From: Shane Lontis Date: Tue, 9 Mar 2021 00:14:45 +0000 (+1000) Subject: Add ossl_rsa symbols X-Git-Tag: openssl-3.0.0-alpha14~240 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4158b0dc1d73ce73b9a924b77205f4d2b67abdc1;p=thirdparty%2Fopenssl.git Add ossl_rsa symbols Partial fix for #12964 Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/14473) --- diff --git a/crypto/rsa/rsa_acvp_test_params.c b/crypto/rsa/rsa_acvp_test_params.c index c1d07cb3340..908f6059340 100644 --- a/crypto/rsa/rsa_acvp_test_params.c +++ b/crypto/rsa/rsa_acvp_test_params.c @@ -13,7 +13,7 @@ #include "crypto/rsa.h" #include "rsa_local.h" -int rsa_acvp_test_gen_params_new(OSSL_PARAM **dst, const OSSL_PARAM src[]) +int ossl_rsa_acvp_test_gen_params_new(OSSL_PARAM **dst, const OSSL_PARAM src[]) { const OSSL_PARAM *p, *s; OSSL_PARAM *d, *alloc = NULL; @@ -53,16 +53,16 @@ int rsa_acvp_test_gen_params_new(OSSL_PARAM **dst, const OSSL_PARAM src[]) } } if (ret == 0) { - rsa_acvp_test_gen_params_free(alloc); + ossl_rsa_acvp_test_gen_params_free(alloc); alloc = NULL; } if (*dst != NULL) - rsa_acvp_test_gen_params_free(*dst); + ossl_rsa_acvp_test_gen_params_free(*dst); *dst = alloc; return ret; } -void rsa_acvp_test_gen_params_free(OSSL_PARAM *dst) +void ossl_rsa_acvp_test_gen_params_free(OSSL_PARAM *dst) { OSSL_PARAM *p; @@ -76,13 +76,13 @@ void rsa_acvp_test_gen_params_free(OSSL_PARAM *dst) OPENSSL_free(dst); } -int rsa_acvp_test_set_params(RSA *r, const OSSL_PARAM params[]) +int ossl_rsa_acvp_test_set_params(RSA *r, const OSSL_PARAM params[]) { RSA_ACVP_TEST *t; const OSSL_PARAM *p; if (r->acvp_test != NULL) { - rsa_acvp_test_free(r->acvp_test); + ossl_rsa_acvp_test_free(r->acvp_test); r->acvp_test = NULL; } @@ -118,11 +118,11 @@ int rsa_acvp_test_set_params(RSA *r, const OSSL_PARAM params[]) r->acvp_test = t; return 1; err: - rsa_acvp_test_free(t); + ossl_rsa_acvp_test_free(t); return 0; } -int rsa_acvp_test_get_params(RSA *r, OSSL_PARAM params[]) +int ossl_rsa_acvp_test_get_params(RSA *r, OSSL_PARAM params[]) { RSA_ACVP_TEST *t; OSSL_PARAM *p; @@ -148,7 +148,7 @@ int rsa_acvp_test_get_params(RSA *r, OSSL_PARAM params[]) return 1; } -void rsa_acvp_test_free(RSA_ACVP_TEST *t) +void ossl_rsa_acvp_test_free(RSA_ACVP_TEST *t) { if (t != NULL) { BN_free(t->Xp1); diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c index 6be5a908af5..9e9366757d4 100644 --- a/crypto/rsa/rsa_ameth.c +++ b/crypto/rsa/rsa_ameth.c @@ -493,8 +493,8 @@ static int rsa_pkey_ctrl(EVP_PKEY *pkey, int op, long arg1, void *arg2) switch (op) { case ASN1_PKEY_CTRL_DEFAULT_MD_NID: if (pkey->pkey.rsa->pss != NULL) { - if (!rsa_pss_get_param(pkey->pkey.rsa->pss, &md, &mgf1md, - &min_saltlen)) { + if (!ossl_rsa_pss_get_param(pkey->pkey.rsa->pss, &md, &mgf1md, + &min_saltlen)) { ERR_raise(ERR_LIB_RSA, ERR_R_INTERNAL_ERROR); return 0; } @@ -537,11 +537,11 @@ static RSA_PSS_PARAMS *rsa_ctx_to_pss(EVP_PKEY_CTX *pkctx) return NULL; } - return rsa_pss_params_create(sigmd, mgf1md, saltlen); + return ossl_rsa_pss_params_create(sigmd, mgf1md, saltlen); } -RSA_PSS_PARAMS *rsa_pss_params_create(const EVP_MD *sigmd, - const EVP_MD *mgf1md, int saltlen) +RSA_PSS_PARAMS *ossl_rsa_pss_params_create(const EVP_MD *sigmd, + const EVP_MD *mgf1md, int saltlen) { RSA_PSS_PARAMS *pss = RSA_PSS_PARAMS_new(); @@ -603,7 +603,7 @@ int ossl_rsa_pss_to_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pkctx, /* Decode PSS parameters */ pss = rsa_pss_decode(sigalg); - if (!rsa_pss_get_param(pss, &md, &mgf1md, &saltlen)) { + if (!ossl_rsa_pss_get_param(pss, &md, &mgf1md, &saltlen)) { ERR_raise(ERR_LIB_RSA, RSA_R_INVALID_PSS_PARAMETERS); goto err; } @@ -686,8 +686,8 @@ static int rsa_pss_get_param_unverified(const RSA_PSS_PARAMS *pss, return 1; } -int rsa_pss_get_param(const RSA_PSS_PARAMS *pss, const EVP_MD **pmd, - const EVP_MD **pmgf1md, int *psaltlen) +int ossl_rsa_pss_get_param(const RSA_PSS_PARAMS *pss, const EVP_MD **pmd, + const EVP_MD **pmgf1md, int *psaltlen) { /* * Callers do not care about the trailer field, and yet, we must @@ -717,7 +717,7 @@ static int rsa_sync_to_pss_params_30(RSA *rsa) * to even read a key with invalid values, making it hard to test * a bad situation. * - * Other routines use rsa_pss_get_param(), so the values will be + * Other routines use ossl_rsa_pss_get_param(), so the values will be * checked, eventually. */ if (!rsa_pss_get_param_unverified(rsa->pss, &md, &mgf1md, @@ -807,7 +807,7 @@ static int rsa_sig_info_set(X509_SIG_INFO *siginf, const X509_ALGOR *sigalg, return 0; /* Decode PSS parameters */ pss = rsa_pss_decode(sigalg); - if (!rsa_pss_get_param(pss, &md, &mgf1md, &saltlen)) + if (!ossl_rsa_pss_get_param(pss, &md, &mgf1md, &saltlen)) goto err; mdnid = EVP_MD_type(md); /* @@ -965,7 +965,8 @@ static int rsa_int_import_from(const OSSL_PARAM params[], void *vpctx, const EVP_MD *md = EVP_get_digestbynid(mdnid); const EVP_MD *mgf1md = EVP_get_digestbynid(mgf1mdnid); - if ((rsa->pss = rsa_pss_params_create(md, mgf1md, saltlen)) == NULL) + if ((rsa->pss = ossl_rsa_pss_params_create(md, mgf1md, + saltlen)) == NULL) goto err; } break; diff --git a/crypto/rsa/rsa_asn1.c b/crypto/rsa/rsa_asn1.c index d1e1470d37b..c5799d8e4de 100644 --- a/crypto/rsa/rsa_asn1.c +++ b/crypto/rsa/rsa_asn1.c @@ -42,7 +42,7 @@ static int rsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, /* not a multi-prime key, skip */ return 1; } - return (rsa_multip_calc_product((RSA *)*pval) == 1) ? 2 : 0; + return (ossl_rsa_multip_calc_product((RSA *)*pval) == 1) ? 2 : 0; } return 1; } diff --git a/crypto/rsa/rsa_backend.c b/crypto/rsa/rsa_backend.c index 30b16f25c6f..8c16a56db5f 100644 --- a/crypto/rsa/rsa_backend.c +++ b/crypto/rsa/rsa_backend.c @@ -161,7 +161,7 @@ int ossl_rsa_todata(RSA *rsa, OSSL_PARAM_BLD *bld, OSSL_PARAM params[]) #if defined(FIPS_MODULE) && !defined(OPENSSL_NO_ACVP_TESTS) /* The acvp test results are not meant for export so check for bld == NULL */ if (bld == NULL) - rsa_acvp_test_get_params(rsa, params); + ossl_rsa_acvp_test_get_params(rsa, params); #endif ret = 1; err: diff --git a/crypto/rsa/rsa_chk.c b/crypto/rsa/rsa_chk.c index 0c32e014264..0596d129c1a 100644 --- a/crypto/rsa/rsa_chk.c +++ b/crypto/rsa/rsa_chk.c @@ -36,7 +36,7 @@ static int rsa_validate_keypair_multiprime(const RSA *key, BN_GENCB *cb) if (key->version == RSA_ASN1_VERSION_MULTI) { ex_primes = sk_RSA_PRIME_INFO_num(key->prime_infos); if (ex_primes <= 0 - || (ex_primes + 2) > rsa_multip_cap(BN_num_bits(key->n))) { + || (ex_primes + 2) > ossl_rsa_multip_cap(BN_num_bits(key->n))) { ERR_raise(ERR_LIB_RSA, RSA_R_INVALID_MULTI_PRIME_KEY); return 0; } diff --git a/crypto/rsa/rsa_gen.c b/crypto/rsa/rsa_gen.c index a2192df575c..07a3a7800ee 100644 --- a/crypto/rsa/rsa_gen.c +++ b/crypto/rsa/rsa_gen.c @@ -97,7 +97,7 @@ static int rsa_multiprime_keygen(RSA *rsa, int bits, int primes, return 0; } - if (primes < RSA_DEFAULT_PRIME_NUM || primes > rsa_multip_cap(bits)) { + if (primes < RSA_DEFAULT_PRIME_NUM || primes > ossl_rsa_multip_cap(bits)) { ok = 0; /* we set our own err */ ERR_raise(ERR_LIB_RSA, RSA_R_KEY_PRIME_NUM_INVALID); goto err; @@ -154,13 +154,14 @@ static int rsa_multiprime_keygen(RSA *rsa, int bits, int primes, goto err; if (rsa->prime_infos != NULL) { /* could this happen? */ - sk_RSA_PRIME_INFO_pop_free(rsa->prime_infos, rsa_multip_info_free); + sk_RSA_PRIME_INFO_pop_free(rsa->prime_infos, + ossl_rsa_multip_info_free); } rsa->prime_infos = prime_infos; /* prime_info from 2 to |primes| -1 */ for (i = 2; i < primes; i++) { - pinfo = rsa_multip_info_new(); + pinfo = ossl_rsa_multip_info_new(); if (pinfo == NULL) goto err; (void)sk_RSA_PRIME_INFO_push(prime_infos, pinfo); diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c index dfc74ec9514..89cd4da5277 100644 --- a/crypto/rsa/rsa_lib.c +++ b/crypto/rsa/rsa_lib.c @@ -163,12 +163,12 @@ void RSA_free(RSA *r) BN_clear_free(r->iqmp); #if defined(FIPS_MODULE) && !defined(OPENSSL_NO_ACVP_TESTS) - rsa_acvp_test_free(r->acvp_test); + ossl_rsa_acvp_test_free(r->acvp_test); #endif #ifndef FIPS_MODULE RSA_PSS_PARAMS_free(r->pss); - sk_RSA_PRIME_INFO_pop_free(r->prime_infos, rsa_multip_info_free); + sk_RSA_PRIME_INFO_pop_free(r->prime_infos, ossl_rsa_multip_info_free); #endif BN_BLINDING_free(r->blinding); BN_BLINDING_free(r->mt_blinding); @@ -357,7 +357,7 @@ int RSA_security_bits(const RSA *rsa) /* This ought to mean that we have private key at hand. */ int ex_primes = sk_RSA_PRIME_INFO_num(rsa->prime_infos); - if (ex_primes <= 0 || (ex_primes + 2) > rsa_multip_cap(bits)) + if (ex_primes <= 0 || (ex_primes + 2) > ossl_rsa_multip_cap(bits)) return 0; } #endif @@ -469,7 +469,7 @@ int RSA_set0_multi_prime_params(RSA *r, BIGNUM *primes[], BIGNUM *exps[], old = r->prime_infos; for (i = 0; i < pnum; i++) { - pinfo = rsa_multip_info_new(); + pinfo = ossl_rsa_multip_info_new(); if (pinfo == NULL) goto err; if (primes[i] != NULL && exps[i] != NULL && coeffs[i] != NULL) { @@ -483,7 +483,7 @@ int RSA_set0_multi_prime_params(RSA *r, BIGNUM *primes[], BIGNUM *exps[], BN_set_flags(pinfo->d, BN_FLG_CONSTTIME); BN_set_flags(pinfo->t, BN_FLG_CONSTTIME); } else { - rsa_multip_info_free(pinfo); + ossl_rsa_multip_info_free(pinfo); goto err; } (void)sk_RSA_PRIME_INFO_push(prime_infos, pinfo); @@ -491,7 +491,7 @@ int RSA_set0_multi_prime_params(RSA *r, BIGNUM *primes[], BIGNUM *exps[], r->prime_infos = prime_infos; - if (!rsa_multip_calc_product(r)) { + if (!ossl_rsa_multip_calc_product(r)) { r->prime_infos = old; goto err; } @@ -503,7 +503,7 @@ int RSA_set0_multi_prime_params(RSA *r, BIGNUM *primes[], BIGNUM *exps[], * be freed in that case. So currently, stay consistent * with other *set0* functions: just free it... */ - sk_RSA_PRIME_INFO_pop_free(old, rsa_multip_info_free); + sk_RSA_PRIME_INFO_pop_free(old, ossl_rsa_multip_info_free); } r->version = RSA_ASN1_VERSION_MULTI; @@ -512,7 +512,7 @@ int RSA_set0_multi_prime_params(RSA *r, BIGNUM *primes[], BIGNUM *exps[], return 1; err: /* r, d, t should not be freed */ - sk_RSA_PRIME_INFO_pop_free(prime_infos, rsa_multip_info_free_ex); + sk_RSA_PRIME_INFO_pop_free(prime_infos, ossl_rsa_multip_info_free_ex); return 0; } #endif @@ -749,7 +749,7 @@ int ossl_rsa_set0_all_params(RSA *r, const STACK_OF(BIGNUM) *primes, if (!ossl_assert(prime != NULL && exp != NULL && coeff != NULL)) goto err; - /* Using rsa_multip_info_new() is wasteful, so allocate directly */ + /* Using ossl_rsa_multip_info_new() is wasteful, so allocate directly */ if ((pinfo = OPENSSL_zalloc(sizeof(*pinfo))) == NULL) { ERR_raise(ERR_LIB_RSA, ERR_R_MALLOC_FAILURE); goto err; @@ -766,7 +766,7 @@ int ossl_rsa_set0_all_params(RSA *r, const STACK_OF(BIGNUM) *primes, r->prime_infos = prime_infos; - if (!rsa_multip_calc_product(r)) { + if (!ossl_rsa_multip_calc_product(r)) { r->prime_infos = old_infos; goto err; } @@ -783,7 +783,7 @@ int ossl_rsa_set0_all_params(RSA *r, const STACK_OF(BIGNUM) *primes, * be freed in that case. So currently, stay consistent * with other *set0* functions: just free it... */ - sk_RSA_PRIME_INFO_pop_free(old_infos, rsa_multip_info_free); + sk_RSA_PRIME_INFO_pop_free(old_infos, ossl_rsa_multip_info_free); } #endif @@ -794,7 +794,7 @@ int ossl_rsa_set0_all_params(RSA *r, const STACK_OF(BIGNUM) *primes, #ifndef FIPS_MODULE err: /* r, d, t should not be freed */ - sk_RSA_PRIME_INFO_pop_free(prime_infos, rsa_multip_info_free_ex); + sk_RSA_PRIME_INFO_pop_free(prime_infos, ossl_rsa_multip_info_free_ex); return 0; #endif } diff --git a/crypto/rsa/rsa_local.h b/crypto/rsa/rsa_local.h index 3a8d6fe2867..73f7f91804d 100644 --- a/crypto/rsa/rsa_local.h +++ b/crypto/rsa/rsa_local.h @@ -157,16 +157,16 @@ struct rsa_meth_st { #define pkey_is_pss(pkey) (pkey->ameth->pkey_id == EVP_PKEY_RSA_PSS) #define pkey_ctx_is_pss(ctx) (ctx->pmeth->pkey_id == EVP_PKEY_RSA_PSS) -RSA_PSS_PARAMS *rsa_pss_params_create(const EVP_MD *sigmd, - const EVP_MD *mgf1md, int saltlen); -int rsa_pss_get_param(const RSA_PSS_PARAMS *pss, const EVP_MD **pmd, - const EVP_MD **pmgf1md, int *psaltlen); +RSA_PSS_PARAMS *ossl_rsa_pss_params_create(const EVP_MD *sigmd, + const EVP_MD *mgf1md, int saltlen); +int ossl_rsa_pss_get_param(const RSA_PSS_PARAMS *pss, const EVP_MD **pmd, + const EVP_MD **pmgf1md, int *psaltlen); /* internal function to clear and free multi-prime parameters */ -void rsa_multip_info_free_ex(RSA_PRIME_INFO *pinfo); -void rsa_multip_info_free(RSA_PRIME_INFO *pinfo); -RSA_PRIME_INFO *rsa_multip_info_new(void); -int rsa_multip_calc_product(RSA *rsa); -int rsa_multip_cap(int bits); +void ossl_rsa_multip_info_free_ex(RSA_PRIME_INFO *pinfo); +void ossl_rsa_multip_info_free(RSA_PRIME_INFO *pinfo); +RSA_PRIME_INFO *ossl_rsa_multip_info_new(void); +int ossl_rsa_multip_calc_product(RSA *rsa); +int ossl_rsa_multip_cap(int bits); int ossl_rsa_sp800_56b_validate_strength(int nbits, int strength); int ossl_rsa_check_pminusq_diff(BIGNUM *diff, const BIGNUM *p, const BIGNUM *q, diff --git a/crypto/rsa/rsa_mp.c b/crypto/rsa/rsa_mp.c index f385a589cf3..410dc690cfe 100644 --- a/crypto/rsa/rsa_mp.c +++ b/crypto/rsa/rsa_mp.c @@ -12,23 +12,23 @@ #include #include "rsa_local.h" -void rsa_multip_info_free_ex(RSA_PRIME_INFO *pinfo) +void ossl_rsa_multip_info_free_ex(RSA_PRIME_INFO *pinfo) { /* free pp and pinfo only */ BN_clear_free(pinfo->pp); OPENSSL_free(pinfo); } -void rsa_multip_info_free(RSA_PRIME_INFO *pinfo) +void ossl_rsa_multip_info_free(RSA_PRIME_INFO *pinfo) { /* free a RSA_PRIME_INFO structure */ BN_clear_free(pinfo->r); BN_clear_free(pinfo->d); BN_clear_free(pinfo->t); - rsa_multip_info_free_ex(pinfo); + ossl_rsa_multip_info_free_ex(pinfo); } -RSA_PRIME_INFO *rsa_multip_info_new(void) +RSA_PRIME_INFO *ossl_rsa_multip_info_new(void) { RSA_PRIME_INFO *pinfo; @@ -58,7 +58,7 @@ RSA_PRIME_INFO *rsa_multip_info_new(void) } /* Refill products of primes */ -int rsa_multip_calc_product(RSA *rsa) +int ossl_rsa_multip_calc_product(RSA *rsa) { RSA_PRIME_INFO *pinfo; BIGNUM *p1 = NULL, *p2 = NULL; @@ -97,7 +97,7 @@ int rsa_multip_calc_product(RSA *rsa) return rv; } -int rsa_multip_cap(int bits) +int ossl_rsa_multip_cap(int bits) { int cap = 5; diff --git a/crypto/rsa/rsa_pmeth.c b/crypto/rsa/rsa_pmeth.c index 203612503be..6e7e7a27e16 100644 --- a/crypto/rsa/rsa_pmeth.c +++ b/crypto/rsa/rsa_pmeth.c @@ -225,9 +225,9 @@ static int pkey_rsa_verifyrecover(EVP_PKEY_CTX *ctx, memcpy(rout, rctx->tbuf, ret); } else if (rctx->pad_mode == RSA_PKCS1_PADDING) { size_t sltmp; - ret = int_rsa_verify(EVP_MD_type(rctx->md), - NULL, 0, rout, &sltmp, - sig, siglen, ctx->pkey->pkey.rsa); + ret = ossl_rsa_verify(EVP_MD_type(rctx->md), + NULL, 0, rout, &sltmp, + sig, siglen, ctx->pkey->pkey.rsa); if (ret <= 0) return 0; ret = sltmp; @@ -711,8 +711,9 @@ static int rsa_set_pss_param(RSA *rsa, EVP_PKEY_CTX *ctx) /* If all parameters are default values don't set pss */ if (rctx->md == NULL && rctx->mgf1md == NULL && rctx->saltlen == -2) return 1; - rsa->pss = rsa_pss_params_create(rctx->md, rctx->mgf1md, - rctx->saltlen == -2 ? 0 : rctx->saltlen); + rsa->pss = ossl_rsa_pss_params_create(rctx->md, rctx->mgf1md, + rctx->saltlen == -2 + ? 0 : rctx->saltlen); if (rsa->pss == NULL) return 0; return 1; @@ -818,7 +819,7 @@ static int pkey_pss_init(EVP_PKEY_CTX *ctx) if (rsa->pss == NULL) return 1; /* Get and check parameters */ - if (!rsa_pss_get_param(rsa->pss, &md, &mgf1md, &min_saltlen)) + if (!ossl_rsa_pss_get_param(rsa->pss, &md, &mgf1md, &min_saltlen)) return 0; /* See if minimum salt length exceeds maximum possible */ diff --git a/crypto/rsa/rsa_sign.c b/crypto/rsa/rsa_sign.c index 5664394114f..39a90bb244c 100644 --- a/crypto/rsa/rsa_sign.c +++ b/crypto/rsa/rsa_sign.c @@ -328,9 +328,9 @@ err: * * It returns one on successful verification or zero otherwise. */ -int int_rsa_verify(int type, const unsigned char *m, unsigned int m_len, - unsigned char *rm, size_t *prm_len, - const unsigned char *sigbuf, size_t siglen, RSA *rsa) +int ossl_rsa_verify(int type, const unsigned char *m, unsigned int m_len, + unsigned char *rm, size_t *prm_len, + const unsigned char *sigbuf, size_t siglen, RSA *rsa) { int len, ret = 0; size_t decrypt_len, encoded_len = 0; @@ -453,5 +453,5 @@ int RSA_verify(int type, const unsigned char *m, unsigned int m_len, if (rsa->meth->rsa_verify != NULL) return rsa->meth->rsa_verify(type, m, m_len, sigbuf, siglen, rsa); - return int_rsa_verify(type, m, m_len, NULL, NULL, sigbuf, siglen, rsa); + return ossl_rsa_verify(type, m, m_len, NULL, NULL, sigbuf, siglen, rsa); } diff --git a/include/crypto/rsa.h b/include/crypto/rsa.h index daf70c62d44..7fca88dfe4b 100644 --- a/include/crypto/rsa.h +++ b/include/crypto/rsa.h @@ -86,10 +86,10 @@ int ossl_rsa_validate_public(const RSA *key); int ossl_rsa_validate_private(const RSA *key); int ossl_rsa_validate_pairwise(const RSA *key); -int int_rsa_verify(int dtype, const unsigned char *m, - unsigned int m_len, unsigned char *rm, - size_t *prm_len, const unsigned char *sigbuf, - size_t siglen, RSA *rsa); +int ossl_rsa_verify(int dtype, const unsigned char *m, + unsigned int m_len, unsigned char *rm, + size_t *prm_len, const unsigned char *sigbuf, + size_t siglen, RSA *rsa); const unsigned char *ossl_rsa_digestinfo_encoding(int md_nid, size_t *len); @@ -102,13 +102,13 @@ int ossl_rsa_pss_to_ctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX *pkctx, const X509_ALGOR *sigalg, EVP_PKEY *pkey); # if defined(FIPS_MODULE) && !defined(OPENSSL_NO_ACVP_TESTS) -int rsa_acvp_test_gen_params_new(OSSL_PARAM **dst, const OSSL_PARAM src[]); -void rsa_acvp_test_gen_params_free(OSSL_PARAM *dst); +int ossl_rsa_acvp_test_gen_params_new(OSSL_PARAM **dst, const OSSL_PARAM src[]); +void ossl_rsa_acvp_test_gen_params_free(OSSL_PARAM *dst); -int rsa_acvp_test_set_params(RSA *r, const OSSL_PARAM params[]); -int rsa_acvp_test_get_params(RSA *r, OSSL_PARAM params[]); +int ossl_rsa_acvp_test_set_params(RSA *r, const OSSL_PARAM params[]); +int ossl_rsa_acvp_test_get_params(RSA *r, OSSL_PARAM params[]); typedef struct rsa_acvp_test_st RSA_ACVP_TEST; -void rsa_acvp_test_free(RSA_ACVP_TEST *t); +void ossl_rsa_acvp_test_free(RSA_ACVP_TEST *t); # else # define RSA_ACVP_TEST void # endif diff --git a/providers/implementations/keymgmt/rsa_kmgmt.c b/providers/implementations/keymgmt/rsa_kmgmt.c index 46962c7ab8d..1c4fb3bcd54 100644 --- a/providers/implementations/keymgmt/rsa_kmgmt.c +++ b/providers/implementations/keymgmt/rsa_kmgmt.c @@ -489,7 +489,7 @@ static int rsa_gen_set_params(void *genctx, const OSSL_PARAM params[]) return 0; #if defined(FIPS_MODULE) && !defined(OPENSSL_NO_ACVP_TESTS) /* Any ACVP test related parameters are copied into a params[] */ - if (!rsa_acvp_test_gen_params_new(&gctx->acvp_test_params, params)) + if (!ossl_rsa_acvp_test_gen_params_new(&gctx->acvp_test_params, params)) return 0; #endif return 1; @@ -571,7 +571,7 @@ static void *rsa_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg) #if defined(FIPS_MODULE) && !defined(OPENSSL_NO_ACVP_TESTS) if (gctx->acvp_test_params != NULL) { - if (!rsa_acvp_test_set_params(rsa_tmp, gctx->acvp_test_params)) + if (!ossl_rsa_acvp_test_set_params(rsa_tmp, gctx->acvp_test_params)) goto err; } #endif @@ -603,7 +603,7 @@ static void rsa_gen_cleanup(void *genctx) if (gctx == NULL) return; #if defined(FIPS_MODULE) && !defined(OPENSSL_NO_ACVP_TESTS) - rsa_acvp_test_gen_params_free(gctx->acvp_test_params); + ossl_rsa_acvp_test_gen_params_free(gctx->acvp_test_params); gctx->acvp_test_params = NULL; #endif BN_clear_free(gctx->pub_exp); diff --git a/providers/implementations/signature/rsa.c b/providers/implementations/signature/rsa.c index 0df079dc793..f521f0190db 100644 --- a/providers/implementations/signature/rsa.c +++ b/providers/implementations/signature/rsa.c @@ -691,8 +691,8 @@ static int rsa_verify_recover(void *vprsactx, { size_t sltmp; - ret = int_rsa_verify(prsactx->mdnid, NULL, 0, rout, &sltmp, - sig, siglen, prsactx->rsa); + ret = ossl_rsa_verify(prsactx->mdnid, NULL, 0, rout, &sltmp, + sig, siglen, prsactx->rsa); if (ret <= 0) { ERR_raise(ERR_LIB_PROV, ERR_R_RSA_LIB); return 0;