#include "crypto/rsa.h"
#include "rsa_local.h"
-int rsa_acvp_test_gen_params_new(OSSL_PARAM **dst, const OSSL_PARAM src[])
+int ossl_rsa_acvp_test_gen_params_new(OSSL_PARAM **dst, const OSSL_PARAM src[])
{
const OSSL_PARAM *p, *s;
OSSL_PARAM *d, *alloc = NULL;
}
}
if (ret == 0) {
- rsa_acvp_test_gen_params_free(alloc);
+ ossl_rsa_acvp_test_gen_params_free(alloc);
alloc = NULL;
}
if (*dst != NULL)
- rsa_acvp_test_gen_params_free(*dst);
+ ossl_rsa_acvp_test_gen_params_free(*dst);
*dst = alloc;
return ret;
}
-void rsa_acvp_test_gen_params_free(OSSL_PARAM *dst)
+void ossl_rsa_acvp_test_gen_params_free(OSSL_PARAM *dst)
{
OSSL_PARAM *p;
OPENSSL_free(dst);
}
-int rsa_acvp_test_set_params(RSA *r, const OSSL_PARAM params[])
+int ossl_rsa_acvp_test_set_params(RSA *r, const OSSL_PARAM params[])
{
RSA_ACVP_TEST *t;
const OSSL_PARAM *p;
if (r->acvp_test != NULL) {
- rsa_acvp_test_free(r->acvp_test);
+ ossl_rsa_acvp_test_free(r->acvp_test);
r->acvp_test = NULL;
}
r->acvp_test = t;
return 1;
err:
- rsa_acvp_test_free(t);
+ ossl_rsa_acvp_test_free(t);
return 0;
}
-int rsa_acvp_test_get_params(RSA *r, OSSL_PARAM params[])
+int ossl_rsa_acvp_test_get_params(RSA *r, OSSL_PARAM params[])
{
RSA_ACVP_TEST *t;
OSSL_PARAM *p;
return 1;
}
-void rsa_acvp_test_free(RSA_ACVP_TEST *t)
+void ossl_rsa_acvp_test_free(RSA_ACVP_TEST *t)
{
if (t != NULL) {
BN_free(t->Xp1);
switch (op) {
case ASN1_PKEY_CTRL_DEFAULT_MD_NID:
if (pkey->pkey.rsa->pss != NULL) {
- if (!rsa_pss_get_param(pkey->pkey.rsa->pss, &md, &mgf1md,
- &min_saltlen)) {
+ if (!ossl_rsa_pss_get_param(pkey->pkey.rsa->pss, &md, &mgf1md,
+ &min_saltlen)) {
ERR_raise(ERR_LIB_RSA, ERR_R_INTERNAL_ERROR);
return 0;
}
return NULL;
}
- return rsa_pss_params_create(sigmd, mgf1md, saltlen);
+ return ossl_rsa_pss_params_create(sigmd, mgf1md, saltlen);
}
-RSA_PSS_PARAMS *rsa_pss_params_create(const EVP_MD *sigmd,
- const EVP_MD *mgf1md, int saltlen)
+RSA_PSS_PARAMS *ossl_rsa_pss_params_create(const EVP_MD *sigmd,
+ const EVP_MD *mgf1md, int saltlen)
{
RSA_PSS_PARAMS *pss = RSA_PSS_PARAMS_new();
/* Decode PSS parameters */
pss = rsa_pss_decode(sigalg);
- if (!rsa_pss_get_param(pss, &md, &mgf1md, &saltlen)) {
+ if (!ossl_rsa_pss_get_param(pss, &md, &mgf1md, &saltlen)) {
ERR_raise(ERR_LIB_RSA, RSA_R_INVALID_PSS_PARAMETERS);
goto err;
}
return 1;
}
-int rsa_pss_get_param(const RSA_PSS_PARAMS *pss, const EVP_MD **pmd,
- const EVP_MD **pmgf1md, int *psaltlen)
+int ossl_rsa_pss_get_param(const RSA_PSS_PARAMS *pss, const EVP_MD **pmd,
+ const EVP_MD **pmgf1md, int *psaltlen)
{
/*
* Callers do not care about the trailer field, and yet, we must
* to even read a key with invalid values, making it hard to test
* a bad situation.
*
- * Other routines use rsa_pss_get_param(), so the values will be
+ * Other routines use ossl_rsa_pss_get_param(), so the values will be
* checked, eventually.
*/
if (!rsa_pss_get_param_unverified(rsa->pss, &md, &mgf1md,
return 0;
/* Decode PSS parameters */
pss = rsa_pss_decode(sigalg);
- if (!rsa_pss_get_param(pss, &md, &mgf1md, &saltlen))
+ if (!ossl_rsa_pss_get_param(pss, &md, &mgf1md, &saltlen))
goto err;
mdnid = EVP_MD_type(md);
/*
const EVP_MD *md = EVP_get_digestbynid(mdnid);
const EVP_MD *mgf1md = EVP_get_digestbynid(mgf1mdnid);
- if ((rsa->pss = rsa_pss_params_create(md, mgf1md, saltlen)) == NULL)
+ if ((rsa->pss = ossl_rsa_pss_params_create(md, mgf1md,
+ saltlen)) == NULL)
goto err;
}
break;
/* not a multi-prime key, skip */
return 1;
}
- return (rsa_multip_calc_product((RSA *)*pval) == 1) ? 2 : 0;
+ return (ossl_rsa_multip_calc_product((RSA *)*pval) == 1) ? 2 : 0;
}
return 1;
}
#if defined(FIPS_MODULE) && !defined(OPENSSL_NO_ACVP_TESTS)
/* The acvp test results are not meant for export so check for bld == NULL */
if (bld == NULL)
- rsa_acvp_test_get_params(rsa, params);
+ ossl_rsa_acvp_test_get_params(rsa, params);
#endif
ret = 1;
err:
if (key->version == RSA_ASN1_VERSION_MULTI) {
ex_primes = sk_RSA_PRIME_INFO_num(key->prime_infos);
if (ex_primes <= 0
- || (ex_primes + 2) > rsa_multip_cap(BN_num_bits(key->n))) {
+ || (ex_primes + 2) > ossl_rsa_multip_cap(BN_num_bits(key->n))) {
ERR_raise(ERR_LIB_RSA, RSA_R_INVALID_MULTI_PRIME_KEY);
return 0;
}
return 0;
}
- if (primes < RSA_DEFAULT_PRIME_NUM || primes > rsa_multip_cap(bits)) {
+ if (primes < RSA_DEFAULT_PRIME_NUM || primes > ossl_rsa_multip_cap(bits)) {
ok = 0; /* we set our own err */
ERR_raise(ERR_LIB_RSA, RSA_R_KEY_PRIME_NUM_INVALID);
goto err;
goto err;
if (rsa->prime_infos != NULL) {
/* could this happen? */
- sk_RSA_PRIME_INFO_pop_free(rsa->prime_infos, rsa_multip_info_free);
+ sk_RSA_PRIME_INFO_pop_free(rsa->prime_infos,
+ ossl_rsa_multip_info_free);
}
rsa->prime_infos = prime_infos;
/* prime_info from 2 to |primes| -1 */
for (i = 2; i < primes; i++) {
- pinfo = rsa_multip_info_new();
+ pinfo = ossl_rsa_multip_info_new();
if (pinfo == NULL)
goto err;
(void)sk_RSA_PRIME_INFO_push(prime_infos, pinfo);
BN_clear_free(r->iqmp);
#if defined(FIPS_MODULE) && !defined(OPENSSL_NO_ACVP_TESTS)
- rsa_acvp_test_free(r->acvp_test);
+ ossl_rsa_acvp_test_free(r->acvp_test);
#endif
#ifndef FIPS_MODULE
RSA_PSS_PARAMS_free(r->pss);
- sk_RSA_PRIME_INFO_pop_free(r->prime_infos, rsa_multip_info_free);
+ sk_RSA_PRIME_INFO_pop_free(r->prime_infos, ossl_rsa_multip_info_free);
#endif
BN_BLINDING_free(r->blinding);
BN_BLINDING_free(r->mt_blinding);
/* This ought to mean that we have private key at hand. */
int ex_primes = sk_RSA_PRIME_INFO_num(rsa->prime_infos);
- if (ex_primes <= 0 || (ex_primes + 2) > rsa_multip_cap(bits))
+ if (ex_primes <= 0 || (ex_primes + 2) > ossl_rsa_multip_cap(bits))
return 0;
}
#endif
old = r->prime_infos;
for (i = 0; i < pnum; i++) {
- pinfo = rsa_multip_info_new();
+ pinfo = ossl_rsa_multip_info_new();
if (pinfo == NULL)
goto err;
if (primes[i] != NULL && exps[i] != NULL && coeffs[i] != NULL) {
BN_set_flags(pinfo->d, BN_FLG_CONSTTIME);
BN_set_flags(pinfo->t, BN_FLG_CONSTTIME);
} else {
- rsa_multip_info_free(pinfo);
+ ossl_rsa_multip_info_free(pinfo);
goto err;
}
(void)sk_RSA_PRIME_INFO_push(prime_infos, pinfo);
r->prime_infos = prime_infos;
- if (!rsa_multip_calc_product(r)) {
+ if (!ossl_rsa_multip_calc_product(r)) {
r->prime_infos = old;
goto err;
}
* be freed in that case. So currently, stay consistent
* with other *set0* functions: just free it...
*/
- sk_RSA_PRIME_INFO_pop_free(old, rsa_multip_info_free);
+ sk_RSA_PRIME_INFO_pop_free(old, ossl_rsa_multip_info_free);
}
r->version = RSA_ASN1_VERSION_MULTI;
return 1;
err:
/* r, d, t should not be freed */
- sk_RSA_PRIME_INFO_pop_free(prime_infos, rsa_multip_info_free_ex);
+ sk_RSA_PRIME_INFO_pop_free(prime_infos, ossl_rsa_multip_info_free_ex);
return 0;
}
#endif
if (!ossl_assert(prime != NULL && exp != NULL && coeff != NULL))
goto err;
- /* Using rsa_multip_info_new() is wasteful, so allocate directly */
+ /* Using ossl_rsa_multip_info_new() is wasteful, so allocate directly */
if ((pinfo = OPENSSL_zalloc(sizeof(*pinfo))) == NULL) {
ERR_raise(ERR_LIB_RSA, ERR_R_MALLOC_FAILURE);
goto err;
r->prime_infos = prime_infos;
- if (!rsa_multip_calc_product(r)) {
+ if (!ossl_rsa_multip_calc_product(r)) {
r->prime_infos = old_infos;
goto err;
}
* be freed in that case. So currently, stay consistent
* with other *set0* functions: just free it...
*/
- sk_RSA_PRIME_INFO_pop_free(old_infos, rsa_multip_info_free);
+ sk_RSA_PRIME_INFO_pop_free(old_infos, ossl_rsa_multip_info_free);
}
#endif
#ifndef FIPS_MODULE
err:
/* r, d, t should not be freed */
- sk_RSA_PRIME_INFO_pop_free(prime_infos, rsa_multip_info_free_ex);
+ sk_RSA_PRIME_INFO_pop_free(prime_infos, ossl_rsa_multip_info_free_ex);
return 0;
#endif
}
#define pkey_is_pss(pkey) (pkey->ameth->pkey_id == EVP_PKEY_RSA_PSS)
#define pkey_ctx_is_pss(ctx) (ctx->pmeth->pkey_id == EVP_PKEY_RSA_PSS)
-RSA_PSS_PARAMS *rsa_pss_params_create(const EVP_MD *sigmd,
- const EVP_MD *mgf1md, int saltlen);
-int rsa_pss_get_param(const RSA_PSS_PARAMS *pss, const EVP_MD **pmd,
- const EVP_MD **pmgf1md, int *psaltlen);
+RSA_PSS_PARAMS *ossl_rsa_pss_params_create(const EVP_MD *sigmd,
+ const EVP_MD *mgf1md, int saltlen);
+int ossl_rsa_pss_get_param(const RSA_PSS_PARAMS *pss, const EVP_MD **pmd,
+ const EVP_MD **pmgf1md, int *psaltlen);
/* internal function to clear and free multi-prime parameters */
-void rsa_multip_info_free_ex(RSA_PRIME_INFO *pinfo);
-void rsa_multip_info_free(RSA_PRIME_INFO *pinfo);
-RSA_PRIME_INFO *rsa_multip_info_new(void);
-int rsa_multip_calc_product(RSA *rsa);
-int rsa_multip_cap(int bits);
+void ossl_rsa_multip_info_free_ex(RSA_PRIME_INFO *pinfo);
+void ossl_rsa_multip_info_free(RSA_PRIME_INFO *pinfo);
+RSA_PRIME_INFO *ossl_rsa_multip_info_new(void);
+int ossl_rsa_multip_calc_product(RSA *rsa);
+int ossl_rsa_multip_cap(int bits);
int ossl_rsa_sp800_56b_validate_strength(int nbits, int strength);
int ossl_rsa_check_pminusq_diff(BIGNUM *diff, const BIGNUM *p, const BIGNUM *q,
#include <openssl/err.h>
#include "rsa_local.h"
-void rsa_multip_info_free_ex(RSA_PRIME_INFO *pinfo)
+void ossl_rsa_multip_info_free_ex(RSA_PRIME_INFO *pinfo)
{
/* free pp and pinfo only */
BN_clear_free(pinfo->pp);
OPENSSL_free(pinfo);
}
-void rsa_multip_info_free(RSA_PRIME_INFO *pinfo)
+void ossl_rsa_multip_info_free(RSA_PRIME_INFO *pinfo)
{
/* free a RSA_PRIME_INFO structure */
BN_clear_free(pinfo->r);
BN_clear_free(pinfo->d);
BN_clear_free(pinfo->t);
- rsa_multip_info_free_ex(pinfo);
+ ossl_rsa_multip_info_free_ex(pinfo);
}
-RSA_PRIME_INFO *rsa_multip_info_new(void)
+RSA_PRIME_INFO *ossl_rsa_multip_info_new(void)
{
RSA_PRIME_INFO *pinfo;
}
/* Refill products of primes */
-int rsa_multip_calc_product(RSA *rsa)
+int ossl_rsa_multip_calc_product(RSA *rsa)
{
RSA_PRIME_INFO *pinfo;
BIGNUM *p1 = NULL, *p2 = NULL;
return rv;
}
-int rsa_multip_cap(int bits)
+int ossl_rsa_multip_cap(int bits)
{
int cap = 5;
memcpy(rout, rctx->tbuf, ret);
} else if (rctx->pad_mode == RSA_PKCS1_PADDING) {
size_t sltmp;
- ret = int_rsa_verify(EVP_MD_type(rctx->md),
- NULL, 0, rout, &sltmp,
- sig, siglen, ctx->pkey->pkey.rsa);
+ ret = ossl_rsa_verify(EVP_MD_type(rctx->md),
+ NULL, 0, rout, &sltmp,
+ sig, siglen, ctx->pkey->pkey.rsa);
if (ret <= 0)
return 0;
ret = sltmp;
/* If all parameters are default values don't set pss */
if (rctx->md == NULL && rctx->mgf1md == NULL && rctx->saltlen == -2)
return 1;
- rsa->pss = rsa_pss_params_create(rctx->md, rctx->mgf1md,
- rctx->saltlen == -2 ? 0 : rctx->saltlen);
+ rsa->pss = ossl_rsa_pss_params_create(rctx->md, rctx->mgf1md,
+ rctx->saltlen == -2
+ ? 0 : rctx->saltlen);
if (rsa->pss == NULL)
return 0;
return 1;
if (rsa->pss == NULL)
return 1;
/* Get and check parameters */
- if (!rsa_pss_get_param(rsa->pss, &md, &mgf1md, &min_saltlen))
+ if (!ossl_rsa_pss_get_param(rsa->pss, &md, &mgf1md, &min_saltlen))
return 0;
/* See if minimum salt length exceeds maximum possible */
*
* It returns one on successful verification or zero otherwise.
*/
-int int_rsa_verify(int type, const unsigned char *m, unsigned int m_len,
- unsigned char *rm, size_t *prm_len,
- const unsigned char *sigbuf, size_t siglen, RSA *rsa)
+int ossl_rsa_verify(int type, const unsigned char *m, unsigned int m_len,
+ unsigned char *rm, size_t *prm_len,
+ const unsigned char *sigbuf, size_t siglen, RSA *rsa)
{
int len, ret = 0;
size_t decrypt_len, encoded_len = 0;
if (rsa->meth->rsa_verify != NULL)
return rsa->meth->rsa_verify(type, m, m_len, sigbuf, siglen, rsa);
- return int_rsa_verify(type, m, m_len, NULL, NULL, sigbuf, siglen, rsa);
+ return ossl_rsa_verify(type, m, m_len, NULL, NULL, sigbuf, siglen, rsa);
}
int ossl_rsa_validate_private(const RSA *key);
int ossl_rsa_validate_pairwise(const RSA *key);
-int int_rsa_verify(int dtype, const unsigned char *m,
- unsigned int m_len, unsigned char *rm,
- size_t *prm_len, const unsigned char *sigbuf,
- size_t siglen, RSA *rsa);
+int ossl_rsa_verify(int dtype, const unsigned char *m,
+ unsigned int m_len, unsigned char *rm,
+ size_t *prm_len, const unsigned char *sigbuf,
+ size_t siglen, RSA *rsa);
const unsigned char *ossl_rsa_digestinfo_encoding(int md_nid, size_t *len);
const X509_ALGOR *sigalg, EVP_PKEY *pkey);
# if defined(FIPS_MODULE) && !defined(OPENSSL_NO_ACVP_TESTS)
-int rsa_acvp_test_gen_params_new(OSSL_PARAM **dst, const OSSL_PARAM src[]);
-void rsa_acvp_test_gen_params_free(OSSL_PARAM *dst);
+int ossl_rsa_acvp_test_gen_params_new(OSSL_PARAM **dst, const OSSL_PARAM src[]);
+void ossl_rsa_acvp_test_gen_params_free(OSSL_PARAM *dst);
-int rsa_acvp_test_set_params(RSA *r, const OSSL_PARAM params[]);
-int rsa_acvp_test_get_params(RSA *r, OSSL_PARAM params[]);
+int ossl_rsa_acvp_test_set_params(RSA *r, const OSSL_PARAM params[]);
+int ossl_rsa_acvp_test_get_params(RSA *r, OSSL_PARAM params[]);
typedef struct rsa_acvp_test_st RSA_ACVP_TEST;
-void rsa_acvp_test_free(RSA_ACVP_TEST *t);
+void ossl_rsa_acvp_test_free(RSA_ACVP_TEST *t);
# else
# define RSA_ACVP_TEST void
# endif
return 0;
#if defined(FIPS_MODULE) && !defined(OPENSSL_NO_ACVP_TESTS)
/* Any ACVP test related parameters are copied into a params[] */
- if (!rsa_acvp_test_gen_params_new(&gctx->acvp_test_params, params))
+ if (!ossl_rsa_acvp_test_gen_params_new(&gctx->acvp_test_params, params))
return 0;
#endif
return 1;
#if defined(FIPS_MODULE) && !defined(OPENSSL_NO_ACVP_TESTS)
if (gctx->acvp_test_params != NULL) {
- if (!rsa_acvp_test_set_params(rsa_tmp, gctx->acvp_test_params))
+ if (!ossl_rsa_acvp_test_set_params(rsa_tmp, gctx->acvp_test_params))
goto err;
}
#endif
if (gctx == NULL)
return;
#if defined(FIPS_MODULE) && !defined(OPENSSL_NO_ACVP_TESTS)
- rsa_acvp_test_gen_params_free(gctx->acvp_test_params);
+ ossl_rsa_acvp_test_gen_params_free(gctx->acvp_test_params);
gctx->acvp_test_params = NULL;
#endif
BN_clear_free(gctx->pub_exp);
{
size_t sltmp;
- ret = int_rsa_verify(prsactx->mdnid, NULL, 0, rout, &sltmp,
- sig, siglen, prsactx->rsa);
+ ret = ossl_rsa_verify(prsactx->mdnid, NULL, 0, rout, &sltmp,
+ sig, siglen, prsactx->rsa);
if (ret <= 0) {
ERR_raise(ERR_LIB_PROV, ERR_R_RSA_LIB);
return 0;
projects / thirdparty / openssl.git / commitdiff
