[openssl] master update
Dr. Paul Dale
pauli at openssl.org
Tue Oct 6 23:05:40 UTC 2020
The branch master has been updated
via 23b2fc0b501d6635dd821014aec8ff16689cbb6a (commit)
from a21db568bf3d0ab4194fd3e0917ee982f1fc8bfd (commit)
- Log -----------------------------------------------------------------
commit 23b2fc0b501d6635dd821014aec8ff16689cbb6a
Author: Pauli <paul.dale at oracle.com>
Date: Wed Sep 30 14:20:14 2020 +1000
rsa: add ossl_ prefix to internal rsa_ calls.
The functions being:
rsa_check_crt_components, rsa_check_key, rsa_check_pminusq_diff,
rsa_check_prime_factor, rsa_check_prime_factor_range,
rsa_check_private_exponent, rsa_check_public_exponent,
rsa_digestinfo_encoding, rsa_fips186_4_gen_prob_primes, rsa_fromdata,
rsa_get0_all_params, rsa_get0_libctx, rsa_get0_pss_params_30,
rsa_get_lcm, rsa_mgf_nid2name, rsa_mp_coeff_names, rsa_mp_exp_names,
rsa_mp_factor_names, rsa_new_with_ctx, rsa_oaeppss_md2nid,
rsa_oaeppss_nid2name, rsa_padding_add_PKCS1_OAEP_mgf1_with_libctx,
rsa_padding_add_PKCS1_type_2_with_libctx,
rsa_padding_add_SSLv23_with_libctx, rsa_padding_check_PKCS1_type_2_TLS,
rsa_pkey_method, rsa_pss_params_30_copy, rsa_pss_params_30_fromdata,
rsa_pss_params_30_hashalg, rsa_pss_params_30_is_unrestricted,
rsa_pss_params_30_maskgenalg, rsa_pss_params_30_maskgenhashalg,
rsa_pss_params_30_saltlen, rsa_pss_params_30_set_defaults,
rsa_pss_params_30_set_hashalg, rsa_pss_params_30_set_maskgenalg,
rsa_pss_params_30_set_maskgenhashalg, rsa_pss_params_30_set_saltlen,
rsa_pss_params_30_set_trailerfield, rsa_pss_params_30_todata,
rsa_pss_params_30_trailerfield, rsa_pss_pkey_method, rsa_set0_all_params,
rsa_sp800_56b_check_keypair, rsa_sp800_56b_check_private,
rsa_sp800_56b_check_public, rsa_sp800_56b_derive_params_from_pq,
rsa_sp800_56b_generate_key, rsa_sp800_56b_pairwise_test,
rsa_sp800_56b_validate_strength, rsa_todata, rsa_validate_pairwise,
rsa_validate_private and rsa_validate_public.
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13040)
-----------------------------------------------------------------------
Summary of changes:
crypto/err/openssl.txt | 5 -
crypto/evp/pmeth_lib.c | 4 +-
crypto/rsa/rsa_ameth.c | 47 ++++----
crypto/rsa/rsa_backend.c | 70 +++++------
crypto/rsa/rsa_chk.c | 18 +--
crypto/rsa/rsa_gen.c | 4 +-
crypto/rsa/rsa_lib.c | 18 +--
crypto/rsa/rsa_local.h | 65 +++++-----
crypto/rsa/rsa_mp_names.c | 6 +-
crypto/rsa/rsa_oaep.c | 19 +--
crypto/rsa/rsa_ossl.c | 10 +-
crypto/rsa/rsa_pk1.c | 19 +--
crypto/rsa/rsa_pmeth.c | 4 +-
crypto/rsa/rsa_pss.c | 38 +++---
crypto/rsa/rsa_schemes.c | 6 +-
crypto/rsa/rsa_sign.c | 4 +-
crypto/rsa/rsa_sp800_56b_check.c | 73 ++++++------
crypto/rsa/rsa_sp800_56b_gen.c | 45 ++++---
crypto/rsa/rsa_ssl.c | 7 +-
...all_params.pod => ossl_rsa_get0_all_params.pod} | 22 ++--
include/crypto/evp.h | 4 +-
include/crypto/rsa.h | 121 +++++++++----------
include/openssl/rsaerr.h | 5 -
providers/common/der/der_rsa_key.c | 23 ++--
providers/common/include/prov/securitycheck.h | 2 +-
providers/common/securitycheck.c | 2 +-
providers/implementations/asymciphers/rsa_enc.c | 21 ++--
.../implementations/encode_decode/encode_key2any.c | 4 +-
.../encode_decode/encode_key2text.c | 26 ++--
providers/implementations/kem/rsa_kem.c | 4 +-
providers/implementations/keymgmt/rsa_kmgmt.c | 48 ++++----
providers/implementations/signature/rsa.c | 16 +--
test/rsa_mp_test.c | 2 +-
test/rsa_sp800_56b_test.c | 131 ++++++++++-----------
34 files changed, 449 insertions(+), 444 deletions(-)
rename doc/internal/man3/{rsa_get0_all_params.pod => ossl_rsa_get0_all_params.pod} (69%)
diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt
index 45f315c383..1724982709 100644
--- a/crypto/err/openssl.txt
+++ b/crypto/err/openssl.txt
@@ -1168,7 +1168,6 @@ RSA_F_RSA_CHECK_KEY:123:RSA_check_key
RSA_F_RSA_CHECK_KEY_EX:160:RSA_check_key_ex
RSA_F_RSA_CMS_DECRYPT:159:rsa_cms_decrypt
RSA_F_RSA_CMS_VERIFY:158:rsa_cms_verify
-RSA_F_RSA_FIPS186_4_GEN_PROB_PRIMES:168:rsa_fips186_4_gen_prob_primes
RSA_F_RSA_ITEM_VERIFY:148:rsa_item_verify
RSA_F_RSA_METH_DUP:161:RSA_meth_dup
RSA_F_RSA_METH_NEW:162:RSA_meth_new
@@ -1212,10 +1211,6 @@ RSA_F_RSA_PUB_DECODE:139:rsa_pub_decode
RSA_F_RSA_SETUP_BLINDING:136:RSA_setup_blinding
RSA_F_RSA_SIGN:117:RSA_sign
RSA_F_RSA_SIGN_ASN1_OCTET_STRING:118:RSA_sign_ASN1_OCTET_STRING
-RSA_F_RSA_SP800_56B_CHECK_KEYPAIR:169:rsa_sp800_56b_check_keypair
-RSA_F_RSA_SP800_56B_CHECK_PUBLIC:170:rsa_sp800_56b_check_public
-RSA_F_RSA_SP800_56B_PAIRWISE_TEST:171:rsa_sp800_56b_pairwise_test
-RSA_F_RSA_SP800_56B_VALIDATE_STRENGTH:172:rsa_sp800_56b_validate_strength
RSA_F_RSA_VERIFY:119:RSA_verify
RSA_F_RSA_VERIFY_ASN1_OCTET_STRING:120:RSA_verify_ASN1_OCTET_STRING
RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1:126:RSA_verify_PKCS1_PSS_mgf1
diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
index 8f84230dcf..fc06a101c8 100644
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@@ -50,7 +50,7 @@ static STACK_OF(EVP_PKEY_METHOD) *app_pkey_methods = NULL;
/* This array needs to be in order of NIDs */
static pmeth_fn standard_methods[] = {
# ifndef OPENSSL_NO_RSA
- rsa_pkey_method,
+ ossl_rsa_pkey_method,
# endif
# ifndef OPENSSL_NO_DH
dh_pkey_method,
@@ -62,7 +62,7 @@ static pmeth_fn standard_methods[] = {
ec_pkey_method,
# endif
# ifndef OPENSSL_NO_RSA
- rsa_pss_pkey_method,
+ ossl_rsa_pss_pkey_method,
# endif
# ifndef OPENSSL_NO_DH
dhx_pkey_method,
diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c
index aab237aecd..6105b7849a 100644
--- a/crypto/rsa/rsa_ameth.c
+++ b/crypto/rsa/rsa_ameth.c
@@ -777,7 +777,7 @@ static int rsa_pss_get_param_unverified(const RSA_PSS_PARAMS *pss,
RSA_PSS_PARAMS_30 pss_params;
/* Get the defaults from the ONE place */
- (void)rsa_pss_params_30_set_defaults(&pss_params);
+ (void)ossl_rsa_pss_params_30_set_defaults(&pss_params);
if (pss == NULL)
return 0;
@@ -790,11 +790,11 @@ static int rsa_pss_get_param_unverified(const RSA_PSS_PARAMS *pss,
if (pss->saltLength)
*psaltlen = ASN1_INTEGER_get(pss->saltLength);
else
- *psaltlen = rsa_pss_params_30_saltlen(&pss_params);
+ *psaltlen = ossl_rsa_pss_params_30_saltlen(&pss_params);
if (pss->trailerField)
*ptrailerField = ASN1_INTEGER_get(pss->trailerField);
else
- *ptrailerField = rsa_pss_params_30_trailerfield(&pss_params);;
+ *ptrailerField = ossl_rsa_pss_params_30_trailerfield(&pss_params);;
return 1;
}
@@ -838,11 +838,13 @@ static int rsa_sync_to_pss_params_30(RSA *rsa)
return 0;
md_nid = EVP_MD_type(md);
mgf1md_nid = EVP_MD_type(mgf1md);
- if (!rsa_pss_params_30_set_defaults(&pss_params)
- || !rsa_pss_params_30_set_hashalg(&pss_params, md_nid)
- || !rsa_pss_params_30_set_maskgenhashalg(&pss_params, mgf1md_nid)
- || !rsa_pss_params_30_set_saltlen(&pss_params, saltlen)
- || !rsa_pss_params_30_set_trailerfield(&pss_params, trailerField))
+ if (!ossl_rsa_pss_params_30_set_defaults(&pss_params)
+ || !ossl_rsa_pss_params_30_set_hashalg(&pss_params, md_nid)
+ || !ossl_rsa_pss_params_30_set_maskgenhashalg(&pss_params,
+ mgf1md_nid)
+ || !ossl_rsa_pss_params_30_set_saltlen(&pss_params, saltlen)
+ || !ossl_rsa_pss_params_30_set_trailerfield(&pss_params,
+ trailerField))
return 0;
rsa->pss_params = pss_params;
}
@@ -1214,7 +1216,7 @@ static int rsa_int_export_to(const EVP_PKEY *from, int rsa_type,
if (RSA_get0_n(rsa) == NULL || RSA_get0_e(rsa) == NULL)
goto err;
- if (!rsa_todata(rsa, tmpl, NULL))
+ if (!ossl_rsa_todata(rsa, tmpl, NULL))
goto err;
selection |= OSSL_KEYMGMT_SELECT_PUBLIC_KEY;
@@ -1231,11 +1233,12 @@ static int rsa_int_export_to(const EVP_PKEY *from, int rsa_type,
goto err;
md_nid = EVP_MD_type(md);
mgf1md_nid = EVP_MD_type(mgf1md);
- if (!rsa_pss_params_30_set_defaults(&pss_params)
- || !rsa_pss_params_30_set_hashalg(&pss_params, md_nid)
- || !rsa_pss_params_30_set_maskgenhashalg(&pss_params, mgf1md_nid)
- || !rsa_pss_params_30_set_saltlen(&pss_params, saltlen)
- || !rsa_pss_params_30_todata(&pss_params, tmpl, NULL))
+ if (!ossl_rsa_pss_params_30_set_defaults(&pss_params)
+ || !ossl_rsa_pss_params_30_set_hashalg(&pss_params, md_nid)
+ || !ossl_rsa_pss_params_30_set_maskgenhashalg(&pss_params,
+ mgf1md_nid)
+ || !ossl_rsa_pss_params_30_set_saltlen(&pss_params, saltlen)
+ || !ossl_rsa_pss_params_30_todata(&pss_params, tmpl, NULL))
goto err;
selection |= OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS;
}
@@ -1257,7 +1260,7 @@ static int rsa_int_import_from(const OSSL_PARAM params[], void *vpctx,
{
EVP_PKEY_CTX *pctx = vpctx;
EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(pctx);
- RSA *rsa = rsa_new_with_ctx(pctx->libctx);
+ RSA *rsa = ossl_rsa_new_with_ctx(pctx->libctx);
RSA_PSS_PARAMS_30 rsa_pss_params = { 0, };
int ok = 0;
@@ -1269,7 +1272,7 @@ static int rsa_int_import_from(const OSSL_PARAM params[], void *vpctx,
RSA_clear_flags(rsa, RSA_FLAG_TYPE_MASK);
RSA_set_flags(rsa, rsa_type);
- if (!rsa_pss_params_30_fromdata(&rsa_pss_params, params, pctx->libctx))
+ if (!ossl_rsa_pss_params_30_fromdata(&rsa_pss_params, params, pctx->libctx))
goto err;
switch (rsa_type) {
@@ -1278,7 +1281,7 @@ static int rsa_int_import_from(const OSSL_PARAM params[], void *vpctx,
* Were PSS parameters filled in?
* In that case, something's wrong
*/
- if (!rsa_pss_params_30_is_unrestricted(&rsa_pss_params))
+ if (!ossl_rsa_pss_params_30_is_unrestricted(&rsa_pss_params))
goto err;
break;
case RSA_FLAG_TYPE_RSASSAPSS:
@@ -1286,11 +1289,11 @@ static int rsa_int_import_from(const OSSL_PARAM params[], void *vpctx,
* Were PSS parameters filled in? In that case, create the old
* RSA_PSS_PARAMS structure. Otherwise, this is an unrestricted key.
*/
- if (!rsa_pss_params_30_is_unrestricted(&rsa_pss_params)) {
+ if (!ossl_rsa_pss_params_30_is_unrestricted(&rsa_pss_params)) {
/* Create the older RSA_PSS_PARAMS from RSA_PSS_PARAMS_30 data */
- int mdnid = rsa_pss_params_30_hashalg(&rsa_pss_params);
- int mgf1mdnid = rsa_pss_params_30_maskgenhashalg(&rsa_pss_params);
- int saltlen = rsa_pss_params_30_saltlen(&rsa_pss_params);
+ int mdnid = ossl_rsa_pss_params_30_hashalg(&rsa_pss_params);
+ int mgf1mdnid = ossl_rsa_pss_params_30_maskgenhashalg(&rsa_pss_params);
+ int saltlen = ossl_rsa_pss_params_30_saltlen(&rsa_pss_params);
const EVP_MD *md = EVP_get_digestbynid(mdnid);
const EVP_MD *mgf1md = EVP_get_digestbynid(mgf1mdnid);
@@ -1303,7 +1306,7 @@ static int rsa_int_import_from(const OSSL_PARAM params[], void *vpctx,
goto err;
}
- if (!rsa_fromdata(rsa, params))
+ if (!ossl_rsa_fromdata(rsa, params))
goto err;
switch (rsa_type) {
diff --git a/crypto/rsa/rsa_backend.c b/crypto/rsa/rsa_backend.c
index fae09d7067..9279e71857 100644
--- a/crypto/rsa/rsa_backend.c
+++ b/crypto/rsa/rsa_backend.c
@@ -48,7 +48,7 @@ static int collect_numbers(STACK_OF(BIGNUM) *numbers,
return 1;
}
-int rsa_fromdata(RSA *rsa, const OSSL_PARAM params[])
+int ossl_rsa_fromdata(RSA *rsa, const OSSL_PARAM params[])
{
const OSSL_PARAM *param_n, *param_e, *param_d;
BIGNUM *n = NULL, *e = NULL, *d = NULL;
@@ -75,16 +75,16 @@ int rsa_fromdata(RSA *rsa, const OSSL_PARAM params[])
if (is_private) {
if (!collect_numbers(factors = sk_BIGNUM_new_null(), params,
- rsa_mp_factor_names)
+ ossl_rsa_mp_factor_names)
|| !collect_numbers(exps = sk_BIGNUM_new_null(), params,
- rsa_mp_exp_names)
+ ossl_rsa_mp_exp_names)
|| !collect_numbers(coeffs = sk_BIGNUM_new_null(), params,
- rsa_mp_coeff_names))
+ ossl_rsa_mp_coeff_names))
goto err;
/* It's ok if this private key just has n, e and d */
if (sk_BIGNUM_num(factors) != 0
- && !rsa_set0_all_params(rsa, factors, exps, coeffs))
+ && !ossl_rsa_set0_all_params(rsa, factors, exps, coeffs))
goto err;
}
@@ -106,7 +106,7 @@ int rsa_fromdata(RSA *rsa, const OSSL_PARAM params[])
DEFINE_SPECIAL_STACK_OF_CONST(BIGNUM_const, BIGNUM)
-int rsa_todata(RSA *rsa, OSSL_PARAM_BLD *bld, OSSL_PARAM params[])
+int ossl_rsa_todata(RSA *rsa, OSSL_PARAM_BLD *bld, OSSL_PARAM params[])
{
int ret = 0;
const BIGNUM *rsa_d = NULL, *rsa_n = NULL, *rsa_e = NULL;
@@ -118,7 +118,7 @@ int rsa_todata(RSA *rsa, OSSL_PARAM_BLD *bld, OSSL_PARAM params[])
goto err;
RSA_get0_key(rsa, &rsa_n, &rsa_e, &rsa_d);
- rsa_get0_all_params(rsa, factors, exps, coeffs);
+ ossl_rsa_get0_all_params(rsa, factors, exps, coeffs);
if (!ossl_param_build_set_bn(bld, params, OSSL_PKEY_PARAM_RSA_N, rsa_n)
|| !ossl_param_build_set_bn(bld, params, OSSL_PKEY_PARAM_RSA_E, rsa_e))
@@ -142,11 +142,13 @@ int rsa_todata(RSA *rsa, OSSL_PARAM_BLD *bld, OSSL_PARAM params[])
if (!ossl_param_build_set_bn(bld, params, OSSL_PKEY_PARAM_RSA_D,
rsa_d)
|| !ossl_param_build_set_multi_key_bn(bld, params,
- rsa_mp_factor_names, factors)
+ ossl_rsa_mp_factor_names,
+ factors)
|| !ossl_param_build_set_multi_key_bn(bld, params,
- rsa_mp_exp_names, exps)
+ ossl_rsa_mp_exp_names, exps)
|| !ossl_param_build_set_multi_key_bn(bld, params,
- rsa_mp_coeff_names, coeffs))
+ ossl_rsa_mp_coeff_names,
+ coeffs))
goto err;
}
@@ -163,26 +165,27 @@ int rsa_todata(RSA *rsa, OSSL_PARAM_BLD *bld, OSSL_PARAM params[])
return ret;
}
-int rsa_pss_params_30_todata(const RSA_PSS_PARAMS_30 *pss,
- OSSL_PARAM_BLD *bld, OSSL_PARAM params[])
+int ossl_rsa_pss_params_30_todata(const RSA_PSS_PARAMS_30 *pss,
+ OSSL_PARAM_BLD *bld, OSSL_PARAM params[])
{
- if (!rsa_pss_params_30_is_unrestricted(pss)) {
- int hashalg_nid = rsa_pss_params_30_hashalg(pss);
- int maskgenalg_nid = rsa_pss_params_30_maskgenalg(pss);
- int maskgenhashalg_nid = rsa_pss_params_30_maskgenhashalg(pss);
- int saltlen = rsa_pss_params_30_saltlen(pss);
- int default_hashalg_nid = rsa_pss_params_30_hashalg(NULL);
- int default_maskgenalg_nid = rsa_pss_params_30_maskgenalg(NULL);
- int default_maskgenhashalg_nid = rsa_pss_params_30_maskgenhashalg(NULL);
+ if (!ossl_rsa_pss_params_30_is_unrestricted(pss)) {
+ int hashalg_nid = ossl_rsa_pss_params_30_hashalg(pss);
+ int maskgenalg_nid = ossl_rsa_pss_params_30_maskgenalg(pss);
+ int maskgenhashalg_nid = ossl_rsa_pss_params_30_maskgenhashalg(pss);
+ int saltlen = ossl_rsa_pss_params_30_saltlen(pss);
+ int default_hashalg_nid = ossl_rsa_pss_params_30_hashalg(NULL);
+ int default_maskgenalg_nid = ossl_rsa_pss_params_30_maskgenalg(NULL);
+ int default_maskgenhashalg_nid =
+ ossl_rsa_pss_params_30_maskgenhashalg(NULL);
const char *mdname =
(hashalg_nid == default_hashalg_nid
- ? NULL : rsa_oaeppss_nid2name(hashalg_nid));
+ ? NULL : ossl_rsa_oaeppss_nid2name(hashalg_nid));
const char *mgfname =
(maskgenalg_nid == default_maskgenalg_nid
- ? NULL : rsa_oaeppss_nid2name(maskgenalg_nid));
+ ? NULL : ossl_rsa_oaeppss_nid2name(maskgenalg_nid));
const char *mgf1mdname =
(maskgenhashalg_nid == default_maskgenhashalg_nid
- ? NULL : rsa_oaeppss_nid2name(maskgenhashalg_nid));
+ ? NULL : ossl_rsa_oaeppss_nid2name(maskgenhashalg_nid));
const char *key_md = OSSL_PKEY_PARAM_RSA_DIGEST;
const char *key_mgf = OSSL_PKEY_PARAM_RSA_MASKGENFUNC;
const char *key_mgf1_md = OSSL_PKEY_PARAM_RSA_MGF1_DIGEST;
@@ -207,8 +210,9 @@ int rsa_pss_params_30_todata(const RSA_PSS_PARAMS_30 *pss,
return 1;
}
-int rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params,
- const OSSL_PARAM params[], OPENSSL_CTX *libctx)
+int ossl_rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params,
+ const OSSL_PARAM params[],
+ OPENSSL_CTX *libctx)
{
const OSSL_PARAM *param_md, *param_mgf, *param_mgf1md, *param_saltlen;
const OSSL_PARAM *param_propq;
@@ -241,11 +245,11 @@ int rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params,
*/
if (param_md != NULL || param_mgf != NULL || param_mgf1md != NULL
|| param_saltlen != NULL)
- if (!rsa_pss_params_30_set_defaults(pss_params))
+ if (!ossl_rsa_pss_params_30_set_defaults(pss_params))
return 0;
if (param_mgf != NULL) {
- int default_maskgenalg_nid = rsa_pss_params_30_maskgenalg(NULL);
+ int default_maskgenalg_nid = ossl_rsa_pss_params_30_maskgenalg(NULL);
const char *mgfname = NULL;
if (param_mgf->data_type == OSSL_PARAM_UTF8_STRING)
@@ -255,7 +259,7 @@ int rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params,
/* TODO Revisit this if / when a new MGF algorithm appears */
if (strcasecmp(param_mgf->data,
- rsa_mgf_nid2name(default_maskgenalg_nid)) != 0)
+ ossl_rsa_mgf_nid2name(default_maskgenalg_nid)) != 0)
return 0;
}
@@ -273,8 +277,8 @@ int rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params,
goto err;
if ((md = EVP_MD_fetch(libctx, mdname, propq)) == NULL
- || !rsa_pss_params_30_set_hashalg(pss_params,
- rsa_oaeppss_md2nid(md)))
+ || !ossl_rsa_pss_params_30_set_hashalg(pss_params,
+ ossl_rsa_oaeppss_md2nid(md)))
goto err;
}
@@ -287,14 +291,14 @@ int rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params,
goto err;
if ((mgf1md = EVP_MD_fetch(libctx, mgf1mdname, propq)) == NULL
- || !rsa_pss_params_30_set_maskgenhashalg(pss_params,
- rsa_oaeppss_md2nid(mgf1md)))
+ || !ossl_rsa_pss_params_30_set_maskgenhashalg(
+ pss_params, ossl_rsa_oaeppss_md2nid(mgf1md)))
goto err;
}
if (param_saltlen != NULL) {
if (!OSSL_PARAM_get_int(param_saltlen, &saltlen)
- || !rsa_pss_params_30_set_saltlen(pss_params, saltlen))
+ || !ossl_rsa_pss_params_30_set_saltlen(pss_params, saltlen))
goto err;
}
diff --git a/crypto/rsa/rsa_chk.c b/crypto/rsa/rsa_chk.c
index 0bbb6dac03..5a0ef7679b 100644
--- a/crypto/rsa/rsa_chk.c
+++ b/crypto/rsa/rsa_chk.c
@@ -230,20 +230,20 @@ static int rsa_validate_keypair_multiprime(const RSA *key, BN_GENCB *cb)
}
#endif /* FIPS_MODULE */
-int rsa_validate_public(const RSA *key)
+int ossl_rsa_validate_public(const RSA *key)
{
- return rsa_sp800_56b_check_public(key);
+ return ossl_rsa_sp800_56b_check_public(key);
}
-int rsa_validate_private(const RSA *key)
+int ossl_rsa_validate_private(const RSA *key)
{
- return rsa_sp800_56b_check_private(key);
+ return ossl_rsa_sp800_56b_check_private(key);
}
-int rsa_validate_pairwise(const RSA *key)
+int ossl_rsa_validate_pairwise(const RSA *key)
{
#ifdef FIPS_MODULE
- return rsa_sp800_56b_check_keypair(key, NULL, -1, RSA_bits(key));
+ return ossl_rsa_sp800_56b_check_keypair(key, NULL, -1, RSA_bits(key));
#else
return rsa_validate_keypair_multiprime(key, NULL);
#endif
@@ -257,9 +257,9 @@ int RSA_check_key(const RSA *key)
int RSA_check_key_ex(const RSA *key, BN_GENCB *cb)
{
#ifdef FIPS_MODULE
- return rsa_validate_public(key)
- && rsa_validate_private(key)
- && rsa_validate_pairwise(key);
+ return ossl_rsa_validate_public(key)
+ && ossl_rsa_validate_private(key)
+ && ossl_rsa_validate_pairwise(key);
#else
return rsa_validate_keypair_multiprime(key, cb);
#endif /* FIPS_MODULE */
diff --git a/crypto/rsa/rsa_gen.c b/crypto/rsa/rsa_gen.c
index dc4ec0a8d3..58c7806ffd 100644
--- a/crypto/rsa/rsa_gen.c
+++ b/crypto/rsa/rsa_gen.c
@@ -92,7 +92,7 @@ static int rsa_multiprime_keygen(RSA *rsa, int bits, int primes,
}
/* A bad value for e can cause infinite loops */
- if (e_value != NULL && !rsa_check_public_exponent(e_value)) {
+ if (e_value != NULL && !ossl_rsa_check_public_exponent(e_value)) {
RSAerr(0, RSA_R_PUB_EXPONENT_OUT_OF_RANGE);
return 0;
}
@@ -429,7 +429,7 @@ static int rsa_keygen(OPENSSL_CTX *libctx, RSA *rsa, int bits, int primes,
* the older rsa_multiprime_keygen().
*/
if (primes == 2 && bits >= 2048)
- ok = rsa_sp800_56b_generate_key(rsa, bits, e_value, cb);
+ ok = ossl_rsa_sp800_56b_generate_key(rsa, bits, e_value, cb);
#ifndef FIPS_MODULE
else
ok = rsa_multiprime_keygen(rsa, bits, primes, e_value, cb);
diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c
index 475fca0f89..a73df12dc6 100644
--- a/crypto/rsa/rsa_lib.c
+++ b/crypto/rsa/rsa_lib.c
@@ -66,7 +66,7 @@ RSA *RSA_new_method(ENGINE *engine)
}
#endif
-RSA *rsa_new_with_ctx(OPENSSL_CTX *libctx)
+RSA *ossl_rsa_new_with_ctx(OPENSSL_CTX *libctx)
{
return rsa_new_intern(NULL, libctx);
}
@@ -189,7 +189,7 @@ int RSA_up_ref(RSA *r)
return i > 1 ? 1 : 0;
}
-OPENSSL_CTX *rsa_get0_libctx(RSA *r)
+OPENSSL_CTX *ossl_rsa_get0_libctx(RSA *r)
{
return r->libctx;
}
@@ -654,7 +654,7 @@ const RSA_PSS_PARAMS *RSA_get0_pss_params(const RSA *r)
}
/* Internal */
-RSA_PSS_PARAMS_30 *rsa_get0_pss_params_30(RSA *r)
+RSA_PSS_PARAMS_30 *ossl_rsa_get0_pss_params_30(RSA *r)
{
return &r->pss_params;
}
@@ -699,9 +699,9 @@ int RSA_pkey_ctx_ctrl(EVP_PKEY_CTX *ctx, int optype, int cmd, int p1, void *p2)
DEFINE_STACK_OF(BIGNUM)
-int rsa_set0_all_params(RSA *r, const STACK_OF(BIGNUM) *primes,
- const STACK_OF(BIGNUM) *exps,
- const STACK_OF(BIGNUM) *coeffs)
+int ossl_rsa_set0_all_params(RSA *r, const STACK_OF(BIGNUM) *primes,
+ const STACK_OF(BIGNUM) *exps,
+ const STACK_OF(BIGNUM) *coeffs)
{
#ifndef FIPS_MODULE
STACK_OF(RSA_PRIME_INFO) *prime_infos, *old_infos = NULL;
@@ -797,9 +797,9 @@ int rsa_set0_all_params(RSA *r, const STACK_OF(BIGNUM) *primes,
DEFINE_SPECIAL_STACK_OF_CONST(BIGNUM_const, BIGNUM)
-int rsa_get0_all_params(RSA *r, STACK_OF(BIGNUM_const) *primes,
- STACK_OF(BIGNUM_const) *exps,
- STACK_OF(BIGNUM_const) *coeffs)
+int ossl_rsa_get0_all_params(RSA *r, STACK_OF(BIGNUM_const) *primes,
+ STACK_OF(BIGNUM_const) *exps,
+ STACK_OF(BIGNUM_const) *coeffs)
{
#ifndef FIPS_MODULE
RSA_PRIME_INFO *pinfo;
diff --git a/crypto/rsa/rsa_local.h b/crypto/rsa/rsa_local.h
index cc03132d17..f5c6be31a9 100644
--- a/crypto/rsa/rsa_local.h
+++ b/crypto/rsa/rsa_local.h
@@ -169,37 +169,38 @@ RSA_PRIME_INFO *rsa_multip_info_new(void);
int rsa_multip_calc_product(RSA *rsa);
int rsa_multip_cap(int bits);
-int rsa_sp800_56b_validate_strength(int nbits, int strength);
-int rsa_check_pminusq_diff(BIGNUM *diff, const BIGNUM *p, const BIGNUM *q,
- int nbits);
-int rsa_get_lcm(BN_CTX *ctx, const BIGNUM *p, const BIGNUM *q,
- BIGNUM *lcm, BIGNUM *gcd, BIGNUM *p1, BIGNUM *q1,
- BIGNUM *p1q1);
-
-int rsa_check_public_exponent(const BIGNUM *e);
-int rsa_check_private_exponent(const RSA *rsa, int nbits, BN_CTX *ctx);
-int rsa_check_prime_factor(BIGNUM *p, BIGNUM *e, int nbits, BN_CTX *ctx);
-int rsa_check_prime_factor_range(const BIGNUM *p, int nbits, BN_CTX *ctx);
-int rsa_check_crt_components(const RSA *rsa, BN_CTX *ctx);
-
-int rsa_sp800_56b_pairwise_test(RSA *rsa, BN_CTX *ctx);
-int rsa_sp800_56b_check_public(const RSA *rsa);
-int rsa_sp800_56b_check_private(const RSA *rsa);
-int rsa_sp800_56b_check_keypair(const RSA *rsa, const BIGNUM *efixed,
- int strength, int nbits);
-int rsa_sp800_56b_generate_key(RSA *rsa, int nbits, const BIGNUM *efixed,
- BN_GENCB *cb);
-
-int rsa_sp800_56b_derive_params_from_pq(RSA *rsa, int nbits,
- const BIGNUM *e, BN_CTX *ctx);
-int rsa_fips186_4_gen_prob_primes(RSA *rsa, RSA_ACVP_TEST *test,
- int nbits, const BIGNUM *e, BN_CTX *ctx,
- BN_GENCB *cb);
-
-int rsa_padding_add_SSLv23_ex(OPENSSL_CTX *libctx, unsigned char *to, int tlen,
- const unsigned char *from, int flen);
-int rsa_padding_add_PKCS1_type_2_ex(OPENSSL_CTX *libctx, unsigned char *to,
- int tlen, const unsigned char *from,
- int flen);
+int ossl_rsa_sp800_56b_validate_strength(int nbits, int strength);
+int ossl_rsa_check_pminusq_diff(BIGNUM *diff, const BIGNUM *p, const BIGNUM *q,
+ int nbits);
+int ossl_rsa_get_lcm(BN_CTX *ctx, const BIGNUM *p, const BIGNUM *q,
+ BIGNUM *lcm, BIGNUM *gcd, BIGNUM *p1, BIGNUM *q1,
+ BIGNUM *p1q1);
+
+int ossl_rsa_check_public_exponent(const BIGNUM *e);
+int ossl_rsa_check_private_exponent(const RSA *rsa, int nbits, BN_CTX *ctx);
+int ossl_rsa_check_prime_factor(BIGNUM *p, BIGNUM *e, int nbits, BN_CTX *ctx);
+int ossl_rsa_check_prime_factor_range(const BIGNUM *p, int nbits, BN_CTX *ctx);
+int ossl_rsa_check_crt_components(const RSA *rsa, BN_CTX *ctx);
+
+int ossl_rsa_sp800_56b_pairwise_test(RSA *rsa, BN_CTX *ctx);
+int ossl_rsa_sp800_56b_check_public(const RSA *rsa);
+int ossl_rsa_sp800_56b_check_private(const RSA *rsa);
+int ossl_rsa_sp800_56b_check_keypair(const RSA *rsa, const BIGNUM *efixed,
+ int strength, int nbits);
+int ossl_rsa_sp800_56b_generate_key(RSA *rsa, int nbits, const BIGNUM *efixed,
+ BN_GENCB *cb);
+
+int ossl_rsa_sp800_56b_derive_params_from_pq(RSA *rsa, int nbits,
+ const BIGNUM *e, BN_CTX *ctx);
+int ossl_rsa_fips186_4_gen_prob_primes(RSA *rsa, RSA_ACVP_TEST *test,
+ int nbits, const BIGNUM *e, BN_CTX *ctx,
+ BN_GENCB *cb);
+
+int ossl_rsa_padding_add_SSLv23_ex(OPENSSL_CTX *libctx, unsigned char *to,
+ int tlen, const unsigned char *from,
+ int flen);
+int ossl_rsa_padding_add_PKCS1_type_2_ex(OPENSSL_CTX *libctx, unsigned char *to,
+ int tlen, const unsigned char *from,
+ int flen);
#endif /* OSSL_CRYPTO_RSA_LOCAL_H */
diff --git a/crypto/rsa/rsa_mp_names.c b/crypto/rsa/rsa_mp_names.c
index 2fb1f53c43..8291b79e7a 100644
--- a/crypto/rsa/rsa_mp_names.c
+++ b/crypto/rsa/rsa_mp_names.c
@@ -20,7 +20,7 @@
* A fixed table of names for the RSA prime factors starting with
* P,Q and up to 8 additional primes.
*/
-const char *rsa_mp_factor_names[] = {
+const char *ossl_rsa_mp_factor_names[] = {
OSSL_PKEY_PARAM_RSA_FACTOR1,
OSSL_PKEY_PARAM_RSA_FACTOR2,
#ifndef FIPS_MODULE
@@ -40,7 +40,7 @@ const char *rsa_mp_factor_names[] = {
* A fixed table of names for the RSA exponents starting with
* DP,DQ and up to 8 additional exponents.
*/
-const char *rsa_mp_exp_names[] = {
+const char *ossl_rsa_mp_exp_names[] = {
OSSL_PKEY_PARAM_RSA_EXPONENT1,
OSSL_PKEY_PARAM_RSA_EXPONENT2,
#ifndef FIPS_MODULE
@@ -60,7 +60,7 @@ const char *rsa_mp_exp_names[] = {
* A fixed table of names for the RSA coefficients starting with
* QINV and up to 8 additional exponents.
*/
-const char *rsa_mp_coeff_names[] = {
+const char *ossl_rsa_mp_coeff_names[] = {
OSSL_PKEY_PARAM_RSA_COEFFICIENT1,
#ifndef FIPS_MODULE
OSSL_PKEY_PARAM_RSA_COEFFICIENT2,
diff --git a/crypto/rsa/rsa_oaep.c b/crypto/rsa/rsa_oaep.c
index ea9ce0dee4..17200e787a 100644
--- a/crypto/rsa/rsa_oaep.c
+++ b/crypto/rsa/rsa_oaep.c
@@ -40,8 +40,8 @@ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
const unsigned char *from, int flen,
const unsigned char *param, int plen)
{
- return rsa_padding_add_PKCS1_OAEP_mgf1_ex(NULL, to, tlen, from, flen, param,
- plen, NULL, NULL);
+ return ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex(NULL, to, tlen, from, flen,
+ param, plen, NULL, NULL);
}
/*
@@ -51,11 +51,12 @@ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
* Step numbers are included here but not in the constant time inverse below
* to avoid complicating an already difficult enough function.
*/
-int rsa_padding_add_PKCS1_OAEP_mgf1_ex(OPENSSL_CTX *libctx, unsigned char *to,
- int tlen, const unsigned char *from,
- int flen, const unsigned char *param,
- int plen, const EVP_MD *md,
- const EVP_MD *mgf1md)
+int ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex(OPENSSL_CTX *libctx,
+ unsigned char *to, int tlen,
+ const unsigned char *from, int flen,
+ const unsigned char *param,
+ int plen, const EVP_MD *md,
+ const EVP_MD *mgf1md)
{
int rv = 0;
int i, emlen = tlen - 1;
@@ -138,8 +139,8 @@ int RSA_padding_add_PKCS1_OAEP_mgf1(unsigned char *to, int tlen,
const unsigned char *param, int plen,
const EVP_MD *md, const EVP_MD *mgf1md)
{
- return rsa_padding_add_PKCS1_OAEP_mgf1_ex(NULL, to, tlen, from, flen, param,
- plen, md, mgf1md);
+ return ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex(NULL, to, tlen, from, flen,
+ param, plen, md, mgf1md);
}
int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
diff --git a/crypto/rsa/rsa_ossl.c b/crypto/rsa/rsa_ossl.c
index d1e8535226..139fb16268 100644
--- a/crypto/rsa/rsa_ossl.c
+++ b/crypto/rsa/rsa_ossl.c
@@ -111,15 +111,17 @@ static int rsa_ossl_public_encrypt(int flen, const unsigned char *from,
switch (padding) {
case RSA_PKCS1_PADDING:
- i = rsa_padding_add_PKCS1_type_2_ex(rsa->libctx, buf, num, from, flen);
+ i = ossl_rsa_padding_add_PKCS1_type_2_ex(rsa->libctx, buf, num,
+ from, flen);
break;
case RSA_PKCS1_OAEP_PADDING:
- i = rsa_padding_add_PKCS1_OAEP_mgf1_ex(rsa->libctx, buf, num, from,
- flen, NULL, 0, NULL, NULL);
+ i = ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex(rsa->libctx, buf, num,
+ from, flen, NULL, 0,
+ NULL, NULL);
break;
#ifndef FIPS_MODULE
case RSA_SSLV23_PADDING:
- i = rsa_padding_add_SSLv23_ex(rsa->libctx, buf, num, from, flen);
+ i = ossl_rsa_padding_add_SSLv23_ex(rsa->libctx, buf, num, from, flen);
break;
#endif
case RSA_NO_PADDING:
diff --git a/crypto/rsa/rsa_pk1.c b/crypto/rsa/rsa_pk1.c
index 05c2933407..64f6864740 100644
--- a/crypto/rsa/rsa_pk1.c
+++ b/crypto/rsa/rsa_pk1.c
@@ -124,9 +124,9 @@ int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen,
return j;
}
-int rsa_padding_add_PKCS1_type_2_ex(OPENSSL_CTX *libctx, unsigned char *to,
- int tlen, const unsigned char *from,
- int flen)
+int ossl_rsa_padding_add_PKCS1_type_2_ex(OPENSSL_CTX *libctx, unsigned char *to,
+ int tlen, const unsigned char *from,
+ int flen)
{
int i, j;
unsigned char *p;
@@ -164,7 +164,7 @@ int rsa_padding_add_PKCS1_type_2_ex(OPENSSL_CTX *libctx, unsigned char *to,
int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
const unsigned char *from, int flen)
{
- return rsa_padding_add_PKCS1_type_2_ex(NULL, to, tlen, from, flen);
+ return ossl_rsa_padding_add_PKCS1_type_2_ex(NULL, to, tlen, from, flen);
}
int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
@@ -278,7 +278,7 @@ int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
}
/*
- * rsa_padding_check_PKCS1_type_2_TLS() checks and removes the PKCS1 type 2
+ * ossl_rsa_padding_check_PKCS1_type_2_TLS() checks and removes the PKCS1 type 2
* padding from a decrypted RSA message in a TLS signature. The result is stored
* in the buffer pointed to by |to| which should be |tlen| bytes long. |tlen|
* must be at least SSL_MAX_MASTER_KEY_LENGTH. The original decrypted message
@@ -298,10 +298,11 @@ int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
* decrypted data will be randomly generated (as per
* https://tools.ietf.org/html/rfc5246#section-7.4.7.1).
*/
-int rsa_padding_check_PKCS1_type_2_TLS(OPENSSL_CTX *libctx, unsigned char *to,
- size_t tlen, const unsigned char *from,
- size_t flen, int client_version,
- int alt_version)
+int ossl_rsa_padding_check_PKCS1_type_2_TLS(OPENSSL_CTX *libctx,
+ unsigned char *to, size_t tlen,
+ const unsigned char *from,
+ size_t flen, int client_version,
+ int alt_version)
{
unsigned int i, good, version_good;
unsigned char rand_premaster_secret[SSL_MAX_MASTER_KEY_LENGTH];
diff --git a/crypto/rsa/rsa_pmeth.c b/crypto/rsa/rsa_pmeth.c
index 261f347a2d..edaa769a6f 100644
--- a/crypto/rsa/rsa_pmeth.c
+++ b/crypto/rsa/rsa_pmeth.c
@@ -798,7 +798,7 @@ static const EVP_PKEY_METHOD rsa_pkey_meth = {
pkey_rsa_ctrl_str
};
-const EVP_PKEY_METHOD *rsa_pkey_method(void)
+const EVP_PKEY_METHOD *ossl_rsa_pkey_method(void)
{
return &rsa_pkey_meth;
}
@@ -874,7 +874,7 @@ static const EVP_PKEY_METHOD rsa_pss_pkey_meth = {
pkey_rsa_ctrl_str
};
-const EVP_PKEY_METHOD *rsa_pss_pkey_method(void)
+const EVP_PKEY_METHOD *ossl_rsa_pss_pkey_method(void)
{
return &rsa_pss_pkey_meth;
}
diff --git a/crypto/rsa/rsa_pss.c b/crypto/rsa/rsa_pss.c
index a5bcdfe1ff..e3a548d2e3 100644
--- a/crypto/rsa/rsa_pss.c
+++ b/crypto/rsa/rsa_pss.c
@@ -288,7 +288,7 @@ static const RSA_PSS_PARAMS_30 default_RSASSA_PSS_params = {
1 /* default trailerField (0xBC) */
};
-int rsa_pss_params_30_set_defaults(RSA_PSS_PARAMS_30 *rsa_pss_params)
+int ossl_rsa_pss_params_30_set_defaults(RSA_PSS_PARAMS_30 *rsa_pss_params)
{
if (rsa_pss_params == NULL)
return 0;
@@ -296,7 +296,7 @@ int rsa_pss_params_30_set_defaults(RSA_PSS_PARAMS_30 *rsa_pss_params)
return 1;
}
-int rsa_pss_params_30_is_unrestricted(const RSA_PSS_PARAMS_30 *rsa_pss_params)
+int ossl_rsa_pss_params_30_is_unrestricted(const RSA_PSS_PARAMS_30 *rsa_pss_params)
{
static RSA_PSS_PARAMS_30 pss_params_cmp = { 0, };
@@ -305,15 +305,15 @@ int rsa_pss_params_30_is_unrestricted(const RSA_PSS_PARAMS_30 *rsa_pss_params)
sizeof(*rsa_pss_params)) == 0;
}
-int rsa_pss_params_30_copy(RSA_PSS_PARAMS_30 *to,
- const RSA_PSS_PARAMS_30 *from)
+int ossl_rsa_pss_params_30_copy(RSA_PSS_PARAMS_30 *to,
+ const RSA_PSS_PARAMS_30 *from)
{
memcpy(to, from, sizeof(*to));
return 1;
}
-int rsa_pss_params_30_set_hashalg(RSA_PSS_PARAMS_30 *rsa_pss_params,
- int hashalg_nid)
+int ossl_rsa_pss_params_30_set_hashalg(RSA_PSS_PARAMS_30 *rsa_pss_params,
+ int hashalg_nid)
{
if (rsa_pss_params == NULL)
return 0;
@@ -321,8 +321,8 @@ int rsa_pss_params_30_set_hashalg(RSA_PSS_PARAMS_30 *rsa_pss_params,
return 1;
}
-int rsa_pss_params_30_set_maskgenalg(RSA_PSS_PARAMS_30 *rsa_pss_params,
- int maskgenalg_nid)
+int ossl_rsa_pss_params_30_set_maskgenalg(RSA_PSS_PARAMS_30 *rsa_pss_params,
+ int maskgenalg_nid)
{
if (rsa_pss_params == NULL)
return 0;
@@ -330,8 +330,8 @@ int rsa_pss_params_30_set_maskgenalg(RSA_PSS_PARAMS_30 *rsa_pss_params,
return 1;
}
-int rsa_pss_params_30_set_maskgenhashalg(RSA_PSS_PARAMS_30 *rsa_pss_params,
- int maskgenhashalg_nid)
+int ossl_rsa_pss_params_30_set_maskgenhashalg(RSA_PSS_PARAMS_30 *rsa_pss_params,
+ int maskgenhashalg_nid)
{
if (rsa_pss_params == NULL)
return 0;
@@ -339,8 +339,8 @@ int rsa_pss_params_30_set_maskgenhashalg(RSA_PSS_PARAMS_30 *rsa_pss_params,
return 1;
}
-int rsa_pss_params_30_set_saltlen(RSA_PSS_PARAMS_30 *rsa_pss_params,
- int saltlen)
+int ossl_rsa_pss_params_30_set_saltlen(RSA_PSS_PARAMS_30 *rsa_pss_params,
+ int saltlen)
{
if (rsa_pss_params == NULL)
return 0;
@@ -348,8 +348,8 @@ int rsa_pss_params_30_set_saltlen(RSA_PSS_PARAMS_30 *rsa_pss_params,
return 1;
}
-int rsa_pss_params_30_set_trailerfield(RSA_PSS_PARAMS_30 *rsa_pss_params,
- int trailerfield)
+int ossl_rsa_pss_params_30_set_trailerfield(RSA_PSS_PARAMS_30 *rsa_pss_params,
+ int trailerfield)
{
if (rsa_pss_params == NULL)
return 0;
@@ -357,35 +357,35 @@ int rsa_pss_params_30_set_trailerfield(RSA_PSS_PARAMS_30 *rsa_pss_params,
return 1;
}
-int rsa_pss_params_30_hashalg(const RSA_PSS_PARAMS_30 *rsa_pss_params)
+int ossl_rsa_pss_params_30_hashalg(const RSA_PSS_PARAMS_30 *rsa_pss_params)
{
if (rsa_pss_params == NULL)
return default_RSASSA_PSS_params.hash_algorithm_nid;
return rsa_pss_params->hash_algorithm_nid;
}
-int rsa_pss_params_30_maskgenalg(const RSA_PSS_PARAMS_30 *rsa_pss_params)
+int ossl_rsa_pss_params_30_maskgenalg(const RSA_PSS_PARAMS_30 *rsa_pss_params)
{
if (rsa_pss_params == NULL)
return default_RSASSA_PSS_params.mask_gen.algorithm_nid;
return rsa_pss_params->mask_gen.algorithm_nid;
}
-int rsa_pss_params_30_maskgenhashalg(const RSA_PSS_PARAMS_30 *rsa_pss_params)
+int ossl_rsa_pss_params_30_maskgenhashalg(const RSA_PSS_PARAMS_30 *rsa_pss_params)
{
if (rsa_pss_params == NULL)
return default_RSASSA_PSS_params.hash_algorithm_nid;
return rsa_pss_params->mask_gen.hash_algorithm_nid;
}
-int rsa_pss_params_30_saltlen(const RSA_PSS_PARAMS_30 *rsa_pss_params)
+int ossl_rsa_pss_params_30_saltlen(const RSA_PSS_PARAMS_30 *rsa_pss_params)
{
if (rsa_pss_params == NULL)
return default_RSASSA_PSS_params.salt_len;
return rsa_pss_params->salt_len;
}
-int rsa_pss_params_30_trailerfield(const RSA_PSS_PARAMS_30 *rsa_pss_params)
+int ossl_rsa_pss_params_30_trailerfield(const RSA_PSS_PARAMS_30 *rsa_pss_params)
{
if (rsa_pss_params == NULL)
return default_RSASSA_PSS_params.trailer_field;
diff --git a/crypto/rsa/rsa_schemes.c b/crypto/rsa/rsa_schemes.c
index 7a54296a59..98ab13956d 100644
--- a/crypto/rsa/rsa_schemes.c
+++ b/crypto/rsa/rsa_schemes.c
@@ -67,18 +67,18 @@ static int md_is_a(const void *md, const char *name)
return EVP_MD_is_a(md, name);
}
-int rsa_oaeppss_md2nid(const EVP_MD *md)
+int ossl_rsa_oaeppss_md2nid(const EVP_MD *md)
{
return meth2nid(md, md_is_a,
oaeppss_name_nid_map, OSSL_NELEM(oaeppss_name_nid_map));
}
-const char *rsa_oaeppss_nid2name(int md)
+const char *ossl_rsa_oaeppss_nid2name(int md)
{
return nid2name(md, oaeppss_name_nid_map, OSSL_NELEM(oaeppss_name_nid_map));
}
-const char *rsa_mgf_nid2name(int mgf)
+const char *ossl_rsa_mgf_nid2name(int mgf)
{
if (mgf == NID_mgf1)
return SN_mgf1;
diff --git a/crypto/rsa/rsa_sign.c b/crypto/rsa/rsa_sign.c
index e3425b9e36..bef062d1bd 100644
--- a/crypto/rsa/rsa_sign.c
+++ b/crypto/rsa/rsa_sign.c
@@ -150,7 +150,7 @@ ENCODE_DIGESTINFO_SHA(sha3_512, 0x0a, SHA512_DIGEST_LENGTH)
*len = sizeof(digestinfo_##name##_der); \
return digestinfo_##name##_der;
-const unsigned char *rsa_digestinfo_encoding(int md_nid, size_t *len)
+const unsigned char *ossl_rsa_digestinfo_encoding(int md_nid, size_t *len)
{
switch (md_nid) {
#ifndef FIPS_MODULE
@@ -250,7 +250,7 @@ static int encode_pkcs1(unsigned char **out, size_t *out_len, int type,
RSAerr(RSA_F_ENCODE_PKCS1, RSA_R_UNKNOWN_ALGORITHM_TYPE);
return 0;
}
- di_prefix = rsa_digestinfo_encoding(type, &di_prefix_len);
+ di_prefix = ossl_rsa_digestinfo_encoding(type, &di_prefix_len);
if (di_prefix == NULL) {
RSAerr(RSA_F_ENCODE_PKCS1,
RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD);
diff --git a/crypto/rsa/rsa_sp800_56b_check.c b/crypto/rsa/rsa_sp800_56b_check.c
index 9840d08285..2cdc2fa5e6 100644
--- a/crypto/rsa/rsa_sp800_56b_check.c
+++ b/crypto/rsa/rsa_sp800_56b_check.c
@@ -21,7 +21,7 @@
* 6.4.1.2.3: rsakpv1-crt Step 7
* 6.4.1.3.3: rsakpv2-crt Step 7
*/
-int rsa_check_crt_components(const RSA *rsa, BN_CTX *ctx)
+int ossl_rsa_check_crt_components(const RSA *rsa, BN_CTX *ctx)
{
int ret = 0;
BIGNUM *r = NULL, *p1 = NULL, *q1 = NULL;
@@ -85,7 +85,7 @@ int rsa_check_crt_components(const RSA *rsa, BN_CTX *ctx)
*
* (√2)(2^(nbits/2 - 1) = (√2/2)(2^(nbits/2))
*/
-int rsa_check_prime_factor_range(const BIGNUM *p, int nbits, BN_CTX *ctx)
+int ossl_rsa_check_prime_factor_range(const BIGNUM *p, int nbits, BN_CTX *ctx)
{
int ret = 0;
BIGNUM *low;
@@ -133,7 +133,7 @@ err:
*
* See SP800-56Br1 6.4.1.2.3 Step 5 (a to d) & (e to h).
*/
-int rsa_check_prime_factor(BIGNUM *p, BIGNUM *e, int nbits, BN_CTX *ctx)
+int ossl_rsa_check_prime_factor(BIGNUM *p, BIGNUM *e, int nbits, BN_CTX *ctx)
{
int ret = 0;
BIGNUM *p1 = NULL, *gcd = NULL;
@@ -141,7 +141,7 @@ int rsa_check_prime_factor(BIGNUM *p, BIGNUM *e, int nbits, BN_CTX *ctx)
/* (Steps 5 a-b) prime test */
if (BN_check_prime(p, ctx, NULL) != 1
/* (Step 5c) (√2)(2^(nbits/2 - 1) <= p <= 2^(nbits/2 - 1) */
- || rsa_check_prime_factor_range(p, nbits, ctx) != 1)
+ || ossl_rsa_check_prime_factor_range(p, nbits, ctx) != 1)
return 0;
BN_CTX_start(ctx);
@@ -172,7 +172,7 @@ int rsa_check_prime_factor(BIGNUM *p, BIGNUM *e, int nbits, BN_CTX *ctx)
* (Step 6a) 2^(nBit/2) < d < LCM(p–1, q–1).
* (Step 6b) 1 = (d*e) mod LCM(p–1, q–1)
*/
-int rsa_check_private_exponent(const RSA *rsa, int nbits, BN_CTX *ctx)
+int ossl_rsa_check_private_exponent(const RSA *rsa, int nbits, BN_CTX *ctx)
{
int ret;
BIGNUM *r, *p1, *q1, *lcm, *p1q1, *gcd;
@@ -201,7 +201,8 @@ int rsa_check_private_exponent(const RSA *rsa, int nbits, BN_CTX *ctx)
}
ret = (ret
/* LCM(p - 1, q - 1) */
- && (rsa_get_lcm(ctx, rsa->p, rsa->q, lcm, gcd, p1, q1, p1q1) == 1)
+ && (ossl_rsa_get_lcm(ctx, rsa->p, rsa->q, lcm, gcd, p1, q1,
+ p1q1) == 1)
/* (Step 6a) d < LCM(p - 1, q - 1) */
&& (BN_cmp(rsa->d, lcm) < 0)
/* (Step 6b) 1 = (e . d) mod LCM(p - 1, q - 1) */
@@ -229,7 +230,7 @@ static int bn_is_three(const BIGNUM *bn)
#endif /* FIPS_MODULE */
/* Check exponent is odd, and has a bitlen ranging from [17..256] */
-int rsa_check_public_exponent(const BIGNUM *e)
+int ossl_rsa_check_public_exponent(const BIGNUM *e)
{
int bitlen;
@@ -247,7 +248,7 @@ int rsa_check_public_exponent(const BIGNUM *e)
* SP800-56Br1 6.4.1.2.1 (Step 5i): |p - q| > 2^(nbits/2 - 100)
* i.e- numbits(p-q-1) > (nbits/2 -100)
*/
-int rsa_check_pminusq_diff(BIGNUM *diff, const BIGNUM *p, const BIGNUM *q,
+int ossl_rsa_check_pminusq_diff(BIGNUM *diff, const BIGNUM *p, const BIGNUM *q,
int nbits)
{
int bitlen = (nbits >> 1) - 100;
@@ -270,9 +271,9 @@ int rsa_check_pminusq_diff(BIGNUM *diff, const BIGNUM *p, const BIGNUM *q,
* Caller should ensure that lcm, gcd, p1, q1, p1q1 are flagged with
* BN_FLG_CONSTTIME.
*/
-int rsa_get_lcm(BN_CTX *ctx, const BIGNUM *p, const BIGNUM *q,
- BIGNUM *lcm, BIGNUM *gcd, BIGNUM *p1, BIGNUM *q1,
- BIGNUM *p1q1)
+int ossl_rsa_get_lcm(BN_CTX *ctx, const BIGNUM *p, const BIGNUM *q,
+ BIGNUM *lcm, BIGNUM *gcd, BIGNUM *p1, BIGNUM *q1,
+ BIGNUM *p1q1)
{
return BN_sub(p1, p, BN_value_one()) /* p-1 */
&& BN_sub(q1, q, BN_value_one()) /* q-1 */
@@ -286,7 +287,7 @@ int rsa_get_lcm(BN_CTX *ctx, const BIGNUM *p, const BIGNUM *q,
* SP800-89 5.3.3 (Explicit) Partial Public Key Validation for RSA
* caveat is that the modulus must be as specified in SP800-56Br1
*/
-int rsa_sp800_56b_check_public(const RSA *rsa)
+int ossl_rsa_sp800_56b_check_public(const RSA *rsa)
{
int ret = 0, status;
#ifdef FIPS_MODULE
@@ -304,19 +305,18 @@ int rsa_sp800_56b_check_public(const RSA *rsa)
* NOTE: changed to allow keys >= 2048
*/
nbits = BN_num_bits(rsa->n);
- if (!rsa_sp800_56b_validate_strength(nbits, -1)) {
- RSAerr(RSA_F_RSA_SP800_56B_CHECK_PUBLIC, RSA_R_INVALID_KEY_LENGTH);
+ if (!ossl_rsa_sp800_56b_validate_strength(nbits, -1)) {
+ RSAerr(0, RSA_R_INVALID_KEY_LENGTH);
return 0;
}
#endif
if (!BN_is_odd(rsa->n)) {
- RSAerr(RSA_F_RSA_SP800_56B_CHECK_PUBLIC, RSA_R_INVALID_MODULUS);
+ RSAerr(0, RSA_R_INVALID_MODULUS);
return 0;
}
/* (Steps b-c): 2^16 < e < 2^256, n and e must be odd */
- if (!rsa_check_public_exponent(rsa->e)) {
- RSAerr(RSA_F_RSA_SP800_56B_CHECK_PUBLIC,
- RSA_R_PUB_EXPONENT_OUT_OF_RANGE);
+ if (!ossl_rsa_check_public_exponent(rsa->e)) {
+ RSAerr(0, RSA_R_PUB_EXPONENT_OUT_OF_RANGE);
return 0;
}
@@ -330,13 +330,13 @@ int rsa_sp800_56b_check_public(const RSA *rsa)
* The modulus has no factors smaller than 752.
*/
if (!BN_gcd(gcd, rsa->n, bn_get0_small_factors(), ctx) || !BN_is_one(gcd)) {
- RSAerr(RSA_F_RSA_SP800_56B_CHECK_PUBLIC, RSA_R_INVALID_MODULUS);
+ RSAerr(0, RSA_R_INVALID_MODULUS);
goto err;
}
ret = bn_miller_rabin_is_prime(rsa->n, 0, ctx, NULL, 1, &status);
if (ret != 1 || status != BN_PRIMETEST_COMPOSITE_NOT_POWER_OF_PRIME) {
- RSAerr(RSA_F_RSA_SP800_56B_CHECK_PUBLIC, RSA_R_INVALID_MODULUS);
+ RSAerr(0, RSA_R_INVALID_MODULUS);
ret = 0;
goto err;
}
@@ -351,7 +351,7 @@ err:
/*
* Perform validation of the RSA private key to check that 0 < D < N.
*/
-int rsa_sp800_56b_check_private(const RSA *rsa)
+int ossl_rsa_sp800_56b_check_private(const RSA *rsa)
{
if (rsa->d == NULL || rsa->n == NULL)
return 0;
@@ -369,8 +369,8 @@ int rsa_sp800_56b_check_private(const RSA *rsa)
* 6.4.1.2.3 "rsakpv1 - crt"
* 6.4.1.3.3 "rsakpv2 - crt"
*/
-int rsa_sp800_56b_check_keypair(const RSA *rsa, const BIGNUM *efixed,
- int strength, int nbits)
+int ossl_rsa_sp800_56b_check_keypair(const RSA *rsa, const BIGNUM *efixed,
+ int strength, int nbits)
{
int ret = 0;
BN_CTX *ctx = NULL;
@@ -381,31 +381,30 @@ int rsa_sp800_56b_check_keypair(const RSA *rsa, const BIGNUM *efixed,
|| rsa->e == NULL
|| rsa->d == NULL
|| rsa->n == NULL) {
- RSAerr(RSA_F_RSA_SP800_56B_CHECK_KEYPAIR, RSA_R_INVALID_REQUEST);
+ RSAerr(0, RSA_R_INVALID_REQUEST);
return 0;
}
/* (Step 1): Check Ranges */
- if (!rsa_sp800_56b_validate_strength(nbits, strength))
+ if (!ossl_rsa_sp800_56b_validate_strength(nbits, strength))
return 0;
/* If the exponent is known */
if (efixed != NULL) {
/* (2): Check fixed exponent matches public exponent. */
if (BN_cmp(efixed, rsa->e) != 0) {
- RSAerr(RSA_F_RSA_SP800_56B_CHECK_KEYPAIR, RSA_R_INVALID_REQUEST);
+ RSAerr(0, RSA_R_INVALID_REQUEST);
return 0;
}
}
/* (Step 1.c): e is odd integer 65537 <= e < 2^256 */
- if (!rsa_check_public_exponent(rsa->e)) {
+ if (!ossl_rsa_check_public_exponent(rsa->e)) {
/* exponent out of range */
- RSAerr(RSA_F_RSA_SP800_56B_CHECK_KEYPAIR,
- RSA_R_PUB_EXPONENT_OUT_OF_RANGE);
+ RSAerr(0, RSA_R_PUB_EXPONENT_OUT_OF_RANGE);
return 0;
}
/* (Step 3.b): check the modulus */
if (nbits != BN_num_bits(rsa->n)) {
- RSAerr(RSA_F_RSA_SP800_56B_CHECK_KEYPAIR, RSA_R_INVALID_KEYPAIR);
+ RSAerr(0, RSA_R_INVALID_KEYPAIR);
return 0;
}
@@ -419,20 +418,20 @@ int rsa_sp800_56b_check_keypair(const RSA *rsa, const BIGNUM *efixed,
goto err;
/* (Step 4.c): Check n = pq */
if (BN_cmp(rsa->n, r) != 0) {
- RSAerr(RSA_F_RSA_SP800_56B_CHECK_KEYPAIR, RSA_R_INVALID_REQUEST);
+ RSAerr(0, RSA_R_INVALID_REQUEST);
goto err;
}
/* (Step 5): check prime factors p & q */
- ret = rsa_check_prime_factor(rsa->p, rsa->e, nbits, ctx)
- && rsa_check_prime_factor(rsa->q, rsa->e, nbits, ctx)
- && (rsa_check_pminusq_diff(r, rsa->p, rsa->q, nbits) > 0)
+ ret = ossl_rsa_check_prime_factor(rsa->p, rsa->e, nbits, ctx)
+ && ossl_rsa_check_prime_factor(rsa->q, rsa->e, nbits, ctx)
+ && (ossl_rsa_check_pminusq_diff(r, rsa->p, rsa->q, nbits) > 0)
/* (Step 6): Check the private exponent d */
- && rsa_check_private_exponent(rsa, nbits, ctx)
+ && ossl_rsa_check_private_exponent(rsa, nbits, ctx)
/* 6.4.1.2.3 (Step 7): Check the CRT components */
- && rsa_check_crt_components(rsa, ctx);
+ && ossl_rsa_check_crt_components(rsa, ctx);
if (ret != 1)
- RSAerr(RSA_F_RSA_SP800_56B_CHECK_KEYPAIR, RSA_R_INVALID_KEYPAIR);
+ RSAerr(0, RSA_R_INVALID_KEYPAIR);
err:
BN_clear(r);
diff --git a/crypto/rsa/rsa_sp800_56b_gen.c b/crypto/rsa/rsa_sp800_56b_gen.c
index df15b8ce87..e8fdcd8940 100644
--- a/crypto/rsa/rsa_sp800_56b_gen.c
+++ b/crypto/rsa/rsa_sp800_56b_gen.c
@@ -53,8 +53,9 @@
* Xp, Xp1, Xp2, Xq, Xq1, Xq2 are optionally passed in.
* (Required for CAVS testing).
*/
-int rsa_fips186_4_gen_prob_primes(RSA *rsa, RSA_ACVP_TEST *test, int nbits,
- const BIGNUM *e, BN_CTX *ctx, BN_GENCB *cb)
+int ossl_rsa_fips186_4_gen_prob_primes(RSA *rsa, RSA_ACVP_TEST *test,
+ int nbits, const BIGNUM *e, BN_CTX *ctx,
+ BN_GENCB *cb)
{
int ret = 0, ok;
/* Temp allocated BIGNUMS */
@@ -87,13 +88,12 @@ int rsa_fips186_4_gen_prob_primes(RSA *rsa, RSA_ACVP_TEST *test, int nbits,
* Signature Generation and Key Agree/Transport.
*/
if (nbits < RSA_FIPS1864_MIN_KEYGEN_KEYSIZE) {
- RSAerr(RSA_F_RSA_FIPS186_4_GEN_PROB_PRIMES, RSA_R_KEY_SIZE_TOO_SMALL);
+ RSAerr(0, RSA_R_KEY_SIZE_TOO_SMALL);
return 0;
}
- if (!rsa_check_public_exponent(e)) {
- RSAerr(RSA_F_RSA_FIPS186_4_GEN_PROB_PRIMES,
- RSA_R_PUB_EXPONENT_OUT_OF_RANGE);
+ if (!ossl_rsa_check_public_exponent(e)) {
+ RSAerr(0, RSA_R_PUB_EXPONENT_OUT_OF_RANGE);
return 0;
}
@@ -131,14 +131,14 @@ int rsa_fips186_4_gen_prob_primes(RSA *rsa, RSA_ACVP_TEST *test, int nbits,
goto err;
/* (Step 6) |Xp - Xq| > 2^(nbitlen/2 - 100) */
- ok = rsa_check_pminusq_diff(tmp, Xpo, Xqo, nbits);
+ ok = ossl_rsa_check_pminusq_diff(tmp, Xpo, Xqo, nbits);
if (ok < 0)
goto err;
if (ok == 0)
continue;
/* (Step 6) |p - q| > 2^(nbitlen/2 - 100) */
- ok = rsa_check_pminusq_diff(tmp, rsa->p, rsa->q, nbits);
+ ok = ossl_rsa_check_pminusq_diff(tmp, rsa->p, rsa->q, nbits);
if (ok < 0)
goto err;
if (ok == 0)
@@ -169,18 +169,18 @@ err:
* strength is unknown.
* Returns: 1 if the key size matches the target strength, or 0 otherwise.
*/
-int rsa_sp800_56b_validate_strength(int nbits, int strength)
+int ossl_rsa_sp800_56b_validate_strength(int nbits, int strength)
{
int s = (int)ifc_ffc_compute_security_bits(nbits);
#ifdef FIPS_MODULE
if (s < RSA_FIPS1864_MIN_KEYGEN_STRENGTH
|| s > RSA_FIPS1864_MAX_KEYGEN_STRENGTH) {
- RSAerr(RSA_F_RSA_SP800_56B_VALIDATE_STRENGTH, RSA_R_INVALID_MODULUS);
+ RSAerr(0, RSA_R_INVALID_MODULUS);
return 0;
}
#endif
if (strength != -1 && s != strength) {
- RSAerr(RSA_F_RSA_SP800_56B_VALIDATE_STRENGTH, RSA_R_INVALID_STRENGTH);
+ RSAerr(0, RSA_R_INVALID_STRENGTH);
return 0;
}
return 1;
@@ -206,8 +206,8 @@ int rsa_sp800_56b_validate_strength(int nbits, int strength)
* 0 = d is too small,
* 1 = success.
*/
-int rsa_sp800_56b_derive_params_from_pq(RSA *rsa, int nbits,
- const BIGNUM *e, BN_CTX *ctx)
+int ossl_rsa_sp800_56b_derive_params_from_pq(RSA *rsa, int nbits,
+ const BIGNUM *e, BN_CTX *ctx)
{
int ret = -1;
BIGNUM *p1, *q1, *lcm, *p1q1, *gcd;
@@ -228,7 +228,7 @@ int rsa_sp800_56b_derive_params_from_pq(RSA *rsa, int nbits,
BN_set_flags(gcd, BN_FLG_CONSTTIME);
/* LCM((p-1, q-1)) */
- if (rsa_get_lcm(ctx, rsa->p, rsa->q, lcm, gcd, p1, q1, p1q1) != 1)
+ if (ossl_rsa_get_lcm(ctx, rsa->p, rsa->q, lcm, gcd, p1, q1, p1q1) != 1)
goto err;
/* copy e */
@@ -330,8 +330,8 @@ err:
* cb An optional BIGNUM callback.
* Returns: 1 if successfully generated otherwise it returns 0.
*/
-int rsa_sp800_56b_generate_key(RSA *rsa, int nbits, const BIGNUM *efixed,
- BN_GENCB *cb)
+int ossl_rsa_sp800_56b_generate_key(RSA *rsa, int nbits, const BIGNUM *efixed,
+ BN_GENCB *cb)
{
int ret = 0;
int ok;
@@ -344,7 +344,7 @@ int rsa_sp800_56b_generate_key(RSA *rsa, int nbits, const BIGNUM *efixed,
#endif
/* (Steps 1a-1b) : Currently ignores the strength check */
- if (!rsa_sp800_56b_validate_strength(nbits, -1))
+ if (!ossl_rsa_sp800_56b_validate_strength(nbits, -1))
return 0;
ctx = BN_CTX_new_ex(rsa->libctx);
@@ -363,11 +363,10 @@ int rsa_sp800_56b_generate_key(RSA *rsa, int nbits, const BIGNUM *efixed,
for (;;) {
/* (Step 2) Generate prime factors */
- if (!rsa_fips186_4_gen_prob_primes(rsa, info, nbits, e, ctx,
- cb))
+ if (!ossl_rsa_fips186_4_gen_prob_primes(rsa, info, nbits, e, ctx, cb))
goto err;
/* (Steps 3-5) Compute params d, n, dP, dQ, qInv */
- ok = rsa_sp800_56b_derive_params_from_pq(rsa, nbits, e, ctx);
+ ok = ossl_rsa_sp800_56b_derive_params_from_pq(rsa, nbits, e, ctx);
if (ok < 0)
goto err;
if (ok > 0)
@@ -376,7 +375,7 @@ int rsa_sp800_56b_generate_key(RSA *rsa, int nbits, const BIGNUM *efixed,
}
/* (Step 6) Do pairwise test - optional validity test has been omitted */
- ret = rsa_sp800_56b_pairwise_test(rsa, ctx);
+ ret = ossl_rsa_sp800_56b_pairwise_test(rsa, ctx);
err:
if (efixed == NULL)
BN_free(e);
@@ -390,7 +389,7 @@ err:
*
* Returns 1 if the RSA key passes the pairwise test or 0 it it fails.
*/
-int rsa_sp800_56b_pairwise_test(RSA *rsa, BN_CTX *ctx)
+int ossl_rsa_sp800_56b_pairwise_test(RSA *rsa, BN_CTX *ctx)
{
int ret = 0;
BIGNUM *k, *tmp;
@@ -407,7 +406,7 @@ int rsa_sp800_56b_pairwise_test(RSA *rsa, BN_CTX *ctx)
&& BN_mod_exp(tmp, tmp, rsa->d, rsa->n, ctx)
&& BN_cmp(k, tmp) == 0);
if (ret == 0)
- RSAerr(RSA_F_RSA_SP800_56B_PAIRWISE_TEST, RSA_R_PAIRWISE_TEST_FAILURE);
+ RSAerr(0, RSA_R_PAIRWISE_TEST_FAILURE);
err:
BN_CTX_end(ctx);
return ret;
diff --git a/crypto/rsa/rsa_ssl.c b/crypto/rsa/rsa_ssl.c
index 3565b8c8d6..e2cf98d884 100644
--- a/crypto/rsa/rsa_ssl.c
+++ b/crypto/rsa/rsa_ssl.c
@@ -21,8 +21,9 @@
#include "internal/constant_time.h"
#include "rsa_local.h"
-int rsa_padding_add_SSLv23_ex(OPENSSL_CTX *libctx, unsigned char *to, int tlen,
- const unsigned char *from, int flen)
+int ossl_rsa_padding_add_SSLv23_ex(OPENSSL_CTX *libctx, unsigned char *to,
+ int tlen, const unsigned char *from,
+ int flen)
{
int i, j;
unsigned char *p;
@@ -62,7 +63,7 @@ int rsa_padding_add_SSLv23_ex(OPENSSL_CTX *libctx, unsigned char *to, int tlen,
int RSA_padding_add_SSLv23(unsigned char *to, int tlen,
const unsigned char *from, int flen)
{
- return rsa_padding_add_SSLv23_ex(NULL, to, tlen, from, flen);
+ return ossl_rsa_padding_add_SSLv23_ex(NULL, to, tlen, from, flen);
}
/*
diff --git a/doc/internal/man3/rsa_get0_all_params.pod b/doc/internal/man3/ossl_rsa_get0_all_params.pod
similarity index 69%
rename from doc/internal/man3/rsa_get0_all_params.pod
rename to doc/internal/man3/ossl_rsa_get0_all_params.pod
index c71028c13e..7af5d77d63 100644
--- a/doc/internal/man3/rsa_get0_all_params.pod
+++ b/doc/internal/man3/ossl_rsa_get0_all_params.pod
@@ -2,28 +2,28 @@
=head1 NAME
-rsa_set0_all_params, rsa_get0_all_params
+ossl_rsa_set0_all_params, ossl_rsa_get0_all_params
- Internal routines for getting and setting data in an RSA object
=head1 SYNOPSIS
#include "crypto/rsa.h"
- int rsa_get0_all_params(RSA *r, STACK_OF(BIGNUM_const) *primes,
- STACK_OF(BIGNUM_const) *exps,
- STACK_OF(BIGNUM_const) *coeffs);
- int rsa_set0_all_params(RSA *r, const STACK_OF(BIGNUM) *primes,
- const STACK_OF(BIGNUM) *exps,
- const STACK_OF(BIGNUM) *coeffs);
+ int ossl_rsa_get0_all_params(RSA *r, STACK_OF(BIGNUM_const) *primes,
+ STACK_OF(BIGNUM_const) *exps,
+ STACK_OF(BIGNUM_const) *coeffs);
+ int ossl_rsa_set0_all_params(RSA *r, const STACK_OF(BIGNUM) *primes,
+ const STACK_OF(BIGNUM) *exps,
+ const STACK_OF(BIGNUM) *coeffs);
=head1 DESCRIPTION
-rsa_set0_all_params() sets all primes, CRT exponents and CRT coefficients
+ossl_rsa_set0_all_params() sets all primes, CRT exponents and CRT coefficients
in the B<RSA> object I<r> to the contents of the stacks of BIGNUMs I<primes>,
I<exps> and I<coeffs>. The B<RSA> object takes ownership of the BIGNUMs,
but not of the stacks.
-rsa_get0_all_params() gets all primes, CRT exponents and CRT coefficients
+ossl_rsa_get0_all_params() gets all primes, CRT exponents and CRT coefficients
in the B<RSA> object I<r> and pushes them on the stacks of constant BIGNUMs
I<primes>, I<exps> and I<coeffs>. The B<RSA> object retains ownership of the
BIGNUMs, but not of the stacks.
@@ -56,8 +56,8 @@ the number of coefficients must be one less than the number of primes.
=head1 RETURN VALUES
-rsa_get0_all_params() and rsa_set0_all_params() return 1 on success, or
-0 on failure.
+ossl_rsa_get0_all_params() and ossl_rsa_set0_all_params() return 1 on success,
+or 0 on failure.
=head1 SEE ALSO
diff --git a/include/crypto/evp.h b/include/crypto/evp.h
index 9ca1a6062f..ac20b5b512 100644
--- a/include/crypto/evp.h
+++ b/include/crypto/evp.h
@@ -183,8 +183,8 @@ const EVP_PKEY_METHOD *ecx25519_pkey_method(void);
const EVP_PKEY_METHOD *ecx448_pkey_method(void);
const EVP_PKEY_METHOD *ed25519_pkey_method(void);
const EVP_PKEY_METHOD *ed448_pkey_method(void);
-const EVP_PKEY_METHOD *rsa_pkey_method(void);
-const EVP_PKEY_METHOD *rsa_pss_pkey_method(void);
+const EVP_PKEY_METHOD *ossl_rsa_pkey_method(void);
+const EVP_PKEY_METHOD *ossl_rsa_pss_pkey_method(void);
struct evp_mac_st {
OSSL_PROVIDER *prov;
diff --git a/include/crypto/rsa.h b/include/crypto/rsa.h
index e663681e6e..85682aa55d 100644
--- a/include/crypto/rsa.h
+++ b/include/crypto/rsa.h
@@ -23,72 +23,75 @@ typedef struct rsa_pss_params_30_st {
int trailer_field;
} RSA_PSS_PARAMS_30;
-RSA_PSS_PARAMS_30 *rsa_get0_pss_params_30(RSA *r);
-int rsa_pss_params_30_set_defaults(RSA_PSS_PARAMS_30 *rsa_pss_params);
-int rsa_pss_params_30_copy(RSA_PSS_PARAMS_30 *to,
- const RSA_PSS_PARAMS_30 *from);
-int rsa_pss_params_30_is_unrestricted(const RSA_PSS_PARAMS_30 *rsa_pss_params);
-int rsa_pss_params_30_set_hashalg(RSA_PSS_PARAMS_30 *rsa_pss_params,
- int hashalg_nid);
-int rsa_pss_params_30_set_maskgenalg(RSA_PSS_PARAMS_30 *rsa_pss_params,
- int maskgenalg_nid);
-int rsa_pss_params_30_set_maskgenhashalg(RSA_PSS_PARAMS_30 *rsa_pss_params,
- int maskgenhashalg_nid);
-int rsa_pss_params_30_set_saltlen(RSA_PSS_PARAMS_30 *rsa_pss_params,
- int saltlen);
-int rsa_pss_params_30_set_trailerfield(RSA_PSS_PARAMS_30 *rsa_pss_params,
- int trailerfield);
-int rsa_pss_params_30_hashalg(const RSA_PSS_PARAMS_30 *rsa_pss_params);
-int rsa_pss_params_30_maskgenalg(const RSA_PSS_PARAMS_30 *rsa_pss_params);
-int rsa_pss_params_30_maskgenhashalg(const RSA_PSS_PARAMS_30 *rsa_pss_params);
-int rsa_pss_params_30_saltlen(const RSA_PSS_PARAMS_30 *rsa_pss_params);
-int rsa_pss_params_30_trailerfield(const RSA_PSS_PARAMS_30 *rsa_pss_params);
-
-const char *rsa_mgf_nid2name(int mgf);
-int rsa_oaeppss_md2nid(const EVP_MD *md);
-const char *rsa_oaeppss_nid2name(int md);
-
-RSA *rsa_new_with_ctx(OPENSSL_CTX *libctx);
-OPENSSL_CTX *rsa_get0_libctx(RSA *r);
-
-int rsa_set0_all_params(RSA *r, const STACK_OF(BIGNUM) *primes,
- const STACK_OF(BIGNUM) *exps,
- const STACK_OF(BIGNUM) *coeffs);
-int rsa_get0_all_params(RSA *r, STACK_OF(BIGNUM_const) *primes,
- STACK_OF(BIGNUM_const) *exps,
- STACK_OF(BIGNUM_const) *coeffs);
-
-int rsa_todata(RSA *rsa, OSSL_PARAM_BLD *bld, OSSL_PARAM params[]);
-int rsa_fromdata(RSA *rsa, const OSSL_PARAM params[]);
-int rsa_pss_params_30_todata(const RSA_PSS_PARAMS_30 *pss,
- OSSL_PARAM_BLD *bld, OSSL_PARAM params[]);
-int rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params,
- const OSSL_PARAM params[], OPENSSL_CTX *libctx);
-
-int rsa_padding_check_PKCS1_type_2_TLS(OPENSSL_CTX *ctx, unsigned char *to,
- size_t tlen, const unsigned char *from,
- size_t flen, int client_version,
- int alt_version);
-int rsa_padding_add_PKCS1_OAEP_mgf1_ex(OPENSSL_CTX *libctx, unsigned char *to,
- int tlen, const unsigned char *from,
- int flen, const unsigned char *param,
- int plen, const EVP_MD *md,
- const EVP_MD *mgf1md);
-
-int rsa_validate_public(const RSA *key);
-int rsa_validate_private(const RSA *key);
-int rsa_validate_pairwise(const RSA *key);
+RSA_PSS_PARAMS_30 *ossl_rsa_get0_pss_params_30(RSA *r);
+int ossl_rsa_pss_params_30_set_defaults(RSA_PSS_PARAMS_30 *rsa_pss_params);
+int ossl_rsa_pss_params_30_copy(RSA_PSS_PARAMS_30 *to,
+ const RSA_PSS_PARAMS_30 *from);
+int ossl_rsa_pss_params_30_is_unrestricted(const RSA_PSS_PARAMS_30 *rsa_pss_params);
+int ossl_rsa_pss_params_30_set_hashalg(RSA_PSS_PARAMS_30 *rsa_pss_params,
+ int hashalg_nid);
+int ossl_rsa_pss_params_30_set_maskgenalg(RSA_PSS_PARAMS_30 *rsa_pss_params,
+ int maskgenalg_nid);
+int ossl_rsa_pss_params_30_set_maskgenhashalg(RSA_PSS_PARAMS_30 *rsa_pss_params,
+ int maskgenhashalg_nid);
+int ossl_rsa_pss_params_30_set_saltlen(RSA_PSS_PARAMS_30 *rsa_pss_params,
+ int saltlen);
+int ossl_rsa_pss_params_30_set_trailerfield(RSA_PSS_PARAMS_30 *rsa_pss_params,
+ int trailerfield);
+int ossl_rsa_pss_params_30_hashalg(const RSA_PSS_PARAMS_30 *rsa_pss_params);
+int ossl_rsa_pss_params_30_maskgenalg(const RSA_PSS_PARAMS_30 *rsa_pss_params);
+int ossl_rsa_pss_params_30_maskgenhashalg(const RSA_PSS_PARAMS_30 *rsa_pss_params);
+int ossl_rsa_pss_params_30_saltlen(const RSA_PSS_PARAMS_30 *rsa_pss_params);
+int ossl_rsa_pss_params_30_trailerfield(const RSA_PSS_PARAMS_30 *rsa_pss_params);
+
+const char *ossl_rsa_mgf_nid2name(int mgf);
+int ossl_rsa_oaeppss_md2nid(const EVP_MD *md);
+const char *ossl_rsa_oaeppss_nid2name(int md);
+
+RSA *ossl_rsa_new_with_ctx(OPENSSL_CTX *libctx);
+OPENSSL_CTX *ossl_rsa_get0_libctx(RSA *r);
+
+int ossl_rsa_set0_all_params(RSA *r, const STACK_OF(BIGNUM) *primes,
+ const STACK_OF(BIGNUM) *exps,
+ const STACK_OF(BIGNUM) *coeffs);
+int ossl_rsa_get0_all_params(RSA *r, STACK_OF(BIGNUM_const) *primes,
+ STACK_OF(BIGNUM_const) *exps,
+ STACK_OF(BIGNUM_const) *coeffs);
+
+int ossl_rsa_todata(RSA *rsa, OSSL_PARAM_BLD *bld, OSSL_PARAM params[]);
+int ossl_rsa_fromdata(RSA *rsa, const OSSL_PARAM params[]);
+int ossl_rsa_pss_params_30_todata(const RSA_PSS_PARAMS_30 *pss,
+ OSSL_PARAM_BLD *bld, OSSL_PARAM params[]);
+int ossl_rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params,
+ const OSSL_PARAM params[],
+ OPENSSL_CTX *libctx);
+
+int ossl_rsa_padding_check_PKCS1_type_2_TLS(OPENSSL_CTX *ctx, unsigned char *to,
+ size_t tlen,
+ const unsigned char *from,
+ size_t flen, int client_version,
+ int alt_version);
+int ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex(OPENSSL_CTX *libctx,
+ unsigned char *to, int tlen,
+ const unsigned char *from, int flen,
+ const unsigned char *param,
+ int plen, const EVP_MD *md,
+ const EVP_MD *mgf1md);
+
+int ossl_rsa_validate_public(const RSA *key);
+int ossl_rsa_validate_private(const RSA *key);
+int ossl_rsa_validate_pairwise(const RSA *key);
int int_rsa_verify(int dtype, const unsigned char *m,
unsigned int m_len, unsigned char *rm,
size_t *prm_len, const unsigned char *sigbuf,
size_t siglen, RSA *rsa);
-const unsigned char *rsa_digestinfo_encoding(int md_nid, size_t *len);
+const unsigned char *ossl_rsa_digestinfo_encoding(int md_nid, size_t *len);
-extern const char *rsa_mp_factor_names[];
-extern const char *rsa_mp_exp_names[];
-extern const char *rsa_mp_coeff_names[];
+extern const char *ossl_rsa_mp_factor_names[];
+extern const char *ossl_rsa_mp_exp_names[];
+extern const char *ossl_rsa_mp_coeff_names[];
# if defined(FIPS_MODULE) && !defined(OPENSSL_NO_ACVP_TESTS)
int rsa_acvp_test_gen_params_new(OSSL_PARAM **dst, const OSSL_PARAM src[]);
diff --git a/include/openssl/rsaerr.h b/include/openssl/rsaerr.h
index 34df111eaf..794f433a05 100644
--- a/include/openssl/rsaerr.h
+++ b/include/openssl/rsaerr.h
@@ -41,7 +41,6 @@ int ERR_load_RSA_strings(void);
# define RSA_F_RSA_CHECK_KEY_EX 0
# define RSA_F_RSA_CMS_DECRYPT 0
# define RSA_F_RSA_CMS_VERIFY 0
-# define RSA_F_RSA_FIPS186_4_GEN_PROB_PRIMES 0
# define RSA_F_RSA_ITEM_VERIFY 0
# define RSA_F_RSA_METH_DUP 0
# define RSA_F_RSA_METH_NEW 0
@@ -85,10 +84,6 @@ int ERR_load_RSA_strings(void);
# define RSA_F_RSA_SETUP_BLINDING 0
# define RSA_F_RSA_SIGN 0
# define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 0
-# define RSA_F_RSA_SP800_56B_CHECK_KEYPAIR 0
-# define RSA_F_RSA_SP800_56B_CHECK_PUBLIC 0
-# define RSA_F_RSA_SP800_56B_PAIRWISE_TEST 0
-# define RSA_F_RSA_SP800_56B_VALIDATE_STRENGTH 0
# define RSA_F_RSA_VERIFY 0
# define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 0
# define RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1 0
diff --git a/providers/common/der/der_rsa_key.c b/providers/common/der/der_rsa_key.c
index 6e8a37699d..a20c334b23 100644
--- a/providers/common/der/der_rsa_key.c
+++ b/providers/common/der/der_rsa_key.c
@@ -242,8 +242,8 @@ static const unsigned char der_aid_mgf1SHA512_256Identifier[] = {
static int DER_w_MaskGenAlgorithm(WPACKET *pkt, int tag,
const RSA_PSS_PARAMS_30 *pss)
{
- if (pss != NULL && rsa_pss_params_30_maskgenalg(pss) == NID_mgf1) {
- int maskgenhashalg_nid = rsa_pss_params_30_maskgenhashalg(pss);
+ if (pss != NULL && ossl_rsa_pss_params_30_maskgenalg(pss) == NID_mgf1) {
+ int maskgenhashalg_nid = ossl_rsa_pss_params_30_maskgenhashalg(pss);
const unsigned char *maskgenalg = NULL;
size_t maskgenalg_sz = 0;
@@ -292,17 +292,18 @@ int ossl_DER_w_RSASSA_PSS_params(WPACKET *pkt, int tag,
* intent. Therefore, we assert that here, the PSS parameters must show
* that the key is restricted.
*/
- if (!ossl_assert(pss != NULL && !rsa_pss_params_30_is_unrestricted(pss)))
+ if (!ossl_assert(pss != NULL
+ && !ossl_rsa_pss_params_30_is_unrestricted(pss)))
return 0;
- hashalg_nid = rsa_pss_params_30_hashalg(pss);
- saltlen = rsa_pss_params_30_saltlen(pss);
- trailerfield = rsa_pss_params_30_trailerfield(pss);
+ hashalg_nid = ossl_rsa_pss_params_30_hashalg(pss);
+ saltlen = ossl_rsa_pss_params_30_saltlen(pss);
+ trailerfield = ossl_rsa_pss_params_30_trailerfield(pss);
/* Getting default values */
- default_hashalg_nid = rsa_pss_params_30_hashalg(NULL);
- default_saltlen = rsa_pss_params_30_saltlen(NULL);
- default_trailerfield = rsa_pss_params_30_trailerfield(NULL);
+ default_hashalg_nid = ossl_rsa_pss_params_30_hashalg(NULL);
+ default_saltlen = ossl_rsa_pss_params_30_saltlen(NULL);
+ default_trailerfield = ossl_rsa_pss_params_30_trailerfield(NULL);
/*
* From https://tools.ietf.org/html/rfc8017#appendix-A.2.1:
@@ -354,7 +355,7 @@ int ossl_DER_w_algorithmIdentifier_RSA(WPACKET *pkt, int tag, RSA *rsa)
int rsa_nid = NID_undef;
const unsigned char *rsa_oid = NULL;
size_t rsa_oid_sz = 0;
- RSA_PSS_PARAMS_30 *pss_params = rsa_get0_pss_params_30(rsa);
+ RSA_PSS_PARAMS_30 *pss_params = ossl_rsa_get0_pss_params_30(rsa);
switch (RSA_test_flags(rsa, RSA_FLAG_TYPE_MASK)) {
case RSA_FLAG_TYPE_RSA:
@@ -368,7 +369,7 @@ int ossl_DER_w_algorithmIdentifier_RSA(WPACKET *pkt, int tag, RSA *rsa)
return ossl_DER_w_begin_sequence(pkt, tag)
&& (rsa_nid != NID_rsassaPss
- || rsa_pss_params_30_is_unrestricted(pss_params)
+ || ossl_rsa_pss_params_30_is_unrestricted(pss_params)
|| ossl_DER_w_RSASSA_PSS_params(pkt, -1, pss_params))
&& ossl_DER_w_precompiled(pkt, -1, rsa_oid, rsa_oid_sz)
&& ossl_DER_w_end_sequence(pkt, tag);
diff --git a/providers/common/include/prov/securitycheck.h b/providers/common/include/prov/securitycheck.h
index 0d3b9e8bac..8ab3370263 100644
--- a/providers/common/include/prov/securitycheck.h
+++ b/providers/common/include/prov/securitycheck.h
@@ -8,7 +8,7 @@
*/
/* Functions that are common */
-int rsa_check_key(const RSA *rsa, int protect);
+int ossl_rsa_check_key(const RSA *rsa, int protect);
int ec_check_key(const EC_KEY *ec, int protect);
int dsa_check_key(const DSA *dsa, int sign);
int dh_check_key(const DH *dh);
diff --git a/providers/common/securitycheck.c b/providers/common/securitycheck.c
index 9a425fb630..a95fa9dda9 100644
--- a/providers/common/securitycheck.c
+++ b/providers/common/securitycheck.c
@@ -25,7 +25,7 @@
* Set protect = 1 for encryption or signing operations, or 0 otherwise. See
* https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar2.pdf.
*/
-int rsa_check_key(const RSA *rsa, int protect)
+int ossl_rsa_check_key(const RSA *rsa, int protect)
{
#if !defined(OPENSSL_NO_FIPS_SECURITYCHECKS)
if (securitycheck_enabled()) {
diff --git a/providers/implementations/asymciphers/rsa_enc.c b/providers/implementations/asymciphers/rsa_enc.c
index 0ce2054e7d..6241ce5fcf 100644
--- a/providers/implementations/asymciphers/rsa_enc.c
+++ b/providers/implementations/asymciphers/rsa_enc.c
@@ -113,7 +113,7 @@ static int rsa_init(void *vprsactx, void *vrsa, int operation)
ERR_raise(ERR_LIB_PROV, PROV_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
return 0;
}
- if (!rsa_check_key(vrsa, operation == EVP_PKEY_OP_ENCRYPT)) {
+ if (!ossl_rsa_check_key(vrsa, operation == EVP_PKEY_OP_ENCRYPT)) {
ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
return 0;
}
@@ -165,11 +165,12 @@ static int rsa_encrypt(void *vprsactx, unsigned char *out, size_t *outlen,
return 0;
}
ret =
- rsa_padding_add_PKCS1_OAEP_mgf1_ex(prsactx->libctx, tbuf, rsasize,
- in, inlen, prsactx->oaep_label,
- prsactx->oaep_labellen,
- prsactx->oaep_md,
- prsactx->mgf1_md);
+ ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex(prsactx->libctx, tbuf,
+ rsasize, in, inlen,
+ prsactx->oaep_label,
+ prsactx->oaep_labellen,
+ prsactx->oaep_md,
+ prsactx->mgf1_md);
if (!ret) {
OPENSSL_free(tbuf);
@@ -263,11 +264,9 @@ static int rsa_decrypt(void *vprsactx, unsigned char *out, size_t *outlen,
ERR_raise(ERR_LIB_PROV, PROV_R_BAD_TLS_CLIENT_VERSION);
return 0;
}
- ret = rsa_padding_check_PKCS1_type_2_TLS(prsactx->libctx, out,
- outsize,
- tbuf, len,
- prsactx->client_version,
- prsactx->alt_version);
+ ret = ossl_rsa_padding_check_PKCS1_type_2_TLS(
+ prsactx->libctx, out, outsize, tbuf, len,
+ prsactx->client_version, prsactx->alt_version);
}
OPENSSL_free(tbuf);
} else {
diff --git a/providers/implementations/encode_decode/encode_key2any.c b/providers/implementations/encode_decode/encode_key2any.c
index 2a4a31fe5b..c21b74d9d3 100644
--- a/providers/implementations/encode_decode/encode_key2any.c
+++ b/providers/implementations/encode_decode/encode_key2any.c
@@ -624,7 +624,7 @@ static int ecx_priv_to_der(const void *vecxkey, unsigned char **pder)
static int prepare_rsa_params(const void *rsa, int nid,
void **pstr, int *pstrtype)
{
- const RSA_PSS_PARAMS_30 *pss = rsa_get0_pss_params_30((RSA *)rsa);
+ const RSA_PSS_PARAMS_30 *pss = ossl_rsa_get0_pss_params_30((RSA *)rsa);
*pstr = NULL;
@@ -634,7 +634,7 @@ static int prepare_rsa_params(const void *rsa, int nid,
*pstrtype = V_ASN1_NULL;
return 1;
case RSA_FLAG_TYPE_RSASSAPSS:
- if (rsa_pss_params_30_is_unrestricted(pss)) {
+ if (ossl_rsa_pss_params_30_is_unrestricted(pss)) {
*pstrtype = V_ASN1_UNDEF;
return 1;
} else {
diff --git a/providers/implementations/encode_decode/encode_key2text.c b/providers/implementations/encode_decode/encode_key2text.c
index 638e16ec27..ac6d42970e 100644
--- a/providers/implementations/encode_decode/encode_key2text.c
+++ b/providers/implementations/encode_decode/encode_key2text.c
@@ -627,7 +627,7 @@ static int rsa_to_text(BIO *out, const void *key, int selection)
STACK_OF(BIGNUM_const) *exps = NULL;
STACK_OF(BIGNUM_const) *coeffs = NULL;
int primes;
- const RSA_PSS_PARAMS_30 *pss_params = rsa_get0_pss_params_30((RSA *)rsa);
+ const RSA_PSS_PARAMS_30 *pss_params = ossl_rsa_get0_pss_params_30((RSA *)rsa);
int ret = 0;
if (out == NULL || rsa == NULL) {
@@ -655,7 +655,7 @@ static int rsa_to_text(BIO *out, const void *key, int selection)
}
RSA_get0_key(rsa, &rsa_n, &rsa_e, &rsa_d);
- rsa_get0_all_params((RSA *)rsa, factors, exps, coeffs);
+ ossl_rsa_get0_all_params((RSA *)rsa, factors, exps, coeffs);
primes = sk_BIGNUM_const_num(factors);
if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) {
@@ -714,33 +714,35 @@ static int rsa_to_text(BIO *out, const void *key, int selection)
if ((selection & OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS) != 0) {
switch (RSA_test_flags(rsa, RSA_FLAG_TYPE_MASK)) {
case RSA_FLAG_TYPE_RSA:
- if (!rsa_pss_params_30_is_unrestricted(pss_params)) {
+ if (!ossl_rsa_pss_params_30_is_unrestricted(pss_params)) {
if (BIO_printf(out, "(INVALID PSS PARAMETERS)\n") <= 0)
goto err;
}
break;
case RSA_FLAG_TYPE_RSASSAPSS:
- if (rsa_pss_params_30_is_unrestricted(pss_params)) {
+ if (ossl_rsa_pss_params_30_is_unrestricted(pss_params)) {
if (BIO_printf(out, "No PSS parameter restrictions\n") <= 0)
goto err;
} else {
- int hashalg_nid = rsa_pss_params_30_hashalg(pss_params);
- int maskgenalg_nid = rsa_pss_params_30_maskgenalg(pss_params);
+ int hashalg_nid = ossl_rsa_pss_params_30_hashalg(pss_params);
+ int maskgenalg_nid =
+ ossl_rsa_pss_params_30_maskgenalg(pss_params);
int maskgenhashalg_nid =
- rsa_pss_params_30_maskgenhashalg(pss_params);
- int saltlen = rsa_pss_params_30_saltlen(pss_params);
- int trailerfield = rsa_pss_params_30_trailerfield(pss_params);
+ ossl_rsa_pss_params_30_maskgenhashalg(pss_params);
+ int saltlen = ossl_rsa_pss_params_30_saltlen(pss_params);
+ int trailerfield =
+ ossl_rsa_pss_params_30_trailerfield(pss_params);
if (BIO_printf(out, "PSS parameter restrictions:\n") <= 0)
goto err;
if (BIO_printf(out, " Hash Algorithm: %s%s\n",
- rsa_oaeppss_nid2name(hashalg_nid),
+ ossl_rsa_oaeppss_nid2name(hashalg_nid),
(hashalg_nid == NID_sha1
? " (default)" : "")) <= 0)
goto err;
if (BIO_printf(out, " Mask Algorithm: %s with %s%s\n",
- rsa_mgf_nid2name(maskgenalg_nid),
- rsa_oaeppss_nid2name(maskgenhashalg_nid),
+ ossl_rsa_mgf_nid2name(maskgenalg_nid),
+ ossl_rsa_oaeppss_nid2name(maskgenhashalg_nid),
(maskgenalg_nid == NID_mgf1
&& maskgenhashalg_nid == NID_sha1
? " (default)" : "")) <= 0)
diff --git a/providers/implementations/kem/rsa_kem.c b/providers/implementations/kem/rsa_kem.c
index 39ee9f4bac..cb02854100 100644
--- a/providers/implementations/kem/rsa_kem.c
+++ b/providers/implementations/kem/rsa_kem.c
@@ -126,7 +126,7 @@ static int rsakem_init(void *vprsactx, void *vrsa, int operation)
RSA_free(prsactx->rsa);
prsactx->rsa = vrsa;
- if (!rsa_check_key(vrsa, operation == EVP_PKEY_OP_ENCAPSULATE)) {
+ if (!ossl_rsa_check_key(vrsa, operation == EVP_PKEY_OP_ENCAPSULATE)) {
ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
return 0;
}
@@ -205,7 +205,7 @@ static int rsasve_gen_rand_bytes(RSA *rsa_pub,
BN_CTX *bnctx;
BIGNUM *z, *nminus3;
- bnctx = BN_CTX_secure_new_ex(rsa_get0_libctx(rsa_pub));
+ bnctx = BN_CTX_secure_new_ex(ossl_rsa_get0_libctx(rsa_pub));
if (bnctx == NULL)
return 0;
diff --git a/providers/implementations/keymgmt/rsa_kmgmt.c b/providers/implementations/keymgmt/rsa_kmgmt.c
index 98c369d97f..4156fbd5b0 100644
--- a/providers/implementations/keymgmt/rsa_kmgmt.c
+++ b/providers/implementations/keymgmt/rsa_kmgmt.c
@@ -60,12 +60,12 @@ static int pss_params_fromdata(RSA_PSS_PARAMS_30 *pss_params,
const OSSL_PARAM params[], int rsa_type,
OPENSSL_CTX *libctx)
{
- if (!rsa_pss_params_30_fromdata(pss_params, params, libctx))
+ if (!ossl_rsa_pss_params_30_fromdata(pss_params, params, libctx))
return 0;
/* If not a PSS type RSA, sending us PSS parameters is wrong */
if (rsa_type != RSA_FLAG_TYPE_RSASSAPSS
- && !rsa_pss_params_30_is_unrestricted(pss_params))
+ && !ossl_rsa_pss_params_30_is_unrestricted(pss_params))
return 0;
return 1;
@@ -79,7 +79,7 @@ static void *rsa_newdata(void *provctx)
if (!ossl_prov_is_running())
return NULL;
- rsa = rsa_new_with_ctx(libctx);
+ rsa = ossl_rsa_new_with_ctx(libctx);
if (rsa != NULL) {
RSA_clear_flags(rsa, RSA_FLAG_TYPE_MASK);
RSA_set_flags(rsa, RSA_FLAG_TYPE_RSA);
@@ -95,7 +95,7 @@ static void *rsapss_newdata(void *provctx)
if (!ossl_prov_is_running())
return NULL;
- rsa = rsa_new_with_ctx(libctx);
+ rsa = ossl_rsa_new_with_ctx(libctx);
if (rsa != NULL) {
RSA_clear_flags(rsa, RSA_FLAG_TYPE_MASK);
RSA_set_flags(rsa, RSA_FLAG_TYPE_RSASSAPSS);
@@ -165,10 +165,10 @@ static int rsa_import(void *keydata, int selection, const OSSL_PARAM params[])
/* TODO(3.0) OAEP should bring on parameters as well */
if ((selection & OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS) != 0)
- ok = ok && pss_params_fromdata(rsa_get0_pss_params_30(rsa), params,
- rsa_type, rsa_get0_libctx(rsa));
+ ok = ok && pss_params_fromdata(ossl_rsa_get0_pss_params_30(rsa), params,
+ rsa_type, ossl_rsa_get0_libctx(rsa));
if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0)
- ok = ok && rsa_fromdata(rsa, params);
+ ok = ok && ossl_rsa_fromdata(rsa, params);
return ok;
}
@@ -177,7 +177,7 @@ static int rsa_export(void *keydata, int selection,
OSSL_CALLBACK *param_callback, void *cbarg)
{
RSA *rsa = keydata;
- const RSA_PSS_PARAMS_30 *pss_params = rsa_get0_pss_params_30(rsa);
+ const RSA_PSS_PARAMS_30 *pss_params = ossl_rsa_get0_pss_params_30(rsa);
OSSL_PARAM_BLD *tmpl;
OSSL_PARAM *params = NULL;
int ok = 1;
@@ -192,10 +192,10 @@ static int rsa_export(void *keydata, int selection,
return 0;
if ((selection & OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS) != 0)
- ok = ok && (rsa_pss_params_30_is_unrestricted(pss_params)
- || rsa_pss_params_30_todata(pss_params, tmpl, NULL));
+ ok = ok && (ossl_rsa_pss_params_30_is_unrestricted(pss_params)
+ || ossl_rsa_pss_params_30_todata(pss_params, tmpl, NULL));
if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0)
- ok = ok && rsa_todata(rsa, tmpl, NULL);
+ ok = ok && ossl_rsa_todata(rsa, tmpl, NULL);
if (!ok
|| (params = OSSL_PARAM_BLD_to_param(tmpl)) == NULL)
@@ -297,7 +297,7 @@ static const OSSL_PARAM *rsa_export_types(int selection)
static int rsa_get_params(void *key, OSSL_PARAM params[])
{
RSA *rsa = key;
- const RSA_PSS_PARAMS_30 *pss_params = rsa_get0_pss_params_30(rsa);
+ const RSA_PSS_PARAMS_30 *pss_params = ossl_rsa_get0_pss_params_30(rsa);
int rsa_type = RSA_test_flags(rsa, RSA_FLAG_TYPE_MASK);
OSSL_PARAM *p;
@@ -330,17 +330,17 @@ static int rsa_get_params(void *key, OSSL_PARAM params[])
&& rsa_type == RSA_FLAG_TYPE_RSASSAPSS) {
const char *mdname = RSA_PSS_DEFAULT_MD;
- if (!rsa_pss_params_30_is_unrestricted(pss_params)) {
+ if (!ossl_rsa_pss_params_30_is_unrestricted(pss_params)) {
mdname =
- rsa_oaeppss_nid2name(rsa_pss_params_30_hashalg(pss_params));
+ ossl_rsa_oaeppss_nid2name(ossl_rsa_pss_params_30_hashalg(pss_params));
if (mdname == NULL || !OSSL_PARAM_set_utf8_string(p, mdname))
return 0;
}
}
return (rsa_type != RSA_FLAG_TYPE_RSASSAPSS
- || rsa_pss_params_30_todata(pss_params, NULL, params))
- && rsa_todata(rsa, NULL, params);
+ || ossl_rsa_pss_params_30_todata(pss_params, NULL, params))
+ && ossl_rsa_todata(rsa, NULL, params);
}
static const OSSL_PARAM rsa_params[] = {
@@ -371,12 +371,12 @@ static int rsa_validate(void *keydata, int selection)
/* If the whole key is selected, we do a pairwise validation */
if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR)
== OSSL_KEYMGMT_SELECT_KEYPAIR) {
- ok = ok && rsa_validate_pairwise(rsa);
+ ok = ok && ossl_rsa_validate_pairwise(rsa);
} else {
if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0)
- ok = ok && rsa_validate_private(rsa);
+ ok = ok && ossl_rsa_validate_private(rsa);
if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0)
- ok = ok && rsa_validate_public(rsa);
+ ok = ok && ossl_rsa_validate_public(rsa);
}
return ok;
}
@@ -489,7 +489,7 @@ static int rsa_gen_set_params(void *genctx, const OSSL_PARAM params[])
OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_E, NULL, 0)
/*
- * The following must be kept in sync with rsa_pss_params_30_fromdata()
+ * The following must be kept in sync with ossl_rsa_pss_params_30_fromdata()
* in crypto/rsa/rsa_backend.c
*/
#define rsa_gen_pss \
@@ -532,7 +532,7 @@ static void *rsa_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg)
switch (gctx->rsa_type) {
case RSA_FLAG_TYPE_RSA:
/* For plain RSA keys, PSS parameters must not be set */
- if (!rsa_pss_params_30_is_unrestricted(&gctx->pss_params))
+ if (!ossl_rsa_pss_params_30_is_unrestricted(&gctx->pss_params))
goto err;
break;
case RSA_FLAG_TYPE_RSASSAPSS:
@@ -546,7 +546,7 @@ static void *rsa_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg)
return NULL;
}
- if ((rsa_tmp = rsa_new_with_ctx(gctx->libctx)) == NULL)
+ if ((rsa_tmp = ossl_rsa_new_with_ctx(gctx->libctx)) == NULL)
return NULL;
gctx->cb = osslcb;
@@ -567,8 +567,8 @@ static void *rsa_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg)
gctx->pub_exp, gencb))
goto err;
- if (!rsa_pss_params_30_copy(rsa_get0_pss_params_30(rsa_tmp),
- &gctx->pss_params))
+ if (!ossl_rsa_pss_params_30_copy(ossl_rsa_get0_pss_params_30(rsa_tmp),
+ &gctx->pss_params))
goto err;
RSA_clear_flags(rsa_tmp, RSA_FLAG_TYPE_MASK);
diff --git a/providers/implementations/signature/rsa.c b/providers/implementations/signature/rsa.c
index dbebf7d7b1..efcb76661e 100644
--- a/providers/implementations/signature/rsa.c
+++ b/providers/implementations/signature/rsa.c
@@ -288,7 +288,7 @@ static int rsa_signverify_init(void *vprsactx, void *vrsa, int operation)
prsactx->rsa = vrsa;
prsactx->operation = operation;
- if (!rsa_check_key(vrsa, operation == EVP_PKEY_OP_SIGN)) {
+ if (!ossl_rsa_check_key(vrsa, operation == EVP_PKEY_OP_SIGN)) {
ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH);
return 0;
}
@@ -306,17 +306,17 @@ static int rsa_signverify_init(void *vprsactx, void *vrsa, int operation)
{
const RSA_PSS_PARAMS_30 *pss =
- rsa_get0_pss_params_30(prsactx->rsa);
+ ossl_rsa_get0_pss_params_30(prsactx->rsa);
- if (!rsa_pss_params_30_is_unrestricted(pss)) {
- int md_nid = rsa_pss_params_30_hashalg(pss);
- int mgf1md_nid = rsa_pss_params_30_maskgenhashalg(pss);
- int min_saltlen = rsa_pss_params_30_saltlen(pss);
+ if (!ossl_rsa_pss_params_30_is_unrestricted(pss)) {
+ int md_nid = ossl_rsa_pss_params_30_hashalg(pss);
+ int mgf1md_nid = ossl_rsa_pss_params_30_maskgenhashalg(pss);
+ int min_saltlen = ossl_rsa_pss_params_30_saltlen(pss);
const char *mdname, *mgf1mdname;
size_t len;
- mdname = rsa_oaeppss_nid2name(md_nid);
- mgf1mdname = rsa_oaeppss_nid2name(mgf1md_nid);
+ mdname = ossl_rsa_oaeppss_nid2name(md_nid);
+ mgf1mdname = ossl_rsa_oaeppss_nid2name(mgf1md_nid);
prsactx->min_saltlen = min_saltlen;
if (mdname == NULL) {
diff --git a/test/rsa_mp_test.c b/test/rsa_mp_test.c
index 4e82780b8e..0f3db5d4da 100644
--- a/test/rsa_mp_test.c
+++ b/test/rsa_mp_test.c
@@ -231,7 +231,7 @@ static int key2048p3_v2(RSA *key)
|| !TEST_int_ne(sk_BIGNUM_push(coeffs, num), 0))
goto err;
- if (!TEST_true(rsa_set0_all_params(key, primes, exps, coeffs)))
+ if (!TEST_true(ossl_rsa_set0_all_params(key, primes, exps, coeffs)))
goto err;
ret:
diff --git a/test/rsa_sp800_56b_test.c b/test/rsa_sp800_56b_test.c
index edcf4478fa..72451b37ca 100644
--- a/test/rsa_sp800_56b_test.c
+++ b/test/rsa_sp800_56b_test.c
@@ -113,19 +113,19 @@ static int test_check_public_exponent(void)
ret = TEST_ptr(e = BN_new())
/* e is too small */
&& TEST_true(BN_set_word(e, 65535))
- && TEST_false(rsa_check_public_exponent(e))
+ && TEST_false(ossl_rsa_check_public_exponent(e))
/* e is even will fail */
&& TEST_true(BN_set_word(e, 65536))
- && TEST_false(rsa_check_public_exponent(e))
+ && TEST_false(ossl_rsa_check_public_exponent(e))
/* e is ok */
&& TEST_true(BN_set_word(e, 65537))
- && TEST_true(rsa_check_public_exponent(e))
+ && TEST_true(ossl_rsa_check_public_exponent(e))
/* e = 2^256 is too big */
&& TEST_true(BN_lshift(e, BN_value_one(), 256))
- && TEST_false(rsa_check_public_exponent(e))
+ && TEST_false(ossl_rsa_check_public_exponent(e))
/* e = 2^256-1 is odd and in range */
&& TEST_true(BN_sub(e, e, BN_value_one()))
- && TEST_true(rsa_check_public_exponent(e));
+ && TEST_true(ossl_rsa_check_public_exponent(e));
BN_free(e);
return ret;
}
@@ -153,19 +153,19 @@ static int test_check_prime_factor_range(void)
&& TEST_ptr(bn_p4 = bn_load_new(p4, sizeof(p4)))
&& TEST_ptr(ctx = BN_CTX_new())
&& TEST_true(BN_set_word(p, 0xA))
- && TEST_false(rsa_check_prime_factor_range(p, 8, ctx))
+ && TEST_false(ossl_rsa_check_prime_factor_range(p, 8, ctx))
&& TEST_true(BN_set_word(p, 0x10))
- && TEST_false(rsa_check_prime_factor_range(p, 8, ctx))
+ && TEST_false(ossl_rsa_check_prime_factor_range(p, 8, ctx))
&& TEST_true(BN_set_word(p, 0xB))
- && TEST_false(rsa_check_prime_factor_range(p, 8, ctx))
+ && TEST_false(ossl_rsa_check_prime_factor_range(p, 8, ctx))
&& TEST_true(BN_set_word(p, 0xC))
- && TEST_true(rsa_check_prime_factor_range(p, 8, ctx))
+ && TEST_true(ossl_rsa_check_prime_factor_range(p, 8, ctx))
&& TEST_true(BN_set_word(p, 0xF))
- && TEST_true(rsa_check_prime_factor_range(p, 8, ctx))
- && TEST_false(rsa_check_prime_factor_range(bn_p1, 72, ctx))
- && TEST_false(rsa_check_prime_factor_range(bn_p2, 72, ctx))
- && TEST_true(rsa_check_prime_factor_range(bn_p3, 72, ctx))
- && TEST_true(rsa_check_prime_factor_range(bn_p4, 72, ctx));
+ && TEST_true(ossl_rsa_check_prime_factor_range(p, 8, ctx))
+ && TEST_false(ossl_rsa_check_prime_factor_range(bn_p1, 72, ctx))
+ && TEST_false(ossl_rsa_check_prime_factor_range(bn_p2, 72, ctx))
+ && TEST_true(ossl_rsa_check_prime_factor_range(bn_p3, 72, ctx))
+ && TEST_true(ossl_rsa_check_prime_factor_range(bn_p4, 72, ctx));
BN_free(bn_p4);
BN_free(bn_p3);
@@ -196,15 +196,15 @@ static int test_check_prime_factor(void)
&& TEST_ptr(ctx = BN_CTX_new())
/* Fails the prime test */
&& TEST_true(BN_set_word(e, 0x1))
- && TEST_false(rsa_check_prime_factor(bn_p1, e, 72, ctx))
+ && TEST_false(ossl_rsa_check_prime_factor(bn_p1, e, 72, ctx))
/* p is prime and in range and gcd(p-1, e) = 1 */
- && TEST_true(rsa_check_prime_factor(bn_p2, e, 72, ctx))
+ && TEST_true(ossl_rsa_check_prime_factor(bn_p2, e, 72, ctx))
/* gcd(p-1,e) = 1 test fails */
&& TEST_true(BN_set_word(e, 0x2))
- && TEST_false(rsa_check_prime_factor(p, e, 72, ctx))
+ && TEST_false(ossl_rsa_check_prime_factor(p, e, 72, ctx))
/* p fails the range check */
&& TEST_true(BN_set_word(e, 0x1))
- && TEST_false(rsa_check_prime_factor(bn_p3, e, 72, ctx));
+ && TEST_false(ossl_rsa_check_prime_factor(bn_p3, e, 72, ctx));
BN_free(bn_p3);
BN_free(bn_p2);
@@ -250,18 +250,18 @@ static int test_check_private_exponent(void)
goto end;
}
/* fails since d >= lcm(p-1, q-1) */
- ret = TEST_false(rsa_check_private_exponent(key, 8, ctx))
+ ret = TEST_false(ossl_rsa_check_private_exponent(key, 8, ctx))
&& TEST_true(BN_set_word(d, 45))
/* d is correct size and 1 = e.d mod lcm(p-1, q-1) */
- && TEST_true(rsa_check_private_exponent(key, 8, ctx))
+ && TEST_true(ossl_rsa_check_private_exponent(key, 8, ctx))
/* d is too small compared to nbits */
- && TEST_false(rsa_check_private_exponent(key, 16, ctx))
+ && TEST_false(ossl_rsa_check_private_exponent(key, 16, ctx))
/* d is too small compared to nbits */
&& TEST_true(BN_set_word(d, 16))
- && TEST_false(rsa_check_private_exponent(key, 8, ctx))
+ && TEST_false(ossl_rsa_check_private_exponent(key, 8, ctx))
/* fail if 1 != e.d mod lcm(p-1, q-1) */
&& TEST_true(BN_set_word(d, 46))
- && TEST_false(rsa_check_private_exponent(key, 8, ctx));
+ && TEST_false(ossl_rsa_check_private_exponent(key, 8, ctx));
end:
RSA_free(key);
BN_CTX_free(ctx);
@@ -297,44 +297,44 @@ static int test_check_crt_components(void)
BN_free(q);
goto end;
}
- ret = TEST_true(rsa_sp800_56b_derive_params_from_pq(key, 8, e, ctx))
+ ret = TEST_true(ossl_rsa_sp800_56b_derive_params_from_pq(key, 8, e, ctx))
&& TEST_BN_eq_word(key->n, N)
&& TEST_BN_eq_word(key->dmp1, DP)
&& TEST_BN_eq_word(key->dmq1, DQ)
&& TEST_BN_eq_word(key->iqmp, QINV)
- && TEST_true(rsa_check_crt_components(key, ctx))
+ && TEST_true(ossl_rsa_check_crt_components(key, ctx))
/* (a) 1 < dP < (p – 1). */
&& TEST_true(BN_set_word(key->dmp1, 1))
- && TEST_false(rsa_check_crt_components(key, ctx))
+ && TEST_false(ossl_rsa_check_crt_components(key, ctx))
&& TEST_true(BN_set_word(key->dmp1, P-1))
- && TEST_false(rsa_check_crt_components(key, ctx))
+ && TEST_false(ossl_rsa_check_crt_components(key, ctx))
&& TEST_true(BN_set_word(key->dmp1, DP))
/* (b) 1 < dQ < (q - 1). */
&& TEST_true(BN_set_word(key->dmq1, 1))
- && TEST_false(rsa_check_crt_components(key, ctx))
+ && TEST_false(ossl_rsa_check_crt_components(key, ctx))
&& TEST_true(BN_set_word(key->dmq1, Q-1))
- && TEST_false(rsa_check_crt_components(key, ctx))
+ && TEST_false(ossl_rsa_check_crt_components(key, ctx))
&& TEST_true(BN_set_word(key->dmq1, DQ))
/* (c) 1 < qInv < p */
&& TEST_true(BN_set_word(key->iqmp, 1))
- && TEST_false(rsa_check_crt_components(key, ctx))
+ && TEST_false(ossl_rsa_check_crt_components(key, ctx))
&& TEST_true(BN_set_word(key->iqmp, P))
- && TEST_false(rsa_check_crt_components(key, ctx))
+ && TEST_false(ossl_rsa_check_crt_components(key, ctx))
&& TEST_true(BN_set_word(key->iqmp, QINV))
/* (d) 1 = (dP . e) mod (p - 1)*/
&& TEST_true(BN_set_word(key->dmp1, DP+1))
- && TEST_false(rsa_check_crt_components(key, ctx))
+ && TEST_false(ossl_rsa_check_crt_components(key, ctx))
&& TEST_true(BN_set_word(key->dmp1, DP))
/* (e) 1 = (dQ . e) mod (q - 1) */
&& TEST_true(BN_set_word(key->dmq1, DQ-1))
- && TEST_false(rsa_check_crt_components(key, ctx))
+ && TEST_false(ossl_rsa_check_crt_components(key, ctx))
&& TEST_true(BN_set_word(key->dmq1, DQ))
/* (f) 1 = (qInv . q) mod p */
&& TEST_true(BN_set_word(key->iqmp, QINV+1))
- && TEST_false(rsa_check_crt_components(key, ctx))
+ && TEST_false(ossl_rsa_check_crt_components(key, ctx))
&& TEST_true(BN_set_word(key->iqmp, QINV))
/* check defaults are still valid */
- && TEST_true(rsa_check_crt_components(key, ctx));
+ && TEST_true(ossl_rsa_check_crt_components(key, ctx));
end:
BN_free(e);
RSA_free(key);
@@ -353,13 +353,13 @@ static int test_pq_diff(void)
/* |1-(2+1)| > 2^1 */
&& TEST_true(BN_set_word(p, 1))
&& TEST_true(BN_set_word(q, 1+2))
- && TEST_false(rsa_check_pminusq_diff(tmp, p, q, 202))
+ && TEST_false(ossl_rsa_check_pminusq_diff(tmp, p, q, 202))
/* Check |p - q| > 2^(nbits/2 - 100) */
&& TEST_true(BN_set_word(q, 1+3))
- && TEST_true(rsa_check_pminusq_diff(tmp, p, q, 202))
+ && TEST_true(ossl_rsa_check_pminusq_diff(tmp, p, q, 202))
&& TEST_true(BN_set_word(p, 1+3))
&& TEST_true(BN_set_word(q, 1))
- && TEST_true(rsa_check_pminusq_diff(tmp, p, q, 202));
+ && TEST_true(ossl_rsa_check_pminusq_diff(tmp, p, q, 202));
BN_free(p);
BN_free(q);
BN_free(tmp);
@@ -376,7 +376,7 @@ static int test_invalid_keypair(void)
ret = TEST_ptr(key = RSA_new())
&& TEST_ptr(ctx = BN_CTX_new())
/* NULL parameters */
- && TEST_false(rsa_sp800_56b_check_keypair(key, NULL, -1, 2048))
+ && TEST_false(ossl_rsa_sp800_56b_check_keypair(key, NULL, -1, 2048))
/* load key */
&& TEST_ptr(p = bn_load_new(cav_p, sizeof(cav_p)))
&& TEST_ptr(q = bn_load_new(cav_q, sizeof(cav_q)))
@@ -398,36 +398,35 @@ static int test_invalid_keypair(void)
goto end;
}
/* bad strength/key size */
- ret = TEST_false(rsa_sp800_56b_check_keypair(key, NULL, 100, 2048))
- && TEST_false(rsa_sp800_56b_check_keypair(key, NULL, 112, 1024))
- && TEST_false(rsa_sp800_56b_check_keypair(key, NULL, 128, 2048))
- && TEST_false(rsa_sp800_56b_check_keypair(key, NULL, 140, 3072))
+ ret = TEST_false(ossl_rsa_sp800_56b_check_keypair(key, NULL, 100, 2048))
+ && TEST_false(ossl_rsa_sp800_56b_check_keypair(key, NULL, 112, 1024))
+ && TEST_false(ossl_rsa_sp800_56b_check_keypair(key, NULL, 128, 2048))
+ && TEST_false(ossl_rsa_sp800_56b_check_keypair(key, NULL, 140, 3072))
/* mismatching exponent */
- && TEST_false(rsa_sp800_56b_check_keypair(key, BN_value_one(), -1,
- 2048))
+ && TEST_false(ossl_rsa_sp800_56b_check_keypair(key, BN_value_one(),
+ -1, 2048))
/* bad exponent */
&& TEST_true(BN_add_word(e, 1))
- && TEST_false(rsa_sp800_56b_check_keypair(key, NULL, -1,
- 2048))
+ && TEST_false(ossl_rsa_sp800_56b_check_keypair(key, NULL, -1, 2048))
&& TEST_true(BN_sub_word(e, 1))
/* mismatch between bits and modulus */
- && TEST_false(rsa_sp800_56b_check_keypair(key, NULL, -1, 3072))
- && TEST_true(rsa_sp800_56b_check_keypair(key, e, 112, 2048))
+ && TEST_false(ossl_rsa_sp800_56b_check_keypair(key, NULL, -1, 3072))
+ && TEST_true(ossl_rsa_sp800_56b_check_keypair(key, e, 112, 2048))
/* check n == pq failure */
&& TEST_true(BN_add_word(n, 1))
- && TEST_false(rsa_sp800_56b_check_keypair(key, NULL, -1, 2048))
+ && TEST_false(ossl_rsa_sp800_56b_check_keypair(key, NULL, -1, 2048))
&& TEST_true(BN_sub_word(n, 1))
/* check p */
&& TEST_true(BN_sub_word(p, 2))
&& TEST_true(BN_mul(n, p, q, ctx))
- && TEST_false(rsa_sp800_56b_check_keypair(key, NULL, -1, 2048))
+ && TEST_false(ossl_rsa_sp800_56b_check_keypair(key, NULL, -1, 2048))
&& TEST_true(BN_add_word(p, 2))
&& TEST_true(BN_mul(n, p, q, ctx))
/* check q */
&& TEST_true(BN_sub_word(q, 2))
&& TEST_true(BN_mul(n, p, q, ctx))
- && TEST_false(rsa_sp800_56b_check_keypair(key, NULL, -1, 2048))
+ && TEST_false(ossl_rsa_sp800_56b_check_keypair(key, NULL, -1, 2048))
&& TEST_true(BN_add_word(q, 2))
&& TEST_true(BN_mul(n, p, q, ctx));
end:
@@ -448,10 +447,10 @@ static int test_sp80056b_keygen(int id)
int sz = keygen_size[id];
ret = TEST_ptr(key = RSA_new())
- && TEST_true(rsa_sp800_56b_generate_key(key, sz, NULL, NULL))
- && TEST_true(rsa_sp800_56b_check_public(key))
- && TEST_true(rsa_sp800_56b_check_private(key))
- && TEST_true(rsa_sp800_56b_check_keypair(key, NULL, -1, sz));
+ && TEST_true(ossl_rsa_sp800_56b_generate_key(key, sz, NULL, NULL))
+ && TEST_true(ossl_rsa_sp800_56b_check_public(key))
+ && TEST_true(ossl_rsa_sp800_56b_check_private(key))
+ && TEST_true(ossl_rsa_sp800_56b_check_keypair(key, NULL, -1, sz));
RSA_free(key);
return ret;
@@ -465,7 +464,7 @@ static int test_check_private_key(void)
ret = TEST_ptr(key = RSA_new())
/* check NULL pointers fail */
- && TEST_false(rsa_sp800_56b_check_private(key))
+ && TEST_false(ossl_rsa_sp800_56b_check_private(key))
/* load private key */
&& TEST_ptr(n = bn_load_new(cav_n, sizeof(cav_n)))
&& TEST_ptr(d = bn_load_new(cav_d, sizeof(cav_d)))
@@ -478,13 +477,13 @@ static int test_check_private_key(void)
goto end;
}
/* check d is in range */
- ret = TEST_true(rsa_sp800_56b_check_private(key))
+ ret = TEST_true(ossl_rsa_sp800_56b_check_private(key))
/* check d is too low */
&& TEST_true(BN_set_word(d, 0))
- && TEST_false(rsa_sp800_56b_check_private(key))
+ && TEST_false(ossl_rsa_sp800_56b_check_private(key))
/* check d is too high */
&& TEST_ptr(BN_copy(d, n))
- && TEST_false(rsa_sp800_56b_check_private(key));
+ && TEST_false(ossl_rsa_sp800_56b_check_private(key));
end:
RSA_free(key);
return ret;
@@ -498,7 +497,7 @@ static int test_check_public_key(void)
ret = TEST_ptr(key = RSA_new())
/* check NULL pointers fail */
- && TEST_false(rsa_sp800_56b_check_public(key))
+ && TEST_false(ossl_rsa_sp800_56b_check_public(key))
/* load public key */
&& TEST_ptr(e = bn_load_new(cav_e, sizeof(cav_e)))
&& TEST_ptr(n = bn_load_new(cav_n, sizeof(cav_n)))
@@ -509,22 +508,22 @@ static int test_check_public_key(void)
goto end;
}
/* check public key is valid */
- ret = TEST_true(rsa_sp800_56b_check_public(key))
+ ret = TEST_true(ossl_rsa_sp800_56b_check_public(key))
/* check fail if n is even */
&& TEST_true(BN_add_word(n, 1))
- && TEST_false(rsa_sp800_56b_check_public(key))
+ && TEST_false(ossl_rsa_sp800_56b_check_public(key))
&& TEST_true(BN_sub_word(n, 1))
/* check fail if n is wrong number of bits */
&& TEST_true(BN_lshift1(n, n))
- && TEST_false(rsa_sp800_56b_check_public(key))
+ && TEST_false(ossl_rsa_sp800_56b_check_public(key))
&& TEST_true(BN_rshift1(n, n))
/* test odd exponent fails */
&& TEST_true(BN_add_word(e, 1))
- && TEST_false(rsa_sp800_56b_check_public(key))
+ && TEST_false(ossl_rsa_sp800_56b_check_public(key))
&& TEST_true(BN_sub_word(e, 1))
/* modulus fails composite check */
&& TEST_true(BN_add_word(n, 2))
- && TEST_false(rsa_sp800_56b_check_public(key));
+ && TEST_false(ossl_rsa_sp800_56b_check_public(key));
end:
RSA_free(key);
return ret;
More information about the openssl-commits
mailing list