASN1_INTEGER_get(pss->saltLength); else - *psaltlen = rsa_pss_params_30_saltlen(&pss_params); + *psaltlen = ossl_rsa_pss_params_30_saltlen(&pss_params); if (pss->trailerField) *ptrailerField = ASN1_INTEGER_get(pss->trailerField); else - *ptrailerField = rsa_pss_params_30_trailerfield(&pss_params);; + *ptrailerField = ossl_rsa_pss_params_30_trailerfield(&pss_params);; return 1; } @@ -838,11 +838,13 @@ static int rsa_sync_to_pss_params_30(RSA *rsa) return 0; md_nid = EVP_MD_type(md); mgf1md_nid = EVP_MD_type(mgf1md); - if (!rsa_pss_params_30_set_defaults(&pss_params) - || !rsa_pss_params_30_set_hashalg(&pss_params, md_nid) - || !rsa_pss_params_30_set_maskgenhashalg(&pss_params, mgf1md_nid) - || !rsa_pss_params_30_set_saltlen(&pss_params, saltlen) - || !rsa_pss_params_30_set_trailerfield(&pss_params, trailerField)) + if (!ossl_rsa_pss_params_30_set_defaults(&pss_params) + || !ossl_rsa_pss_params_30_set_hashalg(&pss_params, md_nid) + || !ossl_rsa_pss_params_30_set_maskgenhashalg(&pss_params, + mgf1md_nid) + || !ossl_rsa_pss_params_30_set_saltlen(&pss_params, saltlen) + || !ossl_rsa_pss_params_30_set_trailerfield(&pss_params, + trailerField)) return 0; rsa->pss_params = pss_params; } @@ -1214,7 +1216,7 @@ static int rsa_int_export_to(const EVP_PKEY *from, int rsa_type, if (RSA_get0_n(rsa) == NULL || RSA_get0_e(rsa) == NULL) goto err; - if (!rsa_todata(rsa, tmpl, NULL)) + if (!ossl_rsa_todata(rsa, tmpl, NULL)) goto err; selection |= OSSL_KEYMGMT_SELECT_PUBLIC_KEY; @@ -1231,11 +1233,12 @@ static int rsa_int_export_to(const EVP_PKEY *from, int rsa_type, goto err; md_nid = EVP_MD_type(md); mgf1md_nid = EVP_MD_type(mgf1md); - if (!rsa_pss_params_30_set_defaults(&pss_params) - || !rsa_pss_params_30_set_hashalg(&pss_params, md_nid) - || !rsa_pss_params_30_set_maskgenhashalg(&pss_params, mgf1md_nid) - || !rsa_pss_params_30_set_saltlen(&pss_params, saltlen) - || !rsa_pss_params_30_todata(&pss_params, tmpl, NULL)) + if (!ossl_rsa_pss_params_30_set_defaults(&pss_params) + || !ossl_rsa_pss_params_30_set_hashalg(&pss_params, md_nid) + || !ossl_rsa_pss_params_30_set_maskgenhashalg(&pss_params, + mgf1md_nid) + || !ossl_rsa_pss_params_30_set_saltlen(&pss_params, saltlen) + || !ossl_rsa_pss_params_30_todata(&pss_params, tmpl, NULL)) goto err; selection |= OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS; } @@ -1257,7 +1260,7 @@ static int rsa_int_import_from(const OSSL_PARAM params[], void *vpctx, { EVP_PKEY_CTX *pctx = vpctx; EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(pctx); - RSA *rsa = rsa_new_with_ctx(pctx->libctx); + RSA *rsa = ossl_rsa_new_with_ctx(pctx->libctx); RSA_PSS_PARAMS_30 rsa_pss_params = { 0, }; int ok = 0; @@ -1269,7 +1272,7 @@ static int rsa_int_import_from(const OSSL_PARAM params[], void *vpctx, RSA_clear_flags(rsa, RSA_FLAG_TYPE_MASK); RSA_set_flags(rsa, rsa_type); - if (!rsa_pss_params_30_fromdata(&rsa_pss_params, params, pctx->libctx)) + if (!ossl_rsa_pss_params_30_fromdata(&rsa_pss_params, params, pctx->libctx)) goto err; switch (rsa_type) { @@ -1278,7 +1281,7 @@ static int rsa_int_import_from(const OSSL_PARAM params[], void *vpctx, * Were PSS parameters filled in? * In that case, something's wrong */ - if (!rsa_pss_params_30_is_unrestricted(&rsa_pss_params)) + if (!ossl_rsa_pss_params_30_is_unrestricted(&rsa_pss_params)) goto err; break; case RSA_FLAG_TYPE_RSASSAPSS: @@ -1286,11 +1289,11 @@ static int rsa_int_import_from(const OSSL_PARAM params[], void *vpctx, * Were PSS parameters filled in? In that case, create the old * RSA_PSS_PARAMS structure. Otherwise, this is an unrestricted key. */ - if (!rsa_pss_params_30_is_unrestricted(&rsa_pss_params)) { + if (!ossl_rsa_pss_params_30_is_unrestricted(&rsa_pss_params)) { /* Create the older RSA_PSS_PARAMS from RSA_PSS_PARAMS_30 data */ - int mdnid = rsa_pss_params_30_hashalg(&rsa_pss_params); - int mgf1mdnid = rsa_pss_params_30_maskgenhashalg(&rsa_pss_params); - int saltlen = rsa_pss_params_30_saltlen(&rsa_pss_params); + int mdnid = ossl_rsa_pss_params_30_hashalg(&rsa_pss_params); + int mgf1mdnid = ossl_rsa_pss_params_30_maskgenhashalg(&rsa_pss_params); + int saltlen = ossl_rsa_pss_params_30_saltlen(&rsa_pss_params); const EVP_MD *md = EVP_get_digestbynid(mdnid); const EVP_MD *mgf1md = EVP_get_digestbynid(mgf1mdnid); @@ -1303,7 +1306,7 @@ static int rsa_int_import_from(const OSSL_PARAM params[], void *vpctx, goto err; } - if (!rsa_fromdata(rsa, params)) + if (!ossl_rsa_fromdata(rsa, params)) goto err; switch (rsa_type) { diff --git a/crypto/rsa/rsa_backend.c b/crypto/rsa/rsa_backend.c index fae09d7067..9279e71857 100644 --- a/crypto/rsa/rsa_backend.c +++ b/crypto/rsa/rsa_backend.c @@ -48,7 +48,7 @@ static int collect_numbers(STACK_OF(BIGNUM) *numbers, return 1; } -int rsa_fromdata(RSA *rsa, const OSSL_PARAM params[]) +int ossl_rsa_fromdata(RSA *rsa, const OSSL_PARAM params[]) { const OSSL_PARAM *param_n, *param_e, *param_d; BIGNUM *n = NULL, *e = NULL, *d = NULL; @@ -75,16 +75,16 @@ int rsa_fromdata(RSA *rsa, const OSSL_PARAM params[]) if (is_private) { if (!collect_numbers(factors = sk_BIGNUM_new_null(), params, - rsa_mp_factor_names) + ossl_rsa_mp_factor_names) || !collect_numbers(exps = sk_BIGNUM_new_null(), params, - rsa_mp_exp_names) + ossl_rsa_mp_exp_names) || !collect_numbers(coeffs = sk_BIGNUM_new_null(), params, - rsa_mp_coeff_names)) + ossl_rsa_mp_coeff_names)) goto err; /* It's ok if this private key just has n, e and d */ if (sk_BIGNUM_num(factors) != 0 - && !rsa_set0_all_params(rsa, factors, exps, coeffs)) + && !ossl_rsa_set0_all_params(rsa, factors, exps, coeffs)) goto err; } @@ -106,7 +106,7 @@ int rsa_fromdata(RSA *rsa, const OSSL_PARAM params[]) DEFINE_SPECIAL_STACK_OF_CONST(BIGNUM_const, BIGNUM) -int rsa_todata(RSA *rsa, OSSL_PARAM_BLD *bld, OSSL_PARAM params[]) +int ossl_rsa_todata(RSA *rsa, OSSL_PARAM_BLD *bld, OSSL_PARAM params[]) { int ret = 0; const BIGNUM *rsa_d = NULL, *rsa_n = NULL, *rsa_e = NULL; @@ -118,7 +118,7 @@ int rsa_todata(RSA *rsa, OSSL_PARAM_BLD *bld, OSSL_PARAM params[]) goto err; RSA_get0_key(rsa, &rsa_n, &rsa_e, &rsa_d); - rsa_get0_all_params(rsa, factors, exps, coeffs); + ossl_rsa_get0_all_params(rsa, factors, exps, coeffs); if (!ossl_param_build_set_bn(bld, params, OSSL_PKEY_PARAM_RSA_N, rsa_n) || !ossl_param_build_set_bn(bld, params, OSSL_PKEY_PARAM_RSA_E, rsa_e)) @@ -142,11 +142,13 @@ int rsa_todata(RSA *rsa, OSSL_PARAM_BLD *bld, OSSL_PARAM params[]) if (!ossl_param_build_set_bn(bld, params, OSSL_PKEY_PARAM_RSA_D, rsa_d) || !ossl_param_build_set_multi_key_bn(bld, params, - rsa_mp_factor_names, factors) + ossl_rsa_mp_factor_names, + factors) || !ossl_param_build_set_multi_key_bn(bld, params, - rsa_mp_exp_names, exps) + ossl_rsa_mp_exp_names, exps) || !ossl_param_build_set_multi_key_bn(bld, params, - rsa_mp_coeff_names, coeffs)) + ossl_rsa_mp_coeff_names, + coeffs)) goto err; } @@ -163,26 +165,27 @@ int rsa_todata(RSA *rsa, OSSL_PARAM_BLD *bld, OSSL_PARAM params[]) return ret; } -int rsa_pss_params_30_todata(const RSA_PSS_PARAMS_30 *pss, - OSSL_PARAM_BLD *bld, OSSL_PARAM params[]) +int ossl_rsa_pss_params_30_todata(const RSA_PSS_PARAMS_30 *pss, + OSSL_PARAM_BLD *bld, OSSL_PARAM params[]) { - if (!rsa_pss_params_30_is_unrestricted(pss)) { - int hashalg_nid = rsa_pss_params_30_hashalg(pss); - int maskgenalg_nid = rsa_pss_params_30_maskgenalg(pss); - int maskgenhashalg_nid = rsa_pss_params_30_maskgenhashalg(pss); - int saltlen = rsa_pss_params_30_saltlen(pss); - int default_hashalg_nid = rsa_pss_params_30_hashalg(NULL); - int default_maskgenalg_nid = rsa_pss_params_30_maskgenalg(NULL); - int default_maskgenhashalg_nid = rsa_pss_params_30_maskgenhashalg(NULL); + if (!ossl_rsa_pss_params_30_is_unrestricted(pss)) { + int hashalg_nid = ossl_rsa_pss_params_30_hashalg(pss); + int maskgenalg_nid = ossl_rsa_pss_params_30_maskgenalg(pss); + int maskgenhashalg_nid = ossl_rsa_pss_params_30_maskgenhashalg(pss); + int saltlen = ossl_rsa_pss_params_30_saltlen(pss); + int default_hashalg_nid = ossl_rsa_pss_params_30_hashalg(NULL); + int default_maskgenalg_nid = ossl_rsa_pss_params_30_maskgenalg(NULL); + int default_maskgenhashalg_nid = + ossl_rsa_pss_params_30_maskgenhashalg(NULL); const char *mdname = (hashalg_nid == default_hashalg_nid - ? NULL : rsa_oaeppss_nid2name(hashalg_nid)); + ? NULL : ossl_rsa_oaeppss_nid2name(hashalg_nid)); const char *mgfname = (maskgenalg_nid == default_maskgenalg_nid - ? NULL : rsa_oaeppss_nid2name(maskgenalg_nid)); + ? NULL : ossl_rsa_oaeppss_nid2name(maskgenalg_nid)); const char *mgf1mdname = (maskgenhashalg_nid == default_maskgenhashalg_nid - ? NULL : rsa_oaeppss_nid2name(maskgenhashalg_nid)); + ? NULL : ossl_rsa_oaeppss_nid2name(maskgenhashalg_nid)); const char *key_md = OSSL_PKEY_PARAM_RSA_DIGEST; const char *key_mgf = OSSL_PKEY_PARAM_RSA_MASKGENFUNC; const char *key_mgf1_md = OSSL_PKEY_PARAM_RSA_MGF1_DIGEST; @@ -207,8 +210,9 @@ int rsa_pss_params_30_todata(const RSA_PSS_PARAMS_30 *pss, return 1; } -int rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params, - const OSSL_PARAM params[], OPENSSL_CTX *libctx) +int ossl_rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params, + const OSSL_PARAM params[], + OPENSSL_CTX *libctx) { const OSSL_PARAM *param_md, *param_mgf, *param_mgf1md, *param_saltlen; const OSSL_PARAM *param_propq; @@ -241,11 +245,11 @@ int rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params, */ if (param_md != NULL || param_mgf != NULL || param_mgf1md != NULL || param_saltlen != NULL) - if (!rsa_pss_params_30_set_defaults(pss_params)) + if (!ossl_rsa_pss_params_30_set_defaults(pss_params)) return 0; if (param_mgf != NULL) { - int default_maskgenalg_nid = rsa_pss_params_30_maskgenalg(NULL); + int default_maskgenalg_nid = ossl_rsa_pss_params_30_maskgenalg(NULL); const char *mgfname = NULL; if (param_mgf->data_type == OSSL_PARAM_UTF8_STRING) @@ -255,7 +259,7 @@ int rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params, /* TODO Revisit this if / when a new MGF algorithm appears */ if (strcasecmp(param_mgf->data, - rsa_mgf_nid2name(default_maskgenalg_nid)) != 0) + ossl_rsa_mgf_nid2name(default_maskgenalg_nid)) != 0) return 0; } @@ -273,8 +277,8 @@ int rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params, goto err; if ((md = EVP_MD_fetch(libctx, mdname, propq)) == NULL - || !rsa_pss_params_30_set_hashalg(pss_params, - rsa_oaeppss_md2nid(md))) + || !ossl_rsa_pss_params_30_set_hashalg(pss_params, + ossl_rsa_oaeppss_md2nid(md))) goto err; } @@ -287,14 +291,14 @@ int rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params, goto err; if ((mgf1md = EVP_MD_fetch(libctx, mgf1mdname, propq)) == NULL - || !rsa_pss_params_30_set_maskgenhashalg(pss_params, - rsa_oaeppss_md2nid(mgf1md))) + || !ossl_rsa_pss_params_30_set_maskgenhashalg( + pss_params, ossl_rsa_oaeppss_md2nid(mgf1md))) goto err; } if (param_saltlen != NULL) { if (!OSSL_PARAM_get_int(param_saltlen, &saltlen) - || !rsa_pss_params_30_set_saltlen(pss_params, saltlen)) + || !ossl_rsa_pss_params_30_set_saltlen(pss_params, saltlen)) goto err; } diff --git a/crypto/rsa/rsa_chk.c b/crypto/rsa/rsa_chk.c index 0bbb6dac03..5a0ef7679b 100644 --- a/crypto/rsa/rsa_chk.c +++ b/crypto/rsa/rsa_chk.c @@ -230,20 +230,20 @@ static int rsa_validate_keypair_multiprime(const RSA *key, BN_GENCB *cb) } #endif /* FIPS_MODULE */ -int rsa_validate_public(const RSA *key) +int ossl_rsa_validate_public(const RSA *key) { - return rsa_sp800_56b_check_public(key); + return ossl_rsa_sp800_56b_check_public(key); } -int rsa_validate_private(const RSA *key) +int ossl_rsa_validate_private(const RSA *key) { - return rsa_sp800_56b_check_private(key); + return ossl_rsa_sp800_56b_check_private(key); } -int rsa_validate_pairwise(const RSA *key) +int ossl_rsa_validate_pairwise(const RSA *key) { #ifdef FIPS_MODULE - return rsa_sp800_56b_check_keypair(key, NULL, -1, RSA_bits(key)); + return ossl_rsa_sp800_56b_check_keypair(key, NULL, -1, RSA_bits(key)); #else return rsa_validate_keypair_multiprime(key, NULL); #endif @@ -257,9 +257,9 @@ int RSA_check_key(const RSA *key) int RSA_check_key_ex(const RSA *key, BN_GENCB *cb) { #ifdef FIPS_MODULE - return rsa_validate_public(key) - && rsa_validate_private(key) - && rsa_validate_pairwise(key); + return ossl_rsa_validate_public(key) + && ossl_rsa_validate_private(key) + && ossl_rsa_validate_pairwise(key); #else return rsa_validate_keypair_multiprime(key, cb); #endif /* FIPS_MODULE */ diff --git a/crypto/rsa/rsa_gen.c b/crypto/rsa/rsa_gen.c index dc4ec0a8d3..58c7806ffd 100644 --- a/crypto/rsa/rsa_gen.c +++ b/crypto/rsa/rsa_gen.c @@ -92,7 +92,7 @@ static int rsa_multiprime_keygen(RSA *rsa, int bits, int primes, } /* A bad value for e can cause infinite loops */ - if (e_value != NULL && !rsa_check_public_exponent(e_value)) { + if (e_value != NULL && !ossl_rsa_check_public_exponent(e_value)) { RSAerr(0, RSA_R_PUB_EXPONENT_OUT_OF_RANGE); return 0; } @@ -429,7 +429,7 @@ static int rsa_keygen(OPENSSL_CTX *libctx, RSA *rsa, int bits, int primes, * the older rsa_multiprime_keygen(). */ if (primes == 2 && bits >= 2048) - ok = rsa_sp800_56b_generate_key(rsa, bits, e_value, cb); + ok = ossl_rsa_sp800_56b_generate_key(rsa, bits, e_value, cb); #ifndef FIPS_MODULE else ok = rsa_multiprime_keygen(rsa, bits, primes, e_value, cb); diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c index 475fca0f89..a73df12dc6 100644 --- a/crypto/rsa/rsa_lib.c +++ b/crypto/rsa/rsa_lib.c @@ -66,7 +66,7 @@ RSA *RSA_new_method(ENGINE *engine) } #endif -RSA *rsa_new_with_ctx(OPENSSL_CTX *libctx) +RSA *ossl_rsa_new_with_ctx(OPENSSL_CTX *libctx) { return rsa_new_intern(NULL, libctx); } @@ -189,7 +189,7 @@ int RSA_up_ref(RSA *r) return i > 1 ? 1 : 0; } -OPENSSL_CTX *rsa_get0_libctx(RSA *r) +OPENSSL_CTX *ossl_rsa_get0_libctx(RSA *r) { return r->libctx; } @@ -654,7 +654,7 @@ const RSA_PSS_PARAMS *RSA_get0_pss_params(const RSA *r) } /* Internal */ -RSA_PSS_PARAMS_30 *rsa_get0_pss_params_30(RSA *r) +RSA_PSS_PARAMS_30 *ossl_rsa_get0_pss_params_30(RSA *r) { return &r->pss_params; } @@ -699,9 +699,9 @@ int RSA_pkey_ctx_ctrl(EVP_PKEY_CTX *ctx, int optype, int cmd, int p1, void *p2) DEFINE_STACK_OF(BIGNUM) -int rsa_set0_all_params(RSA *r, const STACK_OF(BIGNUM) *primes, - const STACK_OF(BIGNUM) *exps, - const STACK_OF(BIGNUM) *coeffs) +int ossl_rsa_set0_all_params(RSA *r, const STACK_OF(BIGNUM) *primes, + const STACK_OF(BIGNUM) *exps, + const STACK_OF(BIGNUM) *coeffs) { #ifndef FIPS_MODULE STACK_OF(RSA_PRIME_INFO) *prime_infos, *old_infos = NULL; @@ -797,9 +797,9 @@ int rsa_set0_all_params(RSA *r, const STACK_OF(BIGNUM) *primes, DEFINE_SPECIAL_STACK_OF_CONST(BIGNUM_const, BIGNUM) -int rsa_get0_all_params(RSA *r, STACK_OF(BIGNUM_const) *primes, - STACK_OF(BIGNUM_const) *exps, - STACK_OF(BIGNUM_const) *coeffs) +int ossl_rsa_get0_all_params(RSA *r, STACK_OF(BIGNUM_const) *primes, + STACK_OF(BIGNUM_const) *exps, + STACK_OF(BIGNUM_const) *coeffs) { #ifndef FIPS_MODULE RSA_PRIME_INFO *pinfo; diff --git a/crypto/rsa/rsa_local.h b/crypto/rsa/rsa_local.h index cc03132d17..f5c6be31a9 100644 --- a/crypto/rsa/rsa_local.h +++ b/crypto/rsa/rsa_local.h @@ -169,37 +169,38 @@ RSA_PRIME_INFO *rsa_multip_info_new(void); int rsa_multip_calc_product(RSA *rsa); int rsa_multip_cap(int bits); -int rsa_sp800_56b_validate_strength(int nbits, int strength); -int rsa_check_pminusq_diff(BIGNUM *diff, const BIGNUM *p, const BIGNUM *q, - int nbits); -int rsa_get_lcm(BN_CTX *ctx, const BIGNUM *p, const BIGNUM *q, - BIGNUM *lcm, BIGNUM *gcd, BIGNUM *p1, BIGNUM *q1, - BIGNUM *p1q1); - -int rsa_check_public_exponent(const BIGNUM *e); -int rsa_check_private_exponent(const RSA *rsa, int nbits, BN_CTX *ctx); -int rsa_check_prime_factor(BIGNUM *p, BIGNUM *e, int nbits, BN_CTX *ctx); -int rsa_check_prime_factor_range(const BIGNUM *p, int nbits, BN_CTX *ctx); -int rsa_check_crt_components(const RSA *rsa, BN_CTX *ctx); - -int rsa_sp800_56b_pairwise_test(RSA *rsa, BN_CTX *ctx); -int rsa_sp800_56b_check_public(const RSA *rsa); -int rsa_sp800_56b_check_private(const RSA *rsa); -int rsa_sp800_56b_check_keypair(const RSA *rsa, const BIGNUM *efixed, - int strength, int nbits); -int rsa_sp800_56b_generate_key(RSA *rsa, int nbits, const BIGNUM *efixed, - BN_GENCB *cb); - -int rsa_sp800_56b_derive_params_from_pq(RSA *rsa, int nbits, - const BIGNUM *e, BN_CTX *ctx); -int rsa_fips186_4_gen_prob_primes(RSA *rsa, RSA_ACVP_TEST *test, - int nbits, const BIGNUM *e, BN_CTX *ctx, - BN_GENCB *cb); - -int rsa_padding_add_SSLv23_ex(OPENSSL_CTX *libctx, unsigned char *to, int tlen, - const unsigned char *from, int flen); -int rsa_padding_add_PKCS1_type_2_ex(OPENSSL_CTX *libctx, unsigned char *to, - int tlen, const unsigned char *from, - int flen); +int ossl_rsa_sp800_56b_validate_strength(int nbits, int strength); +int ossl_rsa_check_pminusq_diff(BIGNUM *diff, const BIGNUM *p, const BIGNUM *q, + int nbits); +int ossl_rsa_get_lcm(BN_CTX *ctx, const BIGNUM *p, const BIGNUM *q, + BIGNUM *lcm, BIGNUM *gcd, BIGNUM *p1, BIGNUM *q1, + BIGNUM *p1q1); + +int ossl_rsa_check_public_exponent(const BIGNUM *e); +int ossl_rsa_check_private_exponent(const RSA *rsa, int nbits, BN_CTX *ctx); +int ossl_rsa_check_prime_factor(BIGNUM *p, BIGNUM *e, int nbits, BN_CTX *ctx); +int ossl_rsa_check_prime_factor_range(const BIGNUM *p, int nbits, BN_CTX *ctx); +int ossl_rsa_check_crt_components(const RSA *rsa, BN_CTX *ctx); + +int ossl_rsa_sp800_56b_pairwise_test(RSA *rsa, BN_CTX *ctx); +int ossl_rsa_sp800_56b_check_public(const RSA *rsa); +int ossl_rsa_sp800_56b_check_private(const RSA *rsa); +int ossl_rsa_sp800_56b_check_keypair(const RSA *rsa, const BIGNUM *efixed, + int strength, int nbits); +int ossl_rsa_sp800_56b_generate_key(RSA *rsa, int nbits, const BIGNUM *efixed, + BN_GENCB *cb); + +int ossl_rsa_sp800_56b_derive_params_from_pq(RSA *rsa, int nbits, + const BIGNUM *e, BN_CTX *ctx); +int ossl_rsa_fips186_4_gen_prob_primes(RSA *rsa, RSA_ACVP_TEST *test, + int nbits, const BIGNUM *e, BN_CTX *ctx, + BN_GENCB *cb); + +int ossl_rsa_padding_add_SSLv23_ex(OPENSSL_CTX *libctx, unsigned char *to, + int tlen, const unsigned char *from, + int flen); +int ossl_rsa_padding_add_PKCS1_type_2_ex(OPENSSL_CTX *libctx, unsigned char *to, + int tlen, const unsigned char *from, + int flen); #endif /* OSSL_CRYPTO_RSA_LOCAL_H */ diff --git a/crypto/rsa/rsa_mp_names.c b/crypto/rsa/rsa_mp_names.c index 2fb1f53c43..8291b79e7a 100644 --- a/crypto/rsa/rsa_mp_names.c +++ b/crypto/rsa/rsa_mp_names.c @@ -20,7 +20,7 @@ * A fixed table of names for the RSA prime factors starting with * P,Q and up to 8 additional primes. */ -const char *rsa_mp_factor_names[] = { +const char *ossl_rsa_mp_factor_names[] = { OSSL_PKEY_PARAM_RSA_FACTOR1, OSSL_PKEY_PARAM_RSA_FACTOR2, #ifndef FIPS_MODULE @@ -40,7 +40,7 @@ const char *rsa_mp_factor_names[] = { * A fixed table of names for the RSA exponents starting with * DP,DQ and up to 8 additional exponents. */ -const char *rsa_mp_exp_names[] = { +const char *ossl_rsa_mp_exp_names[] = { OSSL_PKEY_PARAM_RSA_EXPONENT1, OSSL_PKEY_PARAM_RSA_EXPONENT2, #ifndef FIPS_MODULE @@ -60,7 +60,7 @@ const char *rsa_mp_exp_names[] = { * A fixed table of names for the RSA coefficients starting with * QINV and up to 8 additional exponents. */ -const char *rsa_mp_coeff_names[] = { +const char *ossl_rsa_mp_coeff_names[] = { OSSL_PKEY_PARAM_RSA_COEFFICIENT1, #ifndef FIPS_MODULE OSSL_PKEY_PARAM_RSA_COEFFICIENT2, diff --git a/crypto/rsa/rsa_oaep.c b/crypto/rsa/rsa_oaep.c index ea9ce0dee4..17200e787a 100644 --- a/crypto/rsa/rsa_oaep.c +++ b/crypto/rsa/rsa_oaep.c @@ -40,8 +40,8 @@ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, const unsigned char *from, int flen, const unsigned char *param, int plen) { - return rsa_padding_add_PKCS1_OAEP_mgf1_ex(NULL, to, tlen, from, flen, param, - plen, NULL, NULL); + return ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex(NULL, to, tlen, from, flen, + param, plen, NULL, NULL); } /* @@ -51,11 +51,12 @@ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, * Step numbers are included here but not in the constant time inverse below * to avoid complicating an already difficult enough function. */ -int rsa_padding_add_PKCS1_OAEP_mgf1_ex(OPENSSL_CTX *libctx, unsigned char *to, - int tlen, const unsigned char *from, - int flen, const unsigned char *param, - int plen, const EVP_MD *md, - const EVP_MD *mgf1md) +int ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex(OPENSSL_CTX *libctx, + unsigned char *to, int tlen, + const unsigned char *from, int flen, + const unsigned char *param, + int plen, const EVP_MD *md, + const EVP_MD *mgf1md) { int rv = 0; int i, emlen = tlen - 1; @@ -138,8 +139,8 @@ int RSA_padding_add_PKCS1_OAEP_mgf1(unsigned char *to, int tlen, const unsigned char *param, int plen, const EVP_MD *md, const EVP_MD *mgf1md) { - return rsa_padding_add_PKCS1_OAEP_mgf1_ex(NULL, to, tlen, from, flen, param, - plen, md, mgf1md); + return ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex(NULL, to, tlen, from, flen, + param, plen, md, mgf1md); } int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen, diff --git a/crypto/rsa/rsa_ossl.c b/crypto/rsa/rsa_ossl.c index d1e8535226..139fb16268 100644 --- a/ |