diff options
| author | Pauli <paul.dale@oracle.com> | 2020-09-30 07:07:24 +0200 |
|---|---|---|
| committer | Pauli <paul.dale@oracle.com> | 2020-10-06 01:04:19 +0200 |
| commit | 5357c10624bedaeed984ef4ff370096911ee2ddf (patch) | |
| tree | 9b8481eaf37bc1fdef4a90d1300f027e3edcb3a7 /crypto/dh | |
| parent | doc: remove duplicated code in example (diff) | |
| download | openssl-5357c10624bedaeed984ef4ff370096911ee2ddf.tar.xz openssl-5357c10624bedaeed984ef4ff370096911ee2ddf.zip | |
ffc: add _ossl to exported but internal functions
The functions updated are:
ffc_generate_private_key, ffc_named_group_from_uid,
ffc_named_group_to_uid, ffc_params_FIPS186_2_gen_verify,
ffc_params_FIPS186_2_generate, ffc_params_FIPS186_2_validate,
ffc_params_FIPS186_4_gen_verify, ffc_params_FIPS186_4_generate,
ffc_params_FIPS186_4_validate, ffc_params_cleanup, ffc_params_cmp,
ffc_params_copy, ffc_params_enable_flags, ffc_params_flags_from_name,
ffc_params_flags_to_name, ffc_params_fromdata,
ffc_params_get0_pqg, ffc_params_get_validate_params,
ffc_params_init, ffc_params_print, ffc_params_set0_j,
ffc_params_set0_pqg, ffc_params_set_flags, ffc_params_set_gindex,
ffc_params_set_h, ffc_params_set_pcounter, ffc_params_set_seed,
ffc_params_set_validate_params, ffc_params_simple_validate,
ffc_params_todata, ffc_params_validate_unverifiable_g, ffc_set_digest,
ffc_set_group_pqg, ffc_validate_private_key, ffc_validate_public_key
and ffc_validate_public_key_partial.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13041)
Diffstat (limited to 'crypto/dh')
| -rw-r--r-- | crypto/dh/dh_ameth.c | 8 | ||||
| -rw-r--r-- | crypto/dh/dh_asn1.c | 13 | ||||
| -rw-r--r-- | crypto/dh/dh_check.c | 10 | ||||
| -rw-r--r-- | crypto/dh/dh_ctrl.c | 4 | ||||
| -rw-r--r-- | crypto/dh/dh_gen.c | 14 | ||||
| -rw-r--r-- | crypto/dh/dh_group_params.c | 16 | ||||
| -rw-r--r-- | crypto/dh/dh_key.c | 18 | ||||
| -rw-r--r-- | crypto/dh/dh_lib.c | 8 | ||||
| -rw-r--r-- | crypto/dh/dh_pmeth.c | 16 |
9 files changed, 55 insertions, 52 deletions
diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c index cd318654cf..e32de78638 100644 --- a/crypto/dh/dh_ameth.c +++ b/crypto/dh/dh_ameth.c @@ -320,7 +320,7 @@ static int do_dh_print(BIO *bp, const DH *x, int indent, int ptype) if (!ASN1_bn_print(bp, "public-key:", pub_key, NULL, indent)) goto err; - if (!ffc_params_print(bp, &x->params, indent)) + if (!ossl_ffc_params_print(bp, &x->params, indent)) goto err; if (x->length != 0) { @@ -354,15 +354,15 @@ static int dh_security_bits(const EVP_PKEY *pkey) static int dh_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b) { - return ffc_params_cmp(&a->pkey.dh->params, &a->pkey.dh->params, - a->ameth != &dhx_asn1_meth); + return ossl_ffc_params_cmp(&a->pkey.dh->params, &a->pkey.dh->params, + a->ameth != &dhx_asn1_meth); } static int int_dh_param_copy(DH *to, const DH *from, int is_x942) { if (is_x942 == -1) is_x942 = (from->params.q != NULL); - if (!ffc_params_copy(&to->params, &from->params)) + if (!ossl_ffc_params_copy(&to->params, &from->params)) return 0; if (!is_x942) to->length = from->length; diff --git a/crypto/dh/dh_asn1.c b/crypto/dh/dh_asn1.c index 5475d98bfa..cf5c735a6a 100644 --- a/crypto/dh/dh_asn1.c +++ b/crypto/dh/dh_asn1.c @@ -108,13 +108,14 @@ DH *d2i_DHxparams(DH **a, const unsigned char **pp, long length) params = &dh->params; DH_set0_pqg(dh, dhx->p, dhx->q, dhx->g); - ffc_params_set0_j(params, dhx->j); + ossl_ffc_params_set0_j(params, dhx->j); if (dhx->vparams != NULL) { /* The counter has a maximum value of 4 * numbits(p) - 1 */ size_t counter = (size_t)BN_get_word(dhx->vparams->counter); - ffc_params_set_validate_params(params, dhx->vparams->seed->data, - dhx->vparams->seed->length, counter); + ossl_ffc_params_set_validate_params(params, dhx->vparams->seed->data, + dhx->vparams->seed->length, + counter); ASN1_BIT_STRING_free(dhx->vparams->seed); BN_free(dhx->vparams->counter); OPENSSL_free(dhx->vparams); @@ -135,10 +136,10 @@ int i2d_DHxparams(const DH *dh, unsigned char **pp) const FFC_PARAMS *params = &dh->params; int counter; - ffc_params_get0_pqg(params, (const BIGNUM **)&dhx.p, - (const BIGNUM **)&dhx.q, (const BIGNUM **)&dhx.g); + ossl_ffc_params_get0_pqg(params, (const BIGNUM **)&dhx.p, + (const BIGNUM **)&dhx.q, (const BIGNUM **)&dhx.g); dhx.j = params->j; - ffc_params_get_validate_params(params, &seed.data, &seedlen, &counter); + ossl_ffc_params_get_validate_params(params, &seed.data, &seedlen, &counter); seed.length = (int)seedlen; if (counter != -1 && seed.data != NULL && seed.length > 0) { diff --git a/crypto/dh/dh_check.c b/crypto/dh/dh_check.c index a223121cd0..ce8c6f7185 100644 --- a/crypto/dh/dh_check.c +++ b/crypto/dh/dh_check.c @@ -62,8 +62,8 @@ int DH_check_params(const DH *dh, int *ret) * (2b) FFC domain params conform to FIPS-186-4 explicit domain param * validity tests. */ - return ffc_params_FIPS186_4_validate(dh->libctx, &dh->params, - FFC_PARAM_TYPE_DH, ret, NULL); + return ossl_ffc_params_FIPS186_4_validate(dh->libctx, &dh->params, + FFC_PARAM_TYPE_DH, ret, NULL); } #else int DH_check_params(const DH *dh, int *ret) @@ -235,7 +235,7 @@ int DH_check_pub_key_ex(const DH *dh, const BIGNUM *pub_key) */ int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *ret) { - return ffc_validate_public_key(&dh->params, pub_key, ret); + return ossl_ffc_validate_public_key(&dh->params, pub_key, ret); } /* @@ -245,7 +245,7 @@ int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *ret) */ int dh_check_pub_key_partial(const DH *dh, const BIGNUM *pub_key, int *ret) { - return ffc_validate_public_key_partial(&dh->params, pub_key, ret); + return ossl_ffc_validate_public_key_partial(&dh->params, pub_key, ret); } int dh_check_priv_key(const DH *dh, const BIGNUM *priv_key, int *ret) @@ -268,7 +268,7 @@ int dh_check_priv_key(const DH *dh, const BIGNUM *priv_key, int *ret) if (BN_cmp(two_powN, dh->params.q) < 0) upper = two_powN; } - if (!ffc_validate_private_key(upper, priv_key, ret)) + if (!ossl_ffc_validate_private_key(upper, priv_key, ret)) goto err; ok = 1; diff --git a/crypto/dh/dh_ctrl.c b/crypto/dh/dh_ctrl.c index 0db5eba505..2aa69fd154 100644 --- a/crypto/dh/dh_ctrl.c +++ b/crypto/dh/dh_ctrl.c @@ -179,7 +179,7 @@ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int gen) if (ctx->op.keymgmt.genctx == NULL) return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_PARAMGEN, EVP_PKEY_CTRL_DH_RFC5114, gen, NULL); - name = ffc_named_group_from_uid(gen); + name = ossl_ffc_named_group_from_uid(gen); if (name == NULL) return 0; @@ -208,7 +208,7 @@ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid) return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN, EVP_PKEY_CTRL_DH_NID, nid, NULL); - name = ffc_named_group_from_uid(nid); + name = ossl_ffc_named_group_from_uid(nid); if (name == NULL) return 0; diff --git a/crypto/dh/dh_gen.c b/crypto/dh/dh_gen.c index 096cf12886..1e84db9527 100644 --- a/crypto/dh/dh_gen.c +++ b/crypto/dh/dh_gen.c @@ -42,14 +42,14 @@ int dh_generate_ffc_parameters(DH *dh, int type, int pbits, int qbits, #ifndef FIPS_MODULE if (type == DH_PARAMGEN_TYPE_FIPS_186_2) - ret = ffc_params_FIPS186_2_generate(dh->libctx, &dh->params, - FFC_PARAM_TYPE_DH, - pbits, qbits, &res, cb); + ret = ossl_ffc_params_FIPS186_2_generate(dh->libctx, &dh->params, + FFC_PARAM_TYPE_DH, + pbits, qbits, &res, cb); else #endif - ret = ffc_params_FIPS186_4_generate(dh->libctx, &dh->params, - FFC_PARAM_TYPE_DH, - pbits, qbits, &res, cb); + ret = ossl_ffc_params_FIPS186_4_generate(dh->libctx, &dh->params, + FFC_PARAM_TYPE_DH, + pbits, qbits, &res, cb); if (ret > 0) dh->dirty_cnt++; return ret; @@ -102,7 +102,7 @@ static int dh_gen_named_group(OPENSSL_CTX *libctx, DH *ret, int prime_len) dh = dh_new_by_nid_ex(libctx, nid); if (dh != NULL - && ffc_params_copy(&ret->params, &dh->params)) { + && ossl_ffc_params_copy(&ret->params, &dh->params)) { ok = 1; ret->dirty_cnt++; } diff --git a/crypto/dh/dh_group_params.c b/crypto/dh/dh_group_params.c index 7a19f71b4d..b91a76bd97 100644 --- a/crypto/dh/dh_group_params.c +++ b/crypto/dh/dh_group_params.c @@ -78,7 +78,7 @@ static const DH_NAMED_GROUP dh_named_groups[] = { #endif }; -int ffc_named_group_to_uid(const char *name) +int ossl_ffc_named_group_to_uid(const char *name) { size_t i; @@ -89,7 +89,7 @@ int ffc_named_group_to_uid(const char *name) return NID_undef; } -const char *ffc_named_group_from_uid(int uid) +const char *ossl_ffc_named_group_from_uid(int uid) { size_t i; @@ -138,7 +138,7 @@ static DH *dh_new_by_group_name(OPENSSL_CTX *libctx, const char *name) DH *dh_new_by_nid_ex(OPENSSL_CTX *libctx, int nid) { - const char *name = ffc_named_group_from_uid(nid); + const char *name = ossl_ffc_named_group_from_uid(nid); return dh_new_by_group_name(libctx, name); } @@ -148,7 +148,7 @@ DH *DH_new_by_nid(int nid) return dh_new_by_nid_ex(NULL, nid); } -int ffc_set_group_pqg(FFC_PARAMS *ffc, const char *group_name) +int ossl_ffc_set_group_pqg(FFC_PARAMS *ffc, const char *group_name) { int i; BIGNUM *q = NULL; @@ -158,10 +158,10 @@ int ffc_set_group_pqg(FFC_PARAMS *ffc, const char *group_name) for (i = 0; i < (int)OSSL_NELEM(dh_named_groups); ++i) { if (strcasecmp(dh_named_groups[i].name, group_name) == 0) { - ffc_params_set0_pqg(ffc, - (BIGNUM *)dh_named_groups[i].p, - (BIGNUM *)dh_named_groups[i].q, - (BIGNUM *)dh_named_groups[i].g); + ossl_ffc_params_set0_pqg(ffc, + (BIGNUM *)dh_named_groups[i].p, + (BIGNUM *)dh_named_groups[i].q, + (BIGNUM *)dh_named_groups[i].g); /* flush the cached nid, The DH layer is responsible for caching */ ffc->nid = NID_undef; return 1; diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c index 3b4da19cd2..8d9c72d65c 100644 --- a/crypto/dh/dh_key.c +++ b/crypto/dh/dh_key.c @@ -155,7 +155,7 @@ static int dh_bn_mod_exp(const DH *dh, BIGNUM *r, static int dh_init(DH *dh) { dh->flags |= DH_FLAG_CACHE_MONT_P; - ffc_params_init(&dh->params); + ossl_ffc_params_init(&dh->params); dh->dirty_cnt++; return 1; } @@ -260,8 +260,8 @@ static int generate_key(DH *dh) || dh->length > BN_num_bits(dh->params.q)) goto err; /* dh->length = maximum bit length of generated private key */ - if (!ffc_generate_private_key(ctx, &dh->params, dh->length, - max_strength, priv_key)) + if (!ossl_ffc_generate_private_key(ctx, &dh->params, dh->length, + max_strength, priv_key)) goto err; } else { #ifdef FIPS_MODULE @@ -288,18 +288,18 @@ static int generate_key(DH *dh) #endif { /* Do a partial check for invalid p, q, g */ - if (!ffc_params_simple_validate(dh->libctx, &dh->params, - FFC_PARAM_TYPE_DH)) + if (!ossl_ffc_params_simple_validate(dh->libctx, &dh->params, + FFC_PARAM_TYPE_DH)) goto err; /* * For FFC FIPS 186-4 keygen * security strength s = 112, * Max Private key size N = len(q) */ - if (!ffc_generate_private_key(ctx, &dh->params, - BN_num_bits(dh->params.q), - MIN_STRENGTH, - priv_key)) + if (!ossl_ffc_generate_private_key(ctx, &dh->params, + BN_num_bits(dh->params.q), + MIN_STRENGTH, + priv_key)) goto err; } } diff --git a/crypto/dh/dh_lib.c b/crypto/dh/dh_lib.c index 6c6eda27a2..793a5af2a0 100644 --- a/crypto/dh/dh_lib.c +++ b/crypto/dh/dh_lib.c @@ -149,7 +149,7 @@ void DH_free(DH *r) CRYPTO_THREAD_lock_free(r->lock); - ffc_params_cleanup(&r->params); + ossl_ffc_params_cleanup(&r->params); BN_clear_free(r->pub_key); BN_clear_free(r->priv_key); OPENSSL_free(r); @@ -204,7 +204,7 @@ int DH_security_bits(const DH *dh) void DH_get0_pqg(const DH *dh, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g) { - ffc_params_get0_pqg(&dh->params, p, q, g); + ossl_ffc_params_get0_pqg(&dh->params, p, q, g); } int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) @@ -217,7 +217,7 @@ int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) || (dh->params.g == NULL && g == NULL)) return 0; - ffc_params_set0_pqg(&dh->params, p, q, g); + ossl_ffc_params_set0_pqg(&dh->params, p, q, g); dh_cache_named_group(dh); if (q != NULL) dh->length = BN_num_bits(q); @@ -337,7 +337,7 @@ int dh_ffc_params_fromdata(DH *dh, const OSSL_PARAM params[]) if (ffc == NULL) return 0; - ret = ffc_params_fromdata(ffc, params); + ret = ossl_ffc_params_fromdata(ffc, params); if (ret) { dh_cache_named_group(dh); dh->dirty_cnt++; diff --git a/crypto/dh/dh_pmeth.c b/crypto/dh/dh_pmeth.c index 2c74b39db1..9d72fa0959 100644 --- a/crypto/dh/dh_pmeth.c +++ b/crypto/dh/dh_pmeth.c @@ -297,20 +297,22 @@ static DH *ffc_params_generate(OPENSSL_CTX *libctx, DH_PKEY_CTX *dctx, } if (dctx->md != NULL) - ffc_set_digest(&ret->params, EVP_MD_name(dctx->md), NULL); + ossl_ffc_set_digest(&ret->params, EVP_MD_name(dctx->md), NULL); # ifndef FIPS_MODULE if (dctx->paramgen_type == DH_PARAMGEN_TYPE_FIPS_186_2) - rv = ffc_params_FIPS186_2_generate(libctx, &ret->params, - FFC_PARAM_TYPE_DH, - prime_len, subprime_len, &res, pcb); + rv = ossl_ffc_params_FIPS186_2_generate(libctx, &ret->params, + FFC_PARAM_TYPE_DH, + prime_len, subprime_len, &res, + pcb); else # endif /* For FIPS we always use the DH_PARAMGEN_TYPE_FIPS_186_4 generator */ if (dctx->paramgen_type >= DH_PARAMGEN_TYPE_FIPS_186_2) - rv = ffc_params_FIPS186_4_generate(libctx, &ret->params, - FFC_PARAM_TYPE_DH, - prime_len, subprime_len, &res, pcb); + rv = ossl_ffc_params_FIPS186_4_generate(libctx, &ret->params, + FFC_PARAM_TYPE_DH, + prime_len, subprime_len, &res, + pcb); if (rv <= 0) { DH_free(ret); return NULL; |