/* Is it an approved safe prime ?*/
if (DH_get_nid(dh) != NID_undef) {
int max_strength =
- ifc_ffc_compute_security_bits(BN_num_bits(dh->params.p));
+ ossl_ifc_ffc_compute_security_bits(BN_num_bits(dh->params.p));
if (dh->params.q == NULL
|| dh->length > BN_num_bits(dh->params.q))
if ((flags & ERR_TXT_STRING) == 0)
data = "";
- hex = openssl_buf2hexstr_sep((const unsigned char *)&tid, sizeof(tid),
- '\0');
+ hex = ossl_buf2hexstr_sep((const unsigned char *)&tid, sizeof(tid), '\0');
BIO_snprintf(buf, sizeof(buf), "%s:", hex == NULL ? "<null>" : hex);
offset = strlen(buf);
ossl_err_string_int(l, func, buf + offset, sizeof(buf) - offset);
&& BIO_write(rctx->mem, req, req_len) == (int)req_len;
}
-BIO *HTTP_asn1_item2bio(const ASN1_ITEM *it, const ASN1_VALUE *val)
+BIO *ossl_http_asn1_item2bio(const ASN1_ITEM *it, const ASN1_VALUE *val)
{
BIO *res;
return 0;
}
- res = (mem = HTTP_asn1_item2bio(it, req)) != NULL
+ res = (mem = ossl_http_asn1_item2bio(it, req)) != NULL
&& OSSL_HTTP_REQ_CTX_set_content(rctx, content_type, mem);
BIO_free(mem);
return res;
* If !use_http_proxy then the 'server' and 'port' parameters are ignored.
* If req_mem == NULL then use GET and ignore content_type, else POST.
*/
-OSSL_HTTP_REQ_CTX *HTTP_REQ_CTX_new(BIO *wbio, BIO *rbio, int use_http_proxy,
- const char *server, const char *port,
- const char *path,
- const STACK_OF(CONF_VALUE) *headers,
- const char *content_type, BIO *req_mem,
- int maxline, unsigned long max_resp_len,
- int timeout,
- const char *expected_ct, int expect_asn1)
+OSSL_HTTP_REQ_CTX
+*ossl_http_req_ctx_new(BIO *wbio, BIO *rbio, int use_http_proxy,
+ const char *server, const char *port,
+ const char *path,
+ const STACK_OF(CONF_VALUE) *headers,
+ const char *content_type, BIO *req_mem,
+ int maxline, unsigned long max_resp_len,
+ int timeout,
+ const char *expected_ct, int expect_asn1)
{
OSSL_HTTP_REQ_CTX *rctx;
port = NULL;
if (port == NULL && strchr(server, ':') == NULL)
port = use_ssl ? OSSL_HTTPS_PORT : OSSL_HTTP_PORT;
- proxy = http_adapt_proxy(proxy, no_proxy, server, use_ssl);
+ proxy = ossl_http_adapt_proxy(proxy, no_proxy, server, use_ssl);
if ((cbio = HTTP_new_bio(server, port, proxy)) == NULL)
return NULL;
#else
}
}
- rctx = HTTP_REQ_CTX_new(cbio, rbio != NULL ? rbio : cbio,
- !use_ssl && proxy != NULL, server, port, path,
- headers, content_type, req_mem, maxline,
- max_resp_len, update_timeout(timeout, start_time),
- expected_ct, expect_asn1);
+ rctx = ossl_http_req_ctx_new(cbio, rbio != NULL ? rbio : cbio,
+ !use_ssl && proxy != NULL, server, port, path,
+ headers, content_type, req_mem, maxline,
+ max_resp_len, update_timeout(timeout, start_time),
+ expected_ct, expect_asn1);
if (rctx == NULL)
goto end;
}
/* remaining parameters are checked indirectly */
- req_mem = HTTP_asn1_item2bio(req_it, req);
+ req_mem = ossl_http_asn1_item2bio(req_it, req);
res_mem = OSSL_HTTP_transfer(server, port, path, use_ssl, proxy, no_proxy,
bio, rbio,
bio_update_fn, arg, headers, content_type,
return 0;
}
-int http_use_proxy(const char *no_proxy, const char *server)
+int ossl_http_use_proxy(const char *no_proxy, const char *server)
{
size_t sl;
const char *found = NULL;
return found == NULL;
}
-const char *http_adapt_proxy(const char *proxy, const char *no_proxy,
- const char *server, int use_ssl)
+const char *ossl_http_adapt_proxy(const char *proxy, const char *no_proxy,
+ const char *server, int use_ssl)
{
const int http_len = strlen(OSSL_HTTP_PREFIX);
const int https_len = strlen(OSSL_HTTPS_PREFIX);
else if (strncmp(proxy, OSSL_HTTPS_PREFIX, https_len) == 0)
proxy += https_len;
- if (*proxy == '\0' || !http_use_proxy(no_proxy, server))
+ if (*proxy == '\0' || !ossl_http_use_proxy(no_proxy, server))
return NULL;
return proxy;
}
# include <openssl/ocsp.h>
-BIO *HTTP_asn1_item2bio(const ASN1_ITEM *it, const ASN1_VALUE *val);
-OSSL_HTTP_REQ_CTX *HTTP_REQ_CTX_new(BIO *wbio, BIO *rbio, int use_http_proxy,
- const char *server, const char *port,
- const char *path,
- const STACK_OF(CONF_VALUE) *headers,
- const char *content_type, BIO *req_mem,
- int maxline, unsigned long max_resp_len,
- int timeout,
- const char *expected_content_type,
- int expect_asn1);
-int http_use_proxy(const char *no_proxy, const char *server);
-const char *http_adapt_proxy(const char *proxy, const char *no_proxy,
- const char *server, int use_ssl);
+BIO *ossl_http_asn1_item2bio(const ASN1_ITEM *it, const ASN1_VALUE *val);
+OSSL_HTTP_REQ_CTX
+*ossl_http_req_ctx_new(BIO *wbio, BIO *rbio, int use_http_proxy,
+ const char *server, const char *port,
+ const char *path,
+ const STACK_OF(CONF_VALUE) *headers,
+ const char *content_type, BIO *req_mem,
+ int maxline, unsigned long max_resp_len,
+ int timeout,
+ const char *expected_content_type,
+ int expect_asn1);
+
+int ossl_http_use_proxy(const char *no_proxy, const char *server);
+const char *ossl_http_adapt_proxy(const char *proxy, const char *no_proxy,
+ const char *server, int use_ssl);
#endif /* !defined(OSSL_CRYPTO_HTTP_LOCAL_H) */
return hexstr2buf_sep(buf, buf_n, buflen, str, sep);
}
-unsigned char *openssl_hexstr2buf_sep(const char *str, long *buflen,
- const char sep)
+unsigned char *ossl_hexstr2buf_sep(const char *str, long *buflen,
+ const char sep)
{
unsigned char *buf;
size_t buf_n, tmp_buflen;
unsigned char *OPENSSL_hexstr2buf(const char *str, long *buflen)
{
- return openssl_hexstr2buf_sep(str, buflen, DEFAULT_SEPARATOR);
+ return ossl_hexstr2buf_sep(str, buflen, DEFAULT_SEPARATOR);
}
static int buf2hexstr_sep(char *str, size_t str_n, size_t *strlen,
return buf2hexstr_sep(str, str_n, strlen, buf, buflen, sep);
}
-char *openssl_buf2hexstr_sep(const unsigned char *buf, long buflen, char sep)
+char *ossl_buf2hexstr_sep(const unsigned char *buf, long buflen, char sep)
{
char *tmp;
size_t tmp_n;
*/
char *OPENSSL_buf2hexstr(const unsigned char *buf, long buflen)
{
- return openssl_buf2hexstr_sep(buf, buflen, ':');
+ return ossl_buf2hexstr_sep(buf, buflen, ':');
}
int openssl_strerror_r(int errnum, char *buf, size_t buflen)
* \cdot(log_e(nBits \cdot log_e(2))^{2/3} - 4.69}{log_e(2)}
* The two cube roots are merged together here.
*/
-uint16_t ifc_ffc_compute_security_bits(int n)
+uint16_t ossl_ifc_ffc_compute_security_bits(int n)
{
uint64_t x;
uint32_t lx;
return 0;
}
#endif
- return ifc_ffc_compute_security_bits(bits);
+ return ossl_ifc_ffc_compute_security_bits(bits);
}
int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d)
*/
int ossl_rsa_sp800_56b_validate_strength(int nbits, int strength)
{
- int s = (int)ifc_ffc_compute_security_bits(nbits);
+ int s = (int)ossl_ifc_ffc_compute_security_bits(nbits);
+
#ifdef FIPS_MODULE
if (s < RSA_FIPS1864_MIN_KEYGEN_STRENGTH
|| s > RSA_FIPS1864_MAX_KEYGEN_STRENGTH) {
/* ip->length should be 8 or 32 and len1 == len2 == 4 or len1 == len2 == 16 */
int len1 = ip->length >= 16 ? 16 : ip->length >= 4 ? 4 : ip->length;
int len2 = ip->length - len1;
- char *ip1 = ipaddr_to_asc(ip->data, len1);
- char *ip2 = ipaddr_to_asc(ip->data + len1, len2);
+ char *ip1 = ossl_ipaddr_to_asc(ip->data, len1);
+ char *ip2 = ossl_ipaddr_to_asc(ip->data + len1, len2);
int ret = ip1 != NULL && ip2 != NULL
&& BIO_printf(bp, "IP:%s/%s", ip1, ip2) > 0;
break;
case GEN_IPADD:
- tmp = ipaddr_to_asc(gen->d.ip->data, gen->d.ip->length);
+ tmp = ossl_ipaddr_to_asc(gen->d.ip->data, gen->d.ip->length);
if (tmp == NULL || !X509V3_add_value("IP Address", tmp, &ret))
ret = NULL;
OPENSSL_free(tmp);
break;
case GEN_IPADD:
- tmp = ipaddr_to_asc(gen->d.ip->data, gen->d.ip->length);
+ tmp = ossl_ipaddr_to_asc(gen->d.ip->data, gen->d.ip->length);
if (tmp == NULL)
return 0;
BIO_printf(out, "IP Address:%s", tmp);
return do_x509_check(x, (char *)ipout, iplen, flags, GEN_IPADD, NULL);
}
-char *ipaddr_to_asc(unsigned char *p, int len)
+char *ossl_ipaddr_to_asc(unsigned char *p, int len)
{
/*
* 40 is enough space for the longest IPv6 address + nul terminator byte
size_t iplen;
unsigned char *ip = int_X509_VERIFY_PARAM_get0_ip(param, &iplen);
- return ip == NULL ? NULL : ipaddr_to_asc(ip, iplen);
+ return ip == NULL ? NULL : ossl_ipaddr_to_asc(ip, iplen);
}
int X509_VERIFY_PARAM_set1_ip(X509_VERIFY_PARAM *param,
# define OSSL_SECURITY_BITS_H
# pragma once
-uint16_t ifc_ffc_compute_security_bits(int n);
+uint16_t ossl_ifc_ffc_compute_security_bits(int n);
#endif
char *sk_ASN1_UTF8STRING2text(STACK_OF(ASN1_UTF8STRING) *text, const char *sep,
size_t max_len);
-char *ipaddr_to_asc(unsigned char *p, int len);
+char *ossl_ipaddr_to_asc(unsigned char *p, int len);
-char *openssl_buf2hexstr_sep(const unsigned char *buf, long buflen, char sep);
-unsigned char *openssl_hexstr2buf_sep(const char *str, long *buflen,
- const char sep);
+char *ossl_buf2hexstr_sep(const unsigned char *buf, long buflen, char sep);
+unsigned char *ossl_hexstr2buf_sep(const char *str, long *buflen,
+ const char sep);
static ossl_inline int ossl_ends_with_dirsep(const char *path)
{
* create their own library context.
*/
if ((*provctx = ossl_prov_ctx_new()) == NULL
- || (corebiometh = bio_prov_init_bio_method()) == NULL) {
+ || (corebiometh = ossl_bio_prov_init_bio_method()) == NULL) {
ossl_prov_ctx_free(*provctx);
*provctx = NULL;
return 0;
return 1;
}
-BIO_METHOD *bio_prov_init_bio_method(void)
+BIO_METHOD *ossl_bio_prov_init_bio_method(void)
{
BIO_METHOD *corebiometh = NULL;
return corebiometh;
}
-BIO *bio_new_from_core_bio(PROV_CTX *provctx, OSSL_CORE_BIO *corebio)
+BIO *ossl_bio_new_from_core_bio(PROV_CTX *provctx, OSSL_CORE_BIO *corebio)
{
BIO *outbio;
BIO_METHOD *corebiometh = ossl_prov_ctx_get0_core_bio_method(provctx);
int ossl_prov_bio_vprintf(OSSL_CORE_BIO *bio, const char *format, va_list ap);
int ossl_prov_bio_printf(OSSL_CORE_BIO *bio, const char *format, ...);
-BIO_METHOD *bio_prov_init_bio_method(void);
-BIO *bio_new_from_core_bio(PROV_CTX *provctx, OSSL_CORE_BIO *corebio);
+BIO_METHOD *ossl_bio_prov_init_bio_method(void);
+BIO *ossl_bio_new_from_core_bio(PROV_CTX *provctx, OSSL_CORE_BIO *corebio);
* create their own library context.
*/
if ((*provctx = ossl_prov_ctx_new()) == NULL
- || (corebiometh = bio_prov_init_bio_method()) == NULL) {
+ || (corebiometh = ossl_bio_prov_init_bio_method()) == NULL) {
ossl_prov_ctx_free(*provctx);
*provctx = NULL;
return 0;
unsigned char **data, long *len)
{
BUF_MEM *mem = NULL;
- BIO *in = bio_new_from_core_bio(provctx, cin);
+ BIO *in = ossl_bio_new_from_core_bio(provctx, cin);
int ok = (asn1_d2i_read_bio(in, &mem) >= 0);
if (ok) {
static EVP_PKEY *read_msblob(PROV_CTX *provctx, OSSL_CORE_BIO *cin, int *ispub)
{
- BIO *in = bio_new_from_core_bio(provctx, cin);
+ BIO *in = ossl_bio_new_from_core_bio(provctx, cin);
EVP_PKEY *pkey = ossl_b2i_bio(in, ispub);
BIO_free(in);
if (!ossl_pw_set_ossl_passphrase_cb(&pwdata, pw_cb, pw_cbarg))
return NULL;
- in = bio_new_from_core_bio(provctx, cin);
+ in = ossl_bio_new_from_core_bio(provctx, cin);
pkey = b2i_PVK_bio(in, ossl_pw_pem_password, &pwdata);
BIO_free(in);
char **pem_name, char **pem_header,
unsigned char **data, long *len)
{
- BIO *in = bio_new_from_core_bio(provctx, cin);
+ BIO *in = ossl_bio_new_from_core_bio(provctx, cin);
int ok = (PEM_read_bio(in, pem_name, pem_header, data, len) > 0);
BIO_free(in);
ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_NULL_PARAMETER);
} else if (writer != NULL
&& (checker == NULL || checker(key, type))) {
- BIO *out = bio_new_from_core_bio(ctx->provctx, cout);
+ BIO *out = ossl_bio_new_from_core_bio(ctx->provctx, cout);
if (out != NULL
&& (pwcb == NULL
static int write_blob(void *provctx, OSSL_CORE_BIO *cout,
void *data, int len)
{
- BIO *out = bio_new_from_core_bio(provctx, cout);
+ BIO *out = ossl_bio_new_from_core_bio(provctx, cout);
int ret = BIO_write(out, data, len);
BIO_free(out);
static int write_msblob(struct key2ms_ctx_st *ctx, OSSL_CORE_BIO *cout,
EVP_PKEY *pkey, int ispub)
{
- BIO *out = bio_new_from_core_bio(ctx->provctx, cout);
+ BIO *out = ossl_bio_new_from_core_bio(ctx->provctx, cout);
int ret =
ispub ? i2b_PublicKey_bio(out, pkey) : i2b_PrivateKey_bio(out, pkey);
BIO *out = NULL;
int ret = 0;
- out = bio_new_from_core_bio(ctx->provctx, cout);
+ out = ossl_bio_new_from_core_bio(ctx->provctx, cout);
ret = i2b_PVK_bio(out, pkey, ctx->pvk_encr_level,
ossl_pw_pem_password, &ctx->pwdata);
BIO_free(out);
int selection),
OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg)
{
- BIO *out = bio_new_from_core_bio(vctx, cout);
+ BIO *out = ossl_bio_new_from_core_bio(vctx, cout);
int ret;
if (out == NULL)
if (!ossl_prov_is_running()
|| pkdfctx == NULL
|| vkdf == NULL
- || !kdf_data_up_ref(vkdf))
+ || !ossl_kdf_data_up_ref(vkdf))
return 0;
pkdfctx->kdfdata = vkdf;
PROV_KDF_CTX *pkdfctx = (PROV_KDF_CTX *)vpkdfctx;
EVP_KDF_CTX_free(pkdfctx->kdfctx);
- kdf_data_free(pkdfctx->kdfdata);
+ ossl_kdf_data_free(pkdfctx->kdfdata);
OPENSSL_free(pkdfctx);
}
OPENSSL_free(dstctx);
return NULL;
}
- if (!kdf_data_up_ref(dstctx->kdfdata)) {
+ if (!ossl_kdf_data_up_ref(dstctx->kdfdata)) {
EVP_KDF_CTX_free(dstctx->kdfctx);
OPENSSL_free(dstctx);
return NULL;
typedef struct kdf_data_st KDF_DATA;
-KDF_DATA *kdf_data_new(void *provctx);
-void kdf_data_free(KDF_DATA *kdfdata);
-int kdf_data_up_ref(KDF_DATA *kdfdata);
+KDF_DATA *ossl_kdf_data_new(void *provctx);
+void ossl_kdf_data_free(KDF_DATA *kdfdata);
+int ossl_kdf_data_up_ref(KDF_DATA *kdfdata);
/* This is an error, but there is no way to indicate such directly */
ossl_prov_digest_reset(&ctx->digest);
ctx->iter = PKCS5_DEFAULT_ITER;
- ctx->lower_bound_checks = kdf_pbkdf2_default_checks;
+ ctx->lower_bound_checks = ossl_kdf_pbkdf2_default_checks;
}
static int pbkdf2_set_membuf(unsigned char **buffer, size_t *buflen,
* Available in pbkdfe_fips.c, and compiled with different values depending
* on we're in the FIPS module or not.
*/
-extern const int kdf_pbkdf2_default_checks;
+extern const int ossl_kdf_pbkdf2_default_checks;
* Extra checks are done by default in fips mode only.
*/
#ifdef FIPS_MODULE
-const int kdf_pbkdf2_default_checks = 1;
+const int ossl_kdf_pbkdf2_default_checks = 1;
#else
-const int kdf_pbkdf2_default_checks = 0;
+const int ossl_kdf_pbkdf2_default_checks = 0;
#endif /* FIPS_MODULE */
static OSSL_FUNC_keymgmt_free_fn kdf_freedata;
static OSSL_FUNC_keymgmt_has_fn kdf_has;
-KDF_DATA *kdf_data_new(void *provctx)
+KDF_DATA *ossl_kdf_data_new(void *provctx)
{
KDF_DATA *kdfdata;
return kdfdata;
}
-void kdf_data_free(KDF_DATA *kdfdata)
+void ossl_kdf_data_free(KDF_DATA *kdfdata)
{
int ref = 0;
OPENSSL_free(kdfdata);
}
-int kdf_data_up_ref(KDF_DATA *kdfdata)
+int ossl_kdf_data_up_ref(KDF_DATA *kdfdata)
{
int ref = 0;
static void *kdf_newdata(void *provctx)
{
- return kdf_data_new(provctx);
+ return ossl_kdf_data_new(provctx);
}
static void kdf_freedata(void *kdfdata)
{
- kdf_data_free(kdfdata);
+ ossl_kdf_data_free(kdfdata);
}
static int kdf_has(const void *keydata, int selection)
void *file_attach(void *provctx, OSSL_CORE_BIO *cin)
{
struct file_ctx_st *ctx;
- BIO *new_bio = bio_new_from_core_bio(provctx, cin);
+ BIO *new_bio = ossl_bio_new_from_core_bio(provctx, cin);
if (new_bio == NULL)
return NULL;
* We're called from file_store.c, so we know that OSSL_CORE_BIO is a
* BIO in this case.
*/
- BIO *in = bio_new_from_core_bio(provctx, cin);
+ BIO *in = ossl_bio_new_from_core_bio(provctx, cin);
BUF_MEM *mem = NULL;
int err, ok;
char *out = NULL;
struct testdata *test = &tbl_testdata[test_index];
- if (!TEST_ptr(buf = openssl_hexstr2buf_sep(test->in, &len, test->sep))
+ if (!TEST_ptr(buf = ossl_hexstr2buf_sep(test->in, &len, test->sep))
|| !TEST_mem_eq(buf, len, test->expected, test->expected_len)
- || !TEST_ptr(out = openssl_buf2hexstr_sep(buf, len, test->sep))
+ || !TEST_ptr(out = ossl_buf2hexstr_sep(buf, len, test->sep))
|| !TEST_str_eq(out, test->in))
goto err;