diff options
| author | Pauli <paul.dale@oracle.com> | 2020-09-30 07:07:24 +0200 |
|---|---|---|
| committer | Pauli <paul.dale@oracle.com> | 2020-10-06 01:04:19 +0200 |
| commit | 5357c10624bedaeed984ef4ff370096911ee2ddf (patch) | |
| tree | 9b8481eaf37bc1fdef4a90d1300f027e3edcb3a7 /crypto | |
| parent | doc: remove duplicated code in example (diff) | |
| download | openssl-5357c10624bedaeed984ef4ff370096911ee2ddf.tar.xz openssl-5357c10624bedaeed984ef4ff370096911ee2ddf.zip | |
ffc: add _ossl to exported but internal functions
The functions updated are:
ffc_generate_private_key, ffc_named_group_from_uid,
ffc_named_group_to_uid, ffc_params_FIPS186_2_gen_verify,
ffc_params_FIPS186_2_generate, ffc_params_FIPS186_2_validate,
ffc_params_FIPS186_4_gen_verify, ffc_params_FIPS186_4_generate,
ffc_params_FIPS186_4_validate, ffc_params_cleanup, ffc_params_cmp,
ffc_params_copy, ffc_params_enable_flags, ffc_params_flags_from_name,
ffc_params_flags_to_name, ffc_params_fromdata,
ffc_params_get0_pqg, ffc_params_get_validate_params,
ffc_params_init, ffc_params_print, ffc_params_set0_j,
ffc_params_set0_pqg, ffc_params_set_flags, ffc_params_set_gindex,
ffc_params_set_h, ffc_params_set_pcounter, ffc_params_set_seed,
ffc_params_set_validate_params, ffc_params_simple_validate,
ffc_params_todata, ffc_params_validate_unverifiable_g, ffc_set_digest,
ffc_set_group_pqg, ffc_validate_private_key, ffc_validate_public_key
and ffc_validate_public_key_partial.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13041)
Diffstat (limited to 'crypto')
| -rw-r--r-- | crypto/dh/dh_ameth.c | 8 | ||||
| -rw-r--r-- | crypto/dh/dh_asn1.c | 13 | ||||
| -rw-r--r-- | crypto/dh/dh_check.c | 10 | ||||
| -rw-r--r-- | crypto/dh/dh_ctrl.c | 4 | ||||
| -rw-r--r-- | crypto/dh/dh_gen.c | 14 | ||||
| -rw-r--r-- | crypto/dh/dh_group_params.c | 16 | ||||
| -rw-r--r-- | crypto/dh/dh_key.c | 18 | ||||
| -rw-r--r-- | crypto/dh/dh_lib.c | 8 | ||||
| -rw-r--r-- | crypto/dh/dh_pmeth.c | 16 | ||||
| -rw-r--r-- | crypto/dsa/dsa_ameth.c | 6 | ||||
| -rw-r--r-- | crypto/dsa/dsa_check.c | 10 | ||||
| -rw-r--r-- | crypto/dsa/dsa_gen.c | 15 | ||||
| -rw-r--r-- | crypto/dsa/dsa_key.c | 9 | ||||
| -rw-r--r-- | crypto/dsa/dsa_lib.c | 10 | ||||
| -rw-r--r-- | crypto/dsa/dsa_ossl.c | 2 | ||||
| -rw-r--r-- | crypto/dsa/dsa_pmeth.c | 7 | ||||
| -rw-r--r-- | crypto/evp/pmeth_lib.c | 2 | ||||
| -rw-r--r-- | crypto/ffc/ffc_backend.c | 14 | ||||
| -rw-r--r-- | crypto/ffc/ffc_key_generate.c | 4 | ||||
| -rw-r--r-- | crypto/ffc/ffc_key_validate.c | 13 | ||||
| -rw-r--r-- | crypto/ffc/ffc_params.c | 63 | ||||
| -rw-r--r-- | crypto/ffc/ffc_params_generate.c | 52 | ||||
| -rw-r--r-- | crypto/ffc/ffc_params_validate.c | 38 |
23 files changed, 185 insertions, 167 deletions
diff --git a/crypto/dh/dh_ameth.c b/crypto/dh/dh_ameth.c index cd318654cf..e32de78638 100644 --- a/crypto/dh/dh_ameth.c +++ b/crypto/dh/dh_ameth.c @@ -320,7 +320,7 @@ static int do_dh_print(BIO *bp, const DH *x, int indent, int ptype) if (!ASN1_bn_print(bp, "public-key:", pub_key, NULL, indent)) goto err; - if (!ffc_params_print(bp, &x->params, indent)) + if (!ossl_ffc_params_print(bp, &x->params, indent)) goto err; if (x->length != 0) { @@ -354,15 +354,15 @@ static int dh_security_bits(const EVP_PKEY *pkey) static int dh_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b) { - return ffc_params_cmp(&a->pkey.dh->params, &a->pkey.dh->params, - a->ameth != &dhx_asn1_meth); + return ossl_ffc_params_cmp(&a->pkey.dh->params, &a->pkey.dh->params, + a->ameth != &dhx_asn1_meth); } static int int_dh_param_copy(DH *to, const DH *from, int is_x942) { if (is_x942 == -1) is_x942 = (from->params.q != NULL); - if (!ffc_params_copy(&to->params, &from->params)) + if (!ossl_ffc_params_copy(&to->params, &from->params)) return 0; if (!is_x942) to->length = from->length; diff --git a/crypto/dh/dh_asn1.c b/crypto/dh/dh_asn1.c index 5475d98bfa..cf5c735a6a 100644 --- a/crypto/dh/dh_asn1.c +++ b/crypto/dh/dh_asn1.c @@ -108,13 +108,14 @@ DH *d2i_DHxparams(DH **a, const unsigned char **pp, long length) params = &dh->params; DH_set0_pqg(dh, dhx->p, dhx->q, dhx->g); - ffc_params_set0_j(params, dhx->j); + ossl_ffc_params_set0_j(params, dhx->j); if (dhx->vparams != NULL) { /* The counter has a maximum value of 4 * numbits(p) - 1 */ size_t counter = (size_t)BN_get_word(dhx->vparams->counter); - ffc_params_set_validate_params(params, dhx->vparams->seed->data, - dhx->vparams->seed->length, counter); + ossl_ffc_params_set_validate_params(params, dhx->vparams->seed->data, + dhx->vparams->seed->length, + counter); ASN1_BIT_STRING_free(dhx->vparams->seed); BN_free(dhx->vparams->counter); OPENSSL_free(dhx->vparams); @@ -135,10 +136,10 @@ int i2d_DHxparams(const DH *dh, unsigned char **pp) const FFC_PARAMS *params = &dh->params; int counter; - ffc_params_get0_pqg(params, (const BIGNUM **)&dhx.p, - (const BIGNUM **)&dhx.q, (const BIGNUM **)&dhx.g); + ossl_ffc_params_get0_pqg(params, (const BIGNUM **)&dhx.p, + (const BIGNUM **)&dhx.q, (const BIGNUM **)&dhx.g); dhx.j = params->j; - ffc_params_get_validate_params(params, &seed.data, &seedlen, &counter); + ossl_ffc_params_get_validate_params(params, &seed.data, &seedlen, &counter); seed.length = (int)seedlen; if (counter != -1 && seed.data != NULL && seed.length > 0) { diff --git a/crypto/dh/dh_check.c b/crypto/dh/dh_check.c index a223121cd0..ce8c6f7185 100644 --- a/crypto/dh/dh_check.c +++ b/crypto/dh/dh_check.c @@ -62,8 +62,8 @@ int DH_check_params(const DH *dh, int *ret) * (2b) FFC domain params conform to FIPS-186-4 explicit domain param * validity tests. */ - return ffc_params_FIPS186_4_validate(dh->libctx, &dh->params, - FFC_PARAM_TYPE_DH, ret, NULL); + return ossl_ffc_params_FIPS186_4_validate(dh->libctx, &dh->params, + FFC_PARAM_TYPE_DH, ret, NULL); } #else int DH_check_params(const DH *dh, int *ret) @@ -235,7 +235,7 @@ int DH_check_pub_key_ex(const DH *dh, const BIGNUM *pub_key) */ int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *ret) { - return ffc_validate_public_key(&dh->params, pub_key, ret); + return ossl_ffc_validate_public_key(&dh->params, pub_key, ret); } /* @@ -245,7 +245,7 @@ int DH_check_pub_key(const DH *dh, const BIGNUM *pub_key, int *ret) */ int dh_check_pub_key_partial(const DH *dh, const BIGNUM *pub_key, int *ret) { - return ffc_validate_public_key_partial(&dh->params, pub_key, ret); + return ossl_ffc_validate_public_key_partial(&dh->params, pub_key, ret); } int dh_check_priv_key(const DH *dh, const BIGNUM *priv_key, int *ret) @@ -268,7 +268,7 @@ int dh_check_priv_key(const DH *dh, const BIGNUM *priv_key, int *ret) if (BN_cmp(two_powN, dh->params.q) < 0) upper = two_powN; } - if (!ffc_validate_private_key(upper, priv_key, ret)) + if (!ossl_ffc_validate_private_key(upper, priv_key, ret)) goto err; ok = 1; diff --git a/crypto/dh/dh_ctrl.c b/crypto/dh/dh_ctrl.c index 0db5eba505..2aa69fd154 100644 --- a/crypto/dh/dh_ctrl.c +++ b/crypto/dh/dh_ctrl.c @@ -179,7 +179,7 @@ int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int gen) if (ctx->op.keymgmt.genctx == NULL) return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DHX, EVP_PKEY_OP_PARAMGEN, EVP_PKEY_CTRL_DH_RFC5114, gen, NULL); - name = ffc_named_group_from_uid(gen); + name = ossl_ffc_named_group_from_uid(gen); if (name == NULL) return 0; @@ -208,7 +208,7 @@ int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid) return EVP_PKEY_CTX_ctrl(ctx, EVP_PKEY_DH, EVP_PKEY_OP_PARAMGEN | EVP_PKEY_OP_KEYGEN, EVP_PKEY_CTRL_DH_NID, nid, NULL); - name = ffc_named_group_from_uid(nid); + name = ossl_ffc_named_group_from_uid(nid); if (name == NULL) return 0; diff --git a/crypto/dh/dh_gen.c b/crypto/dh/dh_gen.c index 096cf12886..1e84db9527 100644 --- a/crypto/dh/dh_gen.c +++ b/crypto/dh/dh_gen.c @@ -42,14 +42,14 @@ int dh_generate_ffc_parameters(DH *dh, int type, int pbits, int qbits, #ifndef FIPS_MODULE if (type == DH_PARAMGEN_TYPE_FIPS_186_2) - ret = ffc_params_FIPS186_2_generate(dh->libctx, &dh->params, - FFC_PARAM_TYPE_DH, - pbits, qbits, &res, cb); + ret = ossl_ffc_params_FIPS186_2_generate(dh->libctx, &dh->params, + FFC_PARAM_TYPE_DH, + pbits, qbits, &res, cb); else #endif - ret = ffc_params_FIPS186_4_generate(dh->libctx, &dh->params, - FFC_PARAM_TYPE_DH, - pbits, qbits, &res, cb); + ret = ossl_ffc_params_FIPS186_4_generate(dh->libctx, &dh->params, + FFC_PARAM_TYPE_DH, + pbits, qbits, &res, cb); if (ret > 0) dh->dirty_cnt++; return ret; @@ -102,7 +102,7 @@ static int dh_gen_named_group(OPENSSL_CTX *libctx, DH *ret, int prime_len) dh = dh_new_by_nid_ex(libctx, nid); if (dh != NULL - && ffc_params_copy(&ret->params, &dh->params)) { + && ossl_ffc_params_copy(&ret->params, &dh->params)) { ok = 1; ret->dirty_cnt++; } diff --git a/crypto/dh/dh_group_params.c b/crypto/dh/dh_group_params.c index 7a19f71b4d..b91a76bd97 100644 --- a/crypto/dh/dh_group_params.c +++ b/crypto/dh/dh_group_params.c @@ -78,7 +78,7 @@ static const DH_NAMED_GROUP dh_named_groups[] = { #endif }; -int ffc_named_group_to_uid(const char *name) +int ossl_ffc_named_group_to_uid(const char *name) { size_t i; @@ -89,7 +89,7 @@ int ffc_named_group_to_uid(const char *name) return NID_undef; } -const char *ffc_named_group_from_uid(int uid) +const char *ossl_ffc_named_group_from_uid(int uid) { size_t i; @@ -138,7 +138,7 @@ static DH *dh_new_by_group_name(OPENSSL_CTX *libctx, const char *name) DH *dh_new_by_nid_ex(OPENSSL_CTX *libctx, int nid) { - const char *name = ffc_named_group_from_uid(nid); + const char *name = ossl_ffc_named_group_from_uid(nid); return dh_new_by_group_name(libctx, name); } @@ -148,7 +148,7 @@ DH *DH_new_by_nid(int nid) return dh_new_by_nid_ex(NULL, nid); } -int ffc_set_group_pqg(FFC_PARAMS *ffc, const char *group_name) +int ossl_ffc_set_group_pqg(FFC_PARAMS *ffc, const char *group_name) { int i; BIGNUM *q = NULL; @@ -158,10 +158,10 @@ int ffc_set_group_pqg(FFC_PARAMS *ffc, const char *group_name) for (i = 0; i < (int)OSSL_NELEM(dh_named_groups); ++i) { if (strcasecmp(dh_named_groups[i].name, group_name) == 0) { - ffc_params_set0_pqg(ffc, - (BIGNUM *)dh_named_groups[i].p, - (BIGNUM *)dh_named_groups[i].q, - (BIGNUM *)dh_named_groups[i].g); + ossl_ffc_params_set0_pqg(ffc, + (BIGNUM *)dh_named_groups[i].p, + (BIGNUM *)dh_named_groups[i].q, + (BIGNUM *)dh_named_groups[i].g); /* flush the cached nid, The DH layer is responsible for caching */ ffc->nid = NID_undef; return 1; diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c index 3b4da19cd2..8d9c72d65c 100644 --- a/crypto/dh/dh_key.c +++ b/crypto/dh/dh_key.c @@ -155,7 +155,7 @@ static int dh_bn_mod_exp(const DH *dh, BIGNUM *r, static int dh_init(DH *dh) { dh->flags |= DH_FLAG_CACHE_MONT_P; - ffc_params_init(&dh->params); + ossl_ffc_params_init(&dh->params); dh->dirty_cnt++; return 1; } @@ -260,8 +260,8 @@ static int generate_key(DH *dh) || dh->length > BN_num_bits(dh->params.q)) goto err; /* dh->length = maximum bit length of generated private key */ - if (!ffc_generate_private_key(ctx, &dh->params, dh->length, - max_strength, priv_key)) + if (!ossl_ffc_generate_private_key(ctx, &dh->params, dh->length, + max_strength, priv_key)) goto err; } else { #ifdef FIPS_MODULE @@ -288,18 +288,18 @@ static int generate_key(DH *dh) #endif { /* Do a partial check for invalid p, q, g */ - if (!ffc_params_simple_validate(dh->libctx, &dh->params, - FFC_PARAM_TYPE_DH)) + if (!ossl_ffc_params_simple_validate(dh->libctx, &dh->params, + FFC_PARAM_TYPE_DH)) goto err; /* * For FFC FIPS 186-4 keygen * security strength s = 112, * Max Private key size N = len(q) */ - if (!ffc_generate_private_key(ctx, &dh->params, - BN_num_bits(dh->params.q), - MIN_STRENGTH, - priv_key)) + if (!ossl_ffc_generate_private_key(ctx, &dh->params, + BN_num_bits(dh->params.q), + MIN_STRENGTH, + priv_key)) goto err; } } diff --git a/crypto/dh/dh_lib.c b/crypto/dh/dh_lib.c index 6c6eda27a2..793a5af2a0 100644 --- a/crypto/dh/dh_lib.c +++ b/crypto/dh/dh_lib.c @@ -149,7 +149,7 @@ void DH_free(DH *r) CRYPTO_THREAD_lock_free(r->lock); - ffc_params_cleanup(&r->params); + ossl_ffc_params_cleanup(&r->params); BN_clear_free(r->pub_key); BN_clear_free(r->priv_key); OPENSSL_free(r); @@ -204,7 +204,7 @@ int DH_security_bits(const DH *dh) void DH_get0_pqg(const DH *dh, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g) { - ffc_params_get0_pqg(&dh->params, p, q, g); + ossl_ffc_params_get0_pqg(&dh->params, p, q, g); } int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) @@ -217,7 +217,7 @@ int DH_set0_pqg(DH *dh, BIGNUM *p, BIGNUM *q, BIGNUM *g) || (dh->params.g == NULL && g == NULL)) return 0; - ffc_params_set0_pqg(&dh->params, p, q, g); + ossl_ffc_params_set0_pqg(&dh->params, p, q, g); dh_cache_named_group(dh); if (q != NULL) dh->length = BN_num_bits(q); @@ -337,7 +337,7 @@ int dh_ffc_params_fromdata(DH *dh, const OSSL_PARAM params[]) if (ffc == NULL) return 0; - ret = ffc_params_fromdata(ffc, params); + ret = ossl_ffc_params_fromdata(ffc, params); if (ret) { dh_cache_named_group(dh); dh->dirty_cnt++; diff --git a/crypto/dh/dh_pmeth.c b/crypto/dh/dh_pmeth.c index 2c74b39db1..9d72fa0959 100644 --- a/crypto/dh/dh_pmeth.c +++ b/crypto/dh/dh_pmeth.c @@ -297,20 +297,22 @@ static DH *ffc_params_generate(OPENSSL_CTX *libctx, DH_PKEY_CTX *dctx, } if (dctx->md != NULL) - ffc_set_digest(&ret->params, EVP_MD_name(dctx->md), NULL); + ossl_ffc_set_digest(&ret->params, EVP_MD_name(dctx->md), NULL); # ifndef FIPS_MODULE if (dctx->paramgen_type == DH_PARAMGEN_TYPE_FIPS_186_2) - rv = ffc_params_FIPS186_2_generate(libctx, &ret->params, - FFC_PARAM_TYPE_DH, - prime_len, subprime_len, &res, pcb); + rv = ossl_ffc_params_FIPS186_2_generate(libctx, &ret->params, + FFC_PARAM_TYPE_DH, + prime_len, subprime_len, &res, + pcb); else # endif /* For FIPS we always use the DH_PARAMGEN_TYPE_FIPS_186_4 generator */ if (dctx->paramgen_type >= DH_PARAMGEN_TYPE_FIPS_186_2) - rv = ffc_params_FIPS186_4_generate(libctx, &ret->params, - FFC_PARAM_TYPE_DH, - prime_len, subprime_len, &res, pcb); + rv = ossl_ffc_params_FIPS186_4_generate(libctx, &ret->params, + FFC_PARAM_TYPE_DH, + prime_len, subprime_len, &res, + pcb); if (rv <= 0) { DH_free(ret); return NULL; diff --git a/crypto/dsa/dsa_ameth.c b/crypto/dsa/dsa_ameth.c index 651b463235..7619c05b5e 100644 --- a/crypto/dsa/dsa_ameth.c +++ b/crypto/dsa/dsa_ameth.c @@ -300,7 +300,7 @@ static int dsa_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) if (to->pkey.dsa == NULL) return 0; } - if (!ffc_params_copy(&to->pkey.dsa->params, &from->pkey.dsa->params)) + if (!ossl_ffc_params_copy(&to->pkey.dsa->params, &from->pkey.dsa->params)) return 0; to->pkey.dsa->dirty_cnt++; @@ -309,7 +309,7 @@ static int dsa_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from) static int dsa_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b) { - return ffc_params_cmp(&a->pkey.dsa->params, &b->pkey.dsa->params, 1); + return ossl_ffc_params_cmp(&a->pkey.dsa->params, &b->pkey.dsa->params, 1); } static int dsa_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b) @@ -363,7 +363,7 @@ static int do_dsa_print(BIO *bp, const DSA *x, int off, int ptype) goto err; if (!ASN1_bn_print(bp, "pub: ", pub_key, NULL, off)) goto err; - if (!ffc_params_print(bp, &x->params, off)) + if (!ossl_ffc_params_print(bp, &x->params, off)) goto err; ret = 1; err: diff --git a/crypto/dsa/dsa_check.c b/crypto/dsa/dsa_check.c index 01cf0f6341..0d38340840 100644 --- a/crypto/dsa/dsa_check.c +++ b/crypto/dsa/dsa_check.c @@ -19,8 +19,8 @@ int dsa_check_params(const DSA *dsa, int *ret) * (2b) FFC domain params conform to FIPS-186-4 explicit domain param * validity tests. */ - return ffc_params_FIPS186_4_validate(dsa->libctx, &dsa->params, - FFC_PARAM_TYPE_DSA, ret, NULL); + return ossl_ffc_params_FIPS186_4_validate(dsa->libctx, &dsa->params, + FFC_PARAM_TYPE_DSA, ret, NULL); } /* @@ -28,7 +28,7 @@ int dsa_check_params(const DSA *dsa, int *ret) */ int dsa_check_pub_key(const DSA *dsa, const BIGNUM *pub_key, int *ret) { - return ffc_validate_public_key(&dsa->params, pub_key, ret); + return ossl_ffc_validate_public_key(&dsa->params, pub_key, ret); } /* @@ -38,7 +38,7 @@ int dsa_check_pub_key(const DSA *dsa, const BIGNUM *pub_key, int *ret) */ int dsa_check_pub_key_partial(const DSA *dsa, const BIGNUM *pub_key, int *ret) { - return ffc_validate_public_key_partial(&dsa->params, pub_key, ret); + return ossl_ffc_validate_public_key_partial(&dsa->params, pub_key, ret); } int dsa_check_priv_key(const DSA *dsa, const BIGNUM *priv_key, int *ret) @@ -46,7 +46,7 @@ int dsa_check_priv_key(const DSA *dsa, const BIGNUM *priv_key, int *ret) *ret = 0; return (dsa->params.q != NULL - && ffc_validate_private_key(dsa->params.q, priv_key, ret)); + && ossl_ffc_validate_private_key(dsa->params.q, priv_key, ret)); } /* diff --git a/crypto/dsa/dsa_gen.c b/crypto/dsa/dsa_gen.c index 94b3da8754..9d6d9a8d4a 100644 --- a/crypto/dsa/dsa_gen.c +++ b/crypto/dsa/dsa_gen.c @@ -30,14 +30,14 @@ int dsa_generate_ffc_parameters(DSA *dsa, int type, int pbits, int qbits, #ifndef FIPS_MODULE if (type == DSA_PARAMGEN_TYPE_FIPS_186_2) - ret = ffc_params_FIPS186_2_generate(dsa->libctx, &dsa->params, - FFC_PARAM_TYPE_DSA, - pbits, qbits, &res, cb); + ret = ossl_ffc_params_FIPS186_2_generate(dsa->libctx, &dsa->params, + FFC_PARAM_TYPE_DSA, + pbits, qbits, &res, cb); else #endif - ret = ffc_params_FIPS186_4_generate(dsa->libctx, &dsa->params, - FFC_PARAM_TYPE_DSA, - pbits, qbits, &res, cb); + ret = ossl_ffc_params_FIPS186_4_generate(dsa->libctx, &dsa->params, + FFC_PARAM_TYPE_DSA, + pbits, qbits, &res, cb); if (ret > 0) dsa->dirty_cnt++; return ret; @@ -53,7 +53,8 @@ int DSA_generate_parameters_ex(DSA *dsa, int bits, return dsa->meth->dsa_paramgen(dsa, bits, seed_in, seed_len, counter_ret, h_ret, cb); if (seed_in != NULL - && !ffc_params_set_validate_params(&dsa->params, seed_in, seed_len, -1)) + && !ossl_ffc_params_set_validate_params(&dsa->params, seed_in, seed_len, + -1)) return 0; /* The old code used FIPS 186-2 DSA Parameter generation */ diff --git a/crypto/dsa/dsa_key.c b/crypto/dsa/dsa_key.c index bf9d8a269c..899663353f 100644 --- a/crypto/dsa/dsa_key.c +++ b/crypto/dsa/dsa_key.c @@ -76,8 +76,8 @@ static int dsa_keygen(DSA *dsa, int pairwise_test) } /* Do a partial check for invalid p, q, g */ - if (!ffc_params_simple_validate(dsa->libctx, &dsa->params, - FFC_PARAM_TYPE_DSA)) + if (!ossl_ffc_params_simple_validate(dsa->libctx, &dsa->params, + FFC_PARAM_TYPE_DSA)) goto err; /* @@ -85,8 +85,9 @@ static int dsa_keygen(DSA *dsa, int pairwise_test) * security strength s = 112, * Max Private key size N = len(q) */ - if (!ffc_generate_private_key(ctx, &dsa->params, BN_num_bits(dsa->params.q), - MIN_STRENGTH, priv_key)) + if (!ossl_ffc_generate_private_key(ctx, &dsa->params, + BN_num_bits(dsa->params.q), + MIN_STRENGTH, priv_key)) goto err; if (dsa->pub_key == NULL) { diff --git a/crypto/dsa/dsa_lib.c b/crypto/dsa/dsa_lib.c index e71a8c8f8e..b16fbb7023 100644 --- a/crypto/dsa/dsa_lib.c +++ b/crypto/dsa/dsa_lib.c @@ -56,7 +56,7 @@ DH *DSA_dup_DH(const DSA *r) if (ret == NULL) goto err; - if (!ffc_params_copy(dh_get0_params(ret), &r->params)) + if (!ossl_ffc_params_copy(dh_get0_params(ret), &r->params)) goto err; if (r->pub_key != NULL) { @@ -231,7 +231,7 @@ void DSA_free(DSA *r) CRYPTO_THREAD_lock_free(r->lock); - ffc_params_cleanup(&r->params); + ossl_ffc_params_cleanup(&r->params); BN_clear_free(r->pub_key); BN_clear_free(r->priv_key); OPENSSL_free(r); @@ -252,7 +252,7 @@ int DSA_up_ref(DSA *r) void DSA_get0_pqg(const DSA *d, const BIGNUM **p, const BIGNUM **q, const BIGNUM **g) { - ffc_params_get0_pqg(&d->params, p, q, g); + ossl_ffc_params_get0_pqg(&d->params, p, q, g); } int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g) @@ -265,7 +265,7 @@ int DSA_set0_pqg(DSA *d, BIGNUM *p, BIGNUM *q, BIGNUM *g) || (d->params.g == NULL && g == NULL)) return 0; - ffc_params_set0_pqg(&d->params, p, q, g); + ossl_ffc_params_set0_pqg(&d->params, p, q, g); d->dirty_cnt++; return 1; @@ -356,7 +356,7 @@ int dsa_ffc_params_fromdata(DSA *dsa, const OSSL_PARAM params[]) if (ffc == NULL) return 0; - ret = ffc_params_fromdata(ffc, params); + ret = ossl_ffc_params_fromdata(ffc, params); if (ret) dsa->dirty_cnt++; return ret; diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c index b52fa1c00b..547b0283fa 100644 --- a/crypto/dsa/dsa_ossl.c +++ b/crypto/dsa/dsa_ossl.c @@ -426,7 +426,7 @@ static int dsa_do_verify(const unsigned char *dgst, int dgst_len, static int dsa_init(DSA *dsa) { dsa->flags |= DSA_FLAG_CACHE_MONT_P; - ffc_params_init(&dsa->params); + ossl_ffc_params_init(&dsa->params); dsa->dirty_cnt++; return 1; } diff --git a/crypto/dsa/dsa_pmeth.c b/crypto/dsa/dsa_pmeth.c index 7b364059e7..0f5a6157ae 100644 --- a/crypto/dsa/dsa_pmeth.c +++ b/crypto/dsa/dsa_pmeth.c @@ -218,10 +218,11 @@ static int pkey_dsa_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey) return 0; } if (dctx->md != NULL) - ffc_set_digest(&dsa->params, EVP_MD_name(dctx->md), NULL); + ossl_ffc_set_digest(&dsa->params, EVP_MD_name(dctx->md), NULL); - ret = ffc_params_FIPS186_4_generate(NULL, &dsa->params, FFC_PARAM_TYPE_DSA, - dctx->nbits, dctx->qbits, &res, pcb); + ret = ossl_ffc_params_FIPS186_4_generate(NULL, &dsa->params, + FFC_PARAM_TYPE_DSA, dctx->nbits, + dctx->qbits, &res, pcb); BN_GENCB_free(pcb); if (ret > 0) EVP_PKEY_assign_DSA(pkey, dsa); diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c index a3a65857b8..8f84230dcf 100644 --- a/crypto/evp/pmeth_lib.c +++ b/crypto/evp/pmeth_lib.c @@ -1569,7 +1569,7 @@ static int legacy_ctrl_str_to_param(EVP_PKEY_CTX *ctx, const char *name, name = OSSL_PKEY_PARAM_GROUP_NAME; else if (strcmp(name, "dh_rfc5114") == 0) { name = OSSL_PKEY_PARAM_GROUP_NAME; - value = ffc_named_group_from_uid(atoi(value)); + value = ossl_ffc_named_group_from_uid(atoi(value)); } else if (strcmp(name, "dh_pad") == 0) name = OSSL_EXCHANGE_PARAM_PAD; # endif diff --git a/crypto/ffc/ffc_backend.c b/crypto/ffc/ffc_backend.c index 6e269ebf56..fddd41557e 100644 --- a/crypto/ffc/ffc_backend.c +++ b/crypto/ffc/ffc_backend.c @@ -17,7 +17,7 @@ * implementations alike. */ -int ffc_params_fromdata(FFC_PARAMS *ffc, const OSSL_PARAM params[]) +int ossl_ffc_params_fromdata(FFC_PARAMS *ffc, const OSSL_PARAM params[]) { const OSSL_PARAM *prm; const OSSL_PARAM *param_p, *param_q, *param_g; @@ -36,7 +36,7 @@ int ffc_params_fromdata(FFC_PARAMS *ffc, const OSSL_PARAM params[]) * In a no-dh build we just go straight to err because we have no * support for this. */ - if (!ffc_set_group_pqg(ffc, prm->data)) + if (!ossl_ffc_set_group_pqg(ffc, prm->data)) #endif goto err; } @@ -75,14 +75,14 @@ int ffc_params_fromdata(FFC_PARAMS *ffc, const OSSL_PARAM params[]) if (prm != NULL) { if (prm->data_type != OSSL_PARAM_OCTET_STRING) goto err; - if (!ffc_params_set_seed(ffc, prm->data, prm->data_size)) + if (!ossl_ffc_params_set_seed(ffc, prm->data, prm->data_size)) goto err; } prm = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_FFC_VALIDATE_TYPE); if (prm != NULL) { if (prm->data_type != OSSL_PARAM_UTF8_STRING) goto err; - ffc_params_set_flags(ffc, ffc_params_flags_from_name(prm->data)); + ossl_ffc_params_set_flags(ffc, ossl_ffc_params_flags_from_name(prm->data)); } prm = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_FFC_DIGEST); if (prm != NULL) { @@ -96,12 +96,12 @@ int ffc_params_fromdata(FFC_PARAMS *ffc, const OSSL_PARAM params[]) if (p1->data_type != OSSL_PARAM_UTF8_STRING) goto err; } - if (!ffc_set_digest(ffc, prm->data, props)) + if (!ossl_ffc_set_digest(ffc, prm->data, props)) goto err; } - ffc_params_set0_pqg(ffc, p, q, g); - ffc_params_set0_j(ffc, j); + ossl_ffc_params_set0_pqg(ffc, p, q, g); + ossl_ffc_params_set0_j(ffc, j); return 1; err: diff --git a/crypto/ffc/ffc_key_generate.c b/crypto/ffc/ffc_key_generate.c index aeabae010f..d8d2116ddc 100644 --- a/crypto/ffc/ffc_key_generate.c +++ b/crypto/ffc/ffc_key_generate.c @@ -19,8 +19,8 @@ * s is the security strength. * priv_key is the returned private key, */ -int ffc_generate_private_key(BN_CTX *ctx, const FFC_PARAMS *params, - int N, int s, BIGNUM *priv) +int ossl_ffc_generate_private_key(BN_CTX *ctx, const FFC_PARAMS *params, + int N, int s, BIGNUM *priv) { int ret = 0, qbits = BN_num_bits(params->q); BIGNUM *m, *two_powN = NULL; diff --git a/crypto/ffc/ffc_key_validate.c b/crypto/ffc/ffc_key_validate.c index a35f52e1b9..9f6525a2c8 100644 --- a/crypto/ffc/ffc_key_validate.c +++ b/crypto/ffc/ffc_key_validate.c @@ -16,8 +16,8 @@ * * ret contains 0 on success, or error flags (see FFC_ERROR_PUBKEY_TOO_SMALL) */ -int ffc_validate_public_key_partial(const FFC_PARAMS *params, - const BIGNUM *pub_key, int *ret) +int ossl_ffc_validate_public_key_partial(const FFC_PARAMS *params, + const BIGNUM *pub_key, int *ret) { int ok = 0; BIGNUM *tmp = NULL; @@ -58,14 +58,14 @@ int ffc_validate_public_key_partial(const FFC_PARAMS *params, /* * See SP800-56Ar3 Section 5.6.2.3.1 : FFC Full public key validation. */ -int ffc_validate_public_key(const FFC_PARAMS *params, const BIGNUM *pub_key, - int *ret) +int ossl_ffc_validate_public_key(const FFC_PARAMS *params, + const BIGNUM *pub_key, int *ret) { int ok = 0; BIGNUM *tmp = NULL; BN_CTX *ctx = NULL; - if (!ffc_validate_public_key_partial(params, pub_key, ret)) + if (!ossl_ffc_validate_public_key_partial(params, pub_key, ret)) return 0; if (params->q != NULL) { @@ -100,7 +100,8 @@ int ffc_validate_public_key(const FFC_PARAMS *params, const BIGNUM *pub_key, * is normally params->q but can be 2^N for approved safe prime groups. * Note: This assumes that the domain parameters are valid. */ -int ffc_validate_private_key(const BIGNUM *upper, const BIGNUM *priv, int *ret) +int ossl_ffc_validate_private_key(const BIGNUM *upper, const BIGNUM *priv, + int *ret) { int ok = 0; diff --git a/crypto/ffc/ffc_params.c b/crypto/ffc/ffc_params.c index c980ea0018..edcb44b152 100644 --- a/crypto/ffc/ffc_params.c +++ b/crypto/ffc/ffc_params.c @@ -15,10 +15,10 @@ #include "e_os.h" /* strcasecmp */ #ifndef FIPS_MODULE -# include <openssl/asn1.h> /* ffc_params_print */ +# include <openssl/asn1.h> /* ossl_ffc_params_print */ #endif -void ffc_params_init(FFC_PARAMS *params) +void ossl_ffc_params_init(FFC_PARAMS *params) { memset(params, 0, sizeof(*params)); params->pcounter = -1; @@ -26,17 +26,17 @@ void ffc_params_init(FFC_PARAMS *params) params->flags = FFC_PARAM_FLAG_VALIDATE_ALL; } -void ffc_params_cleanup(FFC_PARAMS *params) +void ossl_ffc_params_cleanup(FFC_PARAMS *params) { BN_free(params->p); BN_free(params->q); BN_free(params->g); BN_free(params->j); OPENSSL_free(params->seed); - ffc_params_init(params); + ossl_ffc_params_init(params); } -void ffc_params_set0_pqg(FFC_PARAMS *d, BIGNUM *p, BIGNUM *q, BIGNUM *g) +void ossl_ffc_params_set0_pqg(FFC_PARAMS *d, BIGNUM *p, BIGNUM *q, BIGNUM *g) { if (p != NULL && p != d->p) { BN_free(d->p); @@ -52,8 +52,8 @@ void ffc_params_set0_pqg(FFC_PARAMS *d, BIGNUM *p, BIGNUM *q, BIGNUM *g) } } -void ffc_params_get0_pqg(const FFC_PARAMS *d, const BIGNUM **p, - const BIGNUM **q, const BIGNUM **g) +void ossl_ffc_params_get0_pqg(const FFC_PARAMS *d, const BIGNUM **p, + const BIGNUM **q, const BIGNUM **g) { if (p != NULL) *p = d->p; @@ -65,7 +65,7 @@ void ffc_params_get0_pqg(const FFC_PARAMS *d, const BIGNUM **p, /* j is the 'cofactor' that is optionally output for ASN1. */ -void ffc_params_set0_j(FFC_PARAMS *d, BIGNUM *j) +void ossl_ffc_params_set0_j(FFC_PARAMS *d, BIGNUM *j) { BN_free(d->j); d->j = NULL; @@ -73,8 +73,8 @@ void ffc_params_set0_j(FFC_PARAMS *d, BIGNUM *j) d->j = j; } -int ffc_params_set_seed(FFC_PARAMS *params, - const unsigned char *seed, size_t seedlen) +int ossl_ffc_params_set_seed(FFC_PARAMS *params, + const unsigned char *seed, size_t seedlen) { if (params == NULL) return 0; @@ -97,27 +97,28 @@ int ffc_params_set_seed(FFC_PARAMS *params, return 1; } -void ffc_params_set_gindex(FFC_PARAMS *params, int index) +void ossl_ffc_params_set_gindex(FFC_PARAMS *params, int index) { params->gindex = index; } -void ffc_params_set_pcounter(FFC_PARAMS *params, int index) +void ossl_ffc_params_set_pcounter(FFC_PARAMS *params, int index) { params->pcounter = index; } -void ffc_params_set_h(FFC_PARAMS *params, int index) +void ossl_ffc_params_set_h(FFC_PARAMS *params, int index) { params->h = index; } -void ffc_params_set_flags(FFC_PARAMS *params, unsigned int flags) +void ossl_ffc_params_set_flags(FFC_PARAMS *params, unsigned int flags) { params->flags = flags; } -void ffc_params_enable_flags(FFC_PARAMS *params, unsigned int flags, int enable) +void ossl_ffc_params_enable_flags(FFC_PARAMS *params, unsigned int flags, + int enable) { if (enable) params->flags |= flags; @@ -125,26 +126,26 @@ void ffc_params_enable_flags(FFC_PARAMS *params, unsigned int flags, int enable) params->flags &= ~flags; } -int ffc_set_digest(FFC_PARAMS *params, const char *alg, const char *props) +int ossl_ffc_set_digest(FFC_PARAMS *params, const char *alg, const char *props) { params->mdname = alg; params->mdprops = props; return 1; } -int ffc_params_set_validate_params(FFC_PARAMS *params, - const unsigned char *seed, size_t seedlen, - int counter) +int ossl_ffc_params_set_validate_params(FFC_PARAMS *params, + const unsigned char *seed, + size_t seedlen, int counter) { - if (!ffc_params_set_seed(params, seed, seedlen)) + if (!ossl_ffc_params_set_seed(params, seed, seedlen)) return 0; params->pcounter = counter; return 1; } -void ffc_params_get_validate_params(const FFC_PARAMS *params, - unsigned char **seed, size_t *seedlen, - int *pcounter) +void ossl_ffc_params_get_validate_params(const FFC_PARAMS *params, + unsigned char **seed, size_t *seedlen, + int *pcounter) { if (seed != NULL) *seed = params->seed; @@ -174,7 +175,7 @@ static int ffc_bn_cpy(BIGNUM **dst, const BIGNUM *src) return 1; } -int ffc_params_copy(FFC_PARAMS *dst, const FFC_PARAMS *src) +int ossl_ffc_params_copy(FFC_PARAMS *dst, const FFC_PARAMS *src) { if (!ffc_bn_cpy(&dst->p, src->p) || !ffc_bn_cpy(&dst->g, src->g) @@ -198,7 +199,7 @@ int ffc_params_copy(FFC_PARAMS *dst, const FFC_PARAMS *src) return 1; } -int ffc_params_cmp(const FFC_PARAMS *a, const FFC_PARAMS *b, int ignore_q) +int ossl_ffc_params_cmp(const FFC_PARAMS *a, const FFC_PARAMS *b, int ignore_q) { return BN_cmp(a->p, b->p) == 0 && BN_cmp(a->g, b->g) == 0 @@ -212,7 +213,7 @@ static const OSSL_ITEM flag_map[] = { { 0, "" } }; -int ffc_params_flags_from_name(const char *name) +int ossl_ffc_params_flags_from_name(const char *name) { size_t i; @@ -223,7 +224,7 @@ int ffc_params_flags_from_name(const char *name) return NID_undef; } -const char *ffc_params_flags_to_name(int flags) +const char *ossl_ffc_params_flags_to_name(int flags) { size_t i; @@ -235,7 +236,7 @@ const char *ffc_params_flags_to_name(int flags) return ""; } -int ffc_params_todata(const FFC_PARAMS *ffc, OSSL_PARAM_BLD *bld, +int ossl_ffc_params_todata(const FFC_PARAMS *ffc, OSSL_PARAM_BLD *bld, OSSL_PARAM params[]) { if (ffc == NULL) @@ -269,7 +270,7 @@ int ffc_params_todata(const FFC_PARAMS *ffc, OSSL_PARAM_BLD *bld, return 0; if (ffc->nid != NID_undef) { #ifndef OPENSSL_NO_DH - const char *name = ffc_named_group_from_uid(ffc->nid); + const char *name = ossl_ffc_named_group_from_uid(ffc->nid); if (name == NULL || !ossl_param_build_set_utf8_string(bld, params, @@ -283,7 +284,7 @@ int ffc_params_todata(const FFC_PARAMS *ffc, OSSL_PARAM_BLD *bld, } if (!ossl_param_build_set_utf8_string(bld, params, OSSL_PKEY_PARAM_FFC_VALIDATE_TYPE, - ffc_params_flags_to_name(ffc->flags))) + ossl_ffc_params_flags_to_name(ffc->flags))) return 0; if (ffc->mdname != NULL && !ossl_param_build_set_utf8_string(bld, params, @@ -299,7 +300,7 @@ int ffc_params_todata(const FFC_PARAMS *ffc, OSSL_PARAM_BLD *bld, } #ifndef FIPS_MODULE -int ffc_params_print(BIO *bp, const FFC_PARAMS *ffc, int indent) +int ossl_ffc_params_print(BIO *bp, const FFC_PARAMS *ffc, int indent) { if (!ASN1_bn_print(bp, "prime P:", ffc->p, NULL, indent)) goto err; diff --git a/crypto/ffc/ffc_params_generate.c b/crypto/ffc/ffc_params_generate.c index a289270347..0f955f5644 100644 --- a/crypto/ffc/ffc_params_generate.c +++ b/crypto/ffc/ffc_params_generate.c @@ -510,9 +510,10 @@ static const char *default_mdname(size_t N) * - FFC_PARAM_RET_STATUS_UNVERIFIABLE_G if the validation of G succeeded, * but G is unverifiable. */ -int ffc_params_FIPS186_4_gen_verify(OPENSSL_CTX *libctx, FFC_PARAMS *params, - int mode, int type, size_t L, size_t N, - int *res, BN_GENCB *cb) +int ossl_ffc_params_FIPS186_4_gen_verify(OPENSSL_CTX *libctx, + FFC_PARAMS *params, int mode, int type, + size_t L, size_t N, int *res, + BN_GENCB *cb) { int ok = FFC_PARAM_RET_STATUS_FAILED; unsigned char *seed = NULL, *seed_tmp = NULL; @@ -728,8 +729,8 @@ g_only: goto err; if (((flags & FFC_PARAM_FLAG_VALIDATE_G) != 0) - && !ffc_params_validate_unverifiable_g(ctx, mont, p, q, params->g, - tmp, res)) + && !ossl_ffc_params_validate_unverifiable_g(ctx, mont, p, q, params->g, + tmp, res)) goto err; /* @@ -777,7 +778,8 @@ g_only: } if (params->p == NULL || params->q == NULL || params->g == NULL) goto err; - if (!ffc_params_set_validate_params(params, seed, seedlen, pcounter)) + if (!ossl_ffc_params_set_validate_params(params, seed, seedlen, + pcounter)) goto err; params->h = hret; } @@ -801,9 +803,10 @@ err: } /* Note this function is only used for verification in fips mode */ -int ffc_params_FIPS186_2_gen_verify(OPENSSL_CTX *libctx, FFC_PARAMS *params, - int mode, int type, size_t L, size_t N, - int *res, BN_GENCB *cb) +int ossl_ffc_params_FIPS186_2_gen_verify(OPENSSL_CTX *libctx, + FFC_PARAMS *params, int mode, int type, + size_t L, size_t N, int *res, + BN_GENCB *cb) { int ok = FFC_PARAM_RET_STATUS_FAILED; unsigned char seed[SHA256_DIGEST_LENGTH]; @@ -988,8 +991,9 @@ g_only: if (!generate_unverifiable_g(ctx, mont, g, tmp, p, r0, test, &hret)) goto err; } else if (((flags & FFC_PARAM_FLAG_VALIDATE_G) != 0) - && !ffc_params_validate_unverifiable_g(ctx, mont, p, q, - params->g, tmp, res)) { + && !ossl_ffc_params_validate_unverifiable_g(ctx, mont, p, q, + params->g, tmp, + res)) { goto err; } @@ -1011,7 +1015,7 @@ g_only: } if (params->p == NULL || params->q == NULL || params->g == NULL) goto err; - if (!ffc_params_set_validate_params(params, seed, qsize, pcounter)) + if (!ossl_ffc_params_set_validate_params(params, seed, qsize, pcounter)) goto err; params->h = hret; } @@ -1029,21 +1033,21 @@ err: return ok; } -int ffc_params_FIPS186_4_generate(OPENSSL_CTX *libctx, FFC_PARAMS *params, - int type, size_t L, size_t N, - int *res, BN_GENCB *cb) +int ossl_ffc_params_FIPS186_4_generate(OPENSSL_CTX *libctx, FFC_PARAMS *params, + int type, size_t L, size_t N, + int *res, BN_GENCB *cb) { - return ffc_params_FIPS186_4_gen_verify(libctx, params, - FFC_PARAM_MODE_GENERATE, - type, L, N, res, cb); + return ossl_ffc_params_FIPS186_4_gen_verify(libctx, params, + FFC_PARAM_MODE_GENERATE, + type, L, N, res, cb); } /* This should no longer be used in FIPS mode */ -int ffc_params_FIPS186_2_generate(OPENSSL_CTX *libctx, FFC_PARAMS *params, - int type, size_t L, size_t N, - int *res, BN_GENCB *cb) +int ossl_ffc_params_FIPS186_2_generate(OPENSSL_CTX *libctx, FFC_PARAMS *params, + int type, size_t L, size_t N, + int *res, BN_GENCB *cb) { - return ffc_params_FIPS186_2_gen_verify(libctx, params, - FFC_PARAM_MODE_GENERATE, - type, L, N, res, cb); + return ossl_ffc_params_FIPS186_2_gen_verify(libctx, params, + FFC_PARAM_MODE_GENERATE, + type, L, N, res, cb); } diff --git a/crypto/ffc/ffc_params_validate.c b/crypto/ffc/ffc_params_validate.c index 9221b13d17..bdc59968b2 100644 --- a/crypto/ffc/ffc_params_validate.c +++ b/crypto/ffc/ffc_params_validate.c @@ -16,9 +16,10 @@ #include "internal/ffc.h" /* FIPS186-4 A.2.2 Unverifiable partial validation of Generator g */ -int ffc_params_validate_unverifiable_g(BN_CTX *ctx, BN_MONT_CTX *mont, - const BIGNUM *p, const BIGNUM *q, - const BIGNUM *g, BIGNUM *tmp, int *ret) +int ossl_ffc_params_validate_unverifiable_g(BN_CTX *ctx, BN_MONT_CTX *mont, + const BIGNUM *p, const BIGNUM *q, + const BIGNUM *g, BIGNUM *tmp, + int *ret) { /* * A.2.2 Step (1) AND @@ -44,8 +45,9 @@ int ffc_params_validate_unverifiable_g(BN_CTX *ctx, BN_MONT_CTX *mont, return 1; } -int ffc_params_FIPS186_4_validate(OPENSSL_CTX *libctx, const FFC_PARAMS *params, - int type, int *res, BN_GENCB *cb) +int ossl_ffc_params_FIPS186_4_validate(OPENSSL_CTX *libctx, + const FFC_PARAMS *params, int type, + int *res, BN_GENCB *cb) { size_t L, N; @@ -55,14 +57,15 @@ int ffc_params_FIPS186_4_validate(OPENSSL_CTX *libctx, const FFC_PARAMS *params, /* A.1.1.3 Step (1..2) : L = len(p), N = len(q) */ L = BN_num_bits(params->p); N = BN_num_bits(params->q); - return ffc_params_FIPS186_4_gen_verify(libctx, (FFC_PARAMS *)params, - FFC_PARAM_MODE_VERIFY, type, - L, N, res, cb); + return ossl_ffc_params_FIPS186_4_gen_verify(libctx, (FFC_PARAMS *)params, + FFC_PARAM_MODE_VERIFY, type, + L, N, res, cb); } /* This may be used in FIPS mode to validate deprecated FIPS-186-2 Params */ -int ffc_params_FIPS186_2_validate(OPENSSL_CTX *libctx, const FFC_PARAMS *params, - int type, int *res, BN_GENCB *cb) +int ossl_ffc_params_FIPS186_2_validate(OPENSSL_CTX *libctx, + const FFC_PARAMS *params, int type, + int *res, BN_GENCB *cb) { size_t L, N; @@ -74,9 +77,9 @@ int ffc_params_FIPS186_2_validate(OPENSSL_CTX *libctx, const FFC_PARAMS *params, /* A.1.1.3 Step (1..2) : L = len(p), N = len(q) */ L = BN_num_bits(params->p); N = BN_num_bits(params->q); - return ffc_params_FIPS186_2_gen_verify(libctx, (FFC_PARAMS *)params, - FFC_PARAM_MODE_VERIFY, type, - L, N, res, cb); + return ossl_ffc_params_FIPS186_2_gen_verify(libctx, (FFC_PARAMS *)params, + FFC_PARAM_MODE_VERIFY, type, + L, N, res, cb); } /* @@ -85,7 +88,8 @@ int ffc_params_FIPS186_2_validate(OPENSSL_CTX *libctx, const FFC_PARAMS *params, * extra parameters such as the digest and seed, which may not be available for * this test. */ -int ffc_params_simple_validate(OPENSSL_CTX *libctx, FFC_PARAMS *params, int type) +int ossl_ffc_params_simple_validate(OPENSSL_CTX *libctx, FFC_PARAMS *params, + int type) { int ret, res = 0; int save_gindex; @@ -101,10 +105,12 @@ int ffc_params_simple_validate(OPENSSL_CTX *libctx, FFC_PARAMS *params, int type #ifndef FIPS_MODULE if (save_flags & FFC_PARAM_FLAG_VALIDATE_LEGACY) - ret = ffc_params_FIPS186_2_validate(libctx, params, type, &res, NULL); + ret = ossl_ffc_params_FIPS186_2_validate(libctx, params, type, &res, + NULL); else #endif - ret = ffc_params_FIPS186_4_validate(libctx, params, type, &res, NULL); + ret = ossl_ffc_params_FIPS186_4_validate(libctx, params, type, &res, + NULL); params->flags = save_flags; params->gindex = save_gindex; return ret != FFC_PARAM_RET_STATUS_FAILED; |