BIO_printf(bio_err,
"Everything appears to be ok, creating and signing the certificate\n");
- if ((ret = X509_new_with_libctx(app_get0_libctx(), app_get0_propq())) == NULL)
+ if ((ret = X509_new_ex(app_get0_libctx(), app_get0_propq())) == NULL)
goto end;
#ifdef X509_V3
{
CMS_ContentInfo *ret, *ci;
- ret = CMS_ContentInfo_new_with_libctx(libctx, propq);
+ ret = CMS_ContentInfo_new_ex(libctx, propq);
if (ret == NULL) {
BIO_printf(bio_err, "Error allocating CMS_contentinfo\n");
return NULL;
ret = 3;
if (operation == SMIME_DATA_CREATE) {
- cms = CMS_data_create_with_libctx(in, flags, libctx, propq);
+ cms = CMS_data_create_ex(in, flags, libctx, propq);
} else if (operation == SMIME_DIGEST_CREATE) {
- cms = CMS_digest_create_with_libctx(in, sign_md, flags, libctx, propq);
+ cms = CMS_digest_create_ex(in, sign_md, flags, libctx, propq);
} else if (operation == SMIME_COMPRESS) {
cms = CMS_compress(in, -1, flags);
} else if (operation == SMIME_ENCRYPT) {
int i;
flags |= CMS_PARTIAL;
- cms = CMS_encrypt_with_libctx(NULL, in, cipher, flags, libctx, propq);
+ cms = CMS_encrypt_ex(NULL, in, cipher, flags, libctx, propq);
if (cms == NULL)
goto end;
for (i = 0; i < sk_X509_num(encerts); i++) {
goto end;
}
} else if (operation == SMIME_ENCRYPTED_ENCRYPT) {
- cms = CMS_EncryptedData_encrypt_with_libctx(in, cipher, secret_key,
- secret_keylen, flags,
- libctx, propq);
+ cms = CMS_EncryptedData_encrypt_ex(in, cipher, secret_key,
+ secret_keylen, flags, libctx, propq);
} else if (operation == SMIME_SIGN_RECEIPT) {
CMS_ContentInfo *srcms = NULL;
flags |= CMS_STREAM;
}
flags |= CMS_PARTIAL;
- cms = CMS_sign_with_libctx(NULL, NULL, other, in, flags, libctx, propq);
+ cms = CMS_sign_ex(NULL, NULL, other, in, flags, libctx, propq);
if (cms == NULL)
goto end;
if (econtent_type != NULL)
} else {
rct_from = NULL;
}
- rr = CMS_ReceiptRequest_create0_with_libctx(NULL, -1, rr_allorfirst,
- rct_from, rct_to, libctx, propq);
+ rr = CMS_ReceiptRequest_create0_ex(NULL, -1, rr_allorfirst, rct_from,
+ rct_to, libctx, propq);
return rr;
err:
sk_GENERAL_NAMES_pop_free(rct_to, GENERAL_NAMES_free);
CONF *conf;
int i;
- conf = NCONF_new_with_libctx(app_libctx, NULL);
+ conf = NCONF_new_ex(app_libctx, NULL);
i = NCONF_load_bio(conf, in, &errorline);
if (i > 0)
return conf;
ctx = OSSL_STORE_attach(bio, "file", libctx, propq,
get_ui_method(), &uidata, NULL, NULL);
} else {
- ctx = OSSL_STORE_open_with_libctx(uri, libctx, propq, get_ui_method(),
- &uidata, NULL, NULL);
+ ctx = OSSL_STORE_open_ex(uri, libctx, propq, get_ui_method(), &uidata,
+ NULL, NULL);
}
if (ctx == NULL) {
BIO_printf(bio_err, "Could not open file or uri for loading");
if (lookup == NULL)
goto end;
if (CAfile != NULL) {
- if (!X509_LOOKUP_load_file_with_libctx(lookup, CAfile,
- X509_FILETYPE_PEM,
- libctx, propq)) {
+ if (!X509_LOOKUP_load_file_ex(lookup, CAfile, X509_FILETYPE_PEM,
+ libctx, propq)) {
BIO_printf(bio_err, "Error loading file %s\n", CAfile);
goto end;
}
} else {
- X509_LOOKUP_load_file_with_libctx(lookup, NULL,
- X509_FILETYPE_DEFAULT,
- libctx, propq);
+ X509_LOOKUP_load_file_ex(lookup, NULL, X509_FILETYPE_DEFAULT,
+ libctx, propq);
}
}
lookup = X509_STORE_add_lookup(store, X509_LOOKUP_store());
if (lookup == NULL)
goto end;
- if (!X509_LOOKUP_add_store_with_libctx(lookup, CAstore, libctx, propq)) {
+ if (!X509_LOOKUP_add_store_ex(lookup, CAstore, libctx, propq)) {
if (CAstore != NULL)
BIO_printf(bio_err, "Error loading store URI %s\n", CAstore);
goto end;
STACK_OF(X509) *chn = NULL;
int i = 0;
- store_ctx = X509_STORE_CTX_new_with_libctx(app_get0_libctx(),
- app_get0_propq());
+ store_ctx = X509_STORE_CTX_new_ex(app_get0_libctx(), app_get0_propq());
if (store_ctx == NULL) {
i = X509_V_ERR_UNSPECIFIED;
goto end;
if (in == NULL)
goto end;
- p7 = PKCS7_new_with_libctx(libctx, propq);
+ p7 = PKCS7_new_ex(libctx, propq);
if (p7 == NULL) {
BIO_printf(bio_err, "unable to allocate PKCS7 object\n");
ERR_print_errors(bio_err);
if (x509) {
EVP_PKEY *tmppkey;
X509V3_CTX ext_ctx;
- if ((x509ss = X509_new_with_libctx(app_get0_libctx(),
- app_get0_propq())) == NULL)
+ if ((x509ss = X509_new_ex(app_get0_libctx(), app_get0_propq())) == NULL)
goto end;
/* Set version to V3 */
if (operation & SMIME_IP) {
PKCS7 *p7_in = NULL;
- p7 = PKCS7_new_with_libctx(libctx, propq);
+ p7 = PKCS7_new_ex(libctx, propq);
if (p7 == NULL) {
BIO_printf(bio_err, "Error allocating PKCS7 object\n");
goto end;
if (operation == SMIME_ENCRYPT) {
if (indef)
flags |= PKCS7_STREAM;
- p7 = PKCS7_encrypt_with_libctx(encerts, in, cipher, flags, libctx, propq);
+ p7 = PKCS7_encrypt_ex(encerts, in, cipher, flags, libctx, propq);
} else if (operation & SMIME_SIGNERS) {
int i;
/*
flags |= PKCS7_STREAM;
}
flags |= PKCS7_PARTIAL;
- p7 = PKCS7_sign_with_libctx(NULL, NULL, other, in, flags, libctx,
- propq);
+ p7 = PKCS7_sign_ex(NULL, NULL, other, in, flags, libctx, propq);
if (p7 == NULL)
goto end;
if (flags & PKCS7_NOCERTS) {
OSSL_STORE_CTX *store_ctx = NULL;
int ret = 1, items = 0;
- if ((store_ctx = OSSL_STORE_open_with_libctx(uri, libctx, propq,
- uimeth, uidata, NULL, NULL))
+ if ((store_ctx = OSSL_STORE_open_ex(uri, libctx, propq, uimeth, uidata,
+ NULL, NULL))
== NULL) {
BIO_printf(bio_err, "Couldn't open file or uri %s\n", uri);
ERR_print_errors(bio_err);
BIO_printf(bio_err, "memory allocation failure\n");
goto err;
}
- if (!X509_LOOKUP_load_file_with_libctx(lookup, CAfile,
- X509_FILETYPE_PEM,
- libctx, propq)) {
+ if (!X509_LOOKUP_load_file_ex(lookup, CAfile, X509_FILETYPE_PEM, libctx,
+ propq)) {
BIO_printf(bio_err, "Error loading file %s\n", CAfile);
goto err;
}
BIO_printf(bio_err, "memory allocation failure\n");
goto err;
}
- if (!X509_LOOKUP_load_store_with_libctx(lookup, CAstore, libctx, propq)) {
+ if (!X509_LOOKUP_load_store_ex(lookup, CAstore, libctx, propq)) {
BIO_printf(bio_err, "Error loading store URI %s\n", CAstore);
goto err;
}
goto end;
}
- if (!X509_STORE_set_default_paths_with_libctx(ctx, app_get0_libctx(),
- app_get0_propq())) {
+ if (!X509_STORE_set_default_paths_ex(ctx, app_get0_libctx(),
+ app_get0_propq())) {
ERR_print_errors(bio_err);
goto end;
}
"We need a private key to sign with, use -signkey or -CAkey or -CA <file> with private key\n");
goto end;
}
- if ((x = X509_new_with_libctx(app_get0_libctx(), app_get0_propq())) == NULL)
+ if ((x = X509_new_ex(app_get0_libctx(), app_get0_propq())) == NULL)
goto end;
if (sno == NULL) {
#endif
-int asn1_item_digest_with_libctx(const ASN1_ITEM *it, const EVP_MD *md,
- void *asn, unsigned char *data,
- unsigned int *len, OPENSSL_CTX *libctx,
- const char *propq)
+int asn1_item_digest_ex(const ASN1_ITEM *it, const EVP_MD *md, void *asn,
+ unsigned char *data, unsigned int *len,
+ OPENSSL_CTX *libctx, const char *propq)
{
int i, ret = 0;
unsigned char *str = NULL;
int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *md, void *asn,
unsigned char *data, unsigned int *len)
{
- return asn1_item_digest_with_libctx(it, md, asn, data, len, NULL, NULL);
+ return asn1_item_digest_ex(it, md, asn, data, len, NULL, NULL);
}
ASN1_BIT_STRING *signature, const void *data,
EVP_PKEY *pkey, const EVP_MD *md)
{
- return ASN1_item_sign_with_libctx(it, algor1, algor2, signature, data, NULL,
- pkey, md, NULL, NULL);
+ return ASN1_item_sign_ex(it, algor1, algor2, signature, data, NULL, pkey,
+ md, NULL, NULL);
}
-int ASN1_item_sign_with_libctx(const ASN1_ITEM *it, X509_ALGOR *algor1,
- X509_ALGOR *algor2, ASN1_BIT_STRING *signature,
- const void *data, const ASN1_OCTET_STRING *id,
- EVP_PKEY *pkey, const EVP_MD *md,
- OPENSSL_CTX *libctx, const char *propq)
+int ASN1_item_sign_ex(const ASN1_ITEM *it, X509_ALGOR *algor1,
+ X509_ALGOR *algor2, ASN1_BIT_STRING *signature,
+ const void *data, const ASN1_OCTET_STRING *id,
+ EVP_PKEY *pkey, const EVP_MD *md, OPENSSL_CTX *libctx,
+ const char *propq)
{
int rv = 0;
- EVP_MD_CTX *ctx = evp_md_ctx_new_with_libctx(pkey, id, libctx, propq);
+ EVP_MD_CTX *ctx = evp_md_ctx_new_ex(pkey, id, libctx, propq);
if (ctx == NULL) {
ASN1err(0, ERR_R_MALLOC_FAILURE);
const ASN1_BIT_STRING *signature, const void *data,
EVP_PKEY *pkey)
{
- return ASN1_item_verify_with_libctx(it, alg, signature, data, NULL, pkey,
- NULL, NULL);
+ return ASN1_item_verify_ex(it, alg, signature, data, NULL, pkey, NULL, NULL);
}
-int ASN1_item_verify_with_libctx(const ASN1_ITEM *it, const X509_ALGOR *alg,
- const ASN1_BIT_STRING *signature,
- const void *data,
- const ASN1_OCTET_STRING *id, EVP_PKEY *pkey,
- OPENSSL_CTX *libctx, const char *propq)
+int ASN1_item_verify_ex(const ASN1_ITEM *it, const X509_ALGOR *alg,
+ const ASN1_BIT_STRING *signature, const void *data,
+ const ASN1_OCTET_STRING *id, EVP_PKEY *pkey,
+ OPENSSL_CTX *libctx, const char *propq)
{
EVP_MD_CTX *ctx;
int rv = -1;
- if ((ctx = evp_md_ctx_new_with_libctx(pkey, id, libctx, propq)) != NULL) {
+ if ((ctx = evp_md_ctx_new_ex(pkey, id, libctx, propq)) != NULL) {
rv = ASN1_item_verify_ctx(it, alg, signature, data, ctx);
EVP_PKEY_CTX_free(EVP_MD_CTX_pkey_ctx(ctx));
EVP_MD_CTX_free(ctx);
/* SMIME sender */
-int SMIME_write_ASN1_with_libctx(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
- int ctype_nid, int econt_nid,
- STACK_OF(X509_ALGOR) *mdalgs,
- const ASN1_ITEM *it,
- OPENSSL_CTX *libctx, const char *propq)
+int SMIME_write_ASN1_ex(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
+ int ctype_nid, int econt_nid,
+ STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it,
+ OPENSSL_CTX *libctx, const char *propq)
{
char bound[33], c;
int i;
int ctype_nid, int econt_nid,
STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it)
{
- return SMIME_write_ASN1_with_libctx(bio, val, data, flags, ctype_nid,
- econt_nid, mdalgs, it, NULL, NULL);
+ return SMIME_write_ASN1_ex(bio, val, data, flags, ctype_nid, econt_nid,
+ mdalgs, it, NULL, NULL);
}
/* Handle output of ASN1 data */
if (!ret->ameth->old_priv_decode ||
!ret->ameth->old_priv_decode(ret, &p, length)) {
if (ret->ameth->priv_decode != NULL
- || ret->ameth->priv_decode_with_libctx != NULL) {
+ || ret->ameth->priv_decode_ex != NULL) {
EVP_PKEY *tmp;
PKCS8_PRIV_KEY_INFO *p8 = NULL;
p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, length);
if (p8 == NULL)
goto err;
- tmp = EVP_PKCS82PKEY_with_libctx(p8, libctx, propq);
+ tmp = EVP_PKCS82PKEY_ex(p8, libctx, propq);
PKCS8_PRIV_KEY_INFO_free(p8);
if (tmp == NULL)
goto err;
ASN1err(0, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
return NULL;
}
- ret = EVP_PKCS82PKEY_with_libctx(p8, libctx, propq);
+ ret = EVP_PKCS82PKEY_ex(p8, libctx, propq);
PKCS8_PRIV_KEY_INFO_free(p8);
if (ret == NULL)
return NULL;
if ((prot = ASN1_BIT_STRING_new()) == NULL)
return NULL;
- if (ASN1_item_sign_with_libctx(ASN1_ITEM_rptr(OSSL_CMP_PROTECTEDPART),
- NULL, NULL, prot, &prot_part, NULL,
- ctx->pkey, md, ctx->libctx, ctx->propq))
+ if (ASN1_item_sign_ex(ASN1_ITEM_rptr(OSSL_CMP_PROTECTEDPART), NULL,
+ NULL, prot, &prot_part, NULL, ctx->pkey, md,
+ ctx->libctx, ctx->propq))
return prot;
ASN1_BIT_STRING_free(prot);
return NULL;
goto err;
}
- if ((csc = X509_STORE_CTX_new_with_libctx(libctx, propq)) == NULL)
+ if ((csc = X509_STORE_CTX_new_ex(libctx, propq)) == NULL)
goto err;
if (store == NULL && certs != NULL
&& !ossl_cmp_X509_STORE_add1_certs(ts, certs, 0))
prot_part.header = msg->header;
prot_part.body = msg->body;
- if (ASN1_item_verify_with_libctx(ASN1_ITEM_rptr(OSSL_CMP_PROTECTEDPART),
- msg->header->protectionAlg,
- msg->protection, &prot_part, NULL, pubkey,
- cmp_ctx->libctx, cmp_ctx->propq) > 0) {
+ if (ASN1_item_verify_ex(ASN1_ITEM_rptr(OSSL_CMP_PROTECTEDPART),
+ msg->header->protectionAlg, msg->protection,
+ &prot_part, NULL, pubkey, cmp_ctx->libctx,
+ cmp_ctx->propq) > 0) {
res = 1;
goto end;
}
return 0;
}
- if ((csc = X509_STORE_CTX_new_with_libctx(ctx->libctx, ctx->propq)) == NULL
+ if ((csc = X509_STORE_CTX_new_ex(ctx->libctx, ctx->propq)) == NULL
|| !X509_STORE_CTX_init(csc, trusted_store,
cert, ctx->untrusted))
goto err;
{
X509_REQ *req = msg->body->value.p10cr;
- if (X509_REQ_verify_with_libctx(req, X509_REQ_get0_pubkey(req),
- ctx->libctx, ctx->propq) <= 0) {
+ if (X509_REQ_verify_ex(req, X509_REQ_get0_pubkey(req), ctx->libctx,
+ ctx->propq) <= 0) {
#ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
CMPerr(0, CMP_R_REQUEST_NOT_ACCEPTED);
return 0;
CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
return NULL;
}
- cms = CMS_ContentInfo_new_with_libctx(libctx, propq);
+ cms = CMS_ContentInfo_new_ex(libctx, propq);
if (cms == NULL)
return NULL;
CMS_ContentInfo *cms;
CMS_DigestedData *dd;
- cms = CMS_ContentInfo_new_with_libctx(libctx, propq);
+ cms = CMS_ContentInfo_new_ex(libctx, propq);
if (cms == NULL)
return NULL;
return NULL;
}
-CMS_ContentInfo *CMS_EnvelopedData_create_with_libctx(const EVP_CIPHER *cipher,
- OPENSSL_CTX *libctx,
- const char *propq)
+CMS_ContentInfo *CMS_EnvelopedData_create_ex(const EVP_CIPHER *cipher,
+ OPENSSL_CTX *libctx,
+ const char *propq)
{
CMS_ContentInfo *cms;
CMS_EnvelopedData *env;
- cms = CMS_ContentInfo_new_with_libctx(libctx, propq);
+ cms = CMS_ContentInfo_new_ex(libctx, propq);
if (cms == NULL)
goto merr;
env = cms_enveloped_data_init(cms);
CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher)
{
- return CMS_EnvelopedData_create_with_libctx(cipher, NULL, NULL);
+ return CMS_EnvelopedData_create_ex(cipher, NULL, NULL);
}
CMS_ContentInfo *
-CMS_AuthEnvelopedData_create_with_libctx(const EVP_CIPHER *cipher,
- OPENSSL_CTX *libctx,
- const char *propq)
+CMS_AuthEnvelopedData_create_ex(const EVP_CIPHER *cipher, OPENSSL_CTX *libctx,
+ const char *propq)
{
CMS_ContentInfo *cms;
CMS_AuthEnvelopedData *aenv;
- cms = CMS_ContentInfo_new_with_libctx(libctx, propq);
+ cms = CMS_ContentInfo_new_ex(libctx, propq);
if (cms == NULL)
goto merr;
aenv = cms_auth_enveloped_data_init(cms);
CMS_ContentInfo *CMS_AuthEnvelopedData_create(const EVP_CIPHER *cipher)
{
- return CMS_AuthEnvelopedData_create_with_libctx(cipher, NULL, NULL);
+ return CMS_AuthEnvelopedData_create_ex(cipher, NULL, NULL);
}
/* Key Transport Recipient Info (KTRI) routines */
return ret;
}
-CMS_ReceiptRequest *CMS_ReceiptRequest_create0_with_libctx(
+CMS_ReceiptRequest *CMS_ReceiptRequest_create0_ex(
unsigned char *id, int idlen, int allorfirst,
STACK_OF(GENERAL_NAMES) *receiptList, STACK_OF(GENERAL_NAMES) *receiptsTo,
OPENSSL_CTX *libctx, const char *propq)
unsigned char *id, int idlen, int allorfirst,
STACK_OF(GENERAL_NAMES) *receiptList, STACK_OF(GENERAL_NAMES) *receiptsTo)
{
- return CMS_ReceiptRequest_create0_with_libctx(id, idlen, allorfirst,
- receiptList, receiptsTo,
- NULL, NULL);
+ return CMS_ReceiptRequest_create0_ex(id, idlen, allorfirst, receiptList,
+ receiptsTo, NULL, NULL);
}
int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr)
if (md == NULL)
return 0;
- if (!asn1_item_digest_with_libctx(ASN1_ITEM_rptr(CMS_Attributes_Verify), md,
- si->signedAttrs, dig, diglen,
- si->cms_ctx->libctx, si->cms_ctx->propq))
+ if (!asn1_item_digest_ex(ASN1_ITEM_rptr(CMS_Attributes_Verify), md,
+ si->signedAttrs, dig, diglen, si->cms_ctx->libctx,
+ si->cms_ctx->propq))
return 0;
return 1;
}
else
mdalgs = NULL;
- return SMIME_write_ASN1_with_libctx(bio, (ASN1_VALUE *)cms, data, flags,
- ctype_nid, econt_nid, mdalgs,
- ASN1_ITEM_rptr(CMS_ContentInfo),
- cms_ctx_get0_libctx(ctx),
- cms_ctx_get0_propq(ctx));
+ return SMIME_write_ASN1_ex(bio, (ASN1_VALUE *)cms, data, flags, ctype_nid,
+ econt_nid, mdalgs,
+ ASN1_ITEM_rptr(CMS_ContentInfo),
+ cms_ctx_get0_libctx(ctx),
+ cms_ctx_get0_propq(ctx));
}
CMS_ContentInfo *SMIME_read_CMS_ex(BIO *bio, BIO **bcont, CMS_ContentInfo **cms)
return ASN1_item_i2d((const ASN1_VALUE *)a, out, (CMS_ContentInfo_it()));
}
-CMS_ContentInfo *CMS_ContentInfo_new_with_libctx(OPENSSL_CTX *libctx,
- const char *propq)
+CMS_ContentInfo *CMS_ContentInfo_new_ex(OPENSSL_CTX *libctx, const char *propq)
{
CMS_ContentInfo *ci;
CMS_ContentInfo *CMS_ContentInfo_new(void)
{
- return CMS_ContentInfo_new_with_libctx(NULL, NULL);
+ return CMS_ContentInfo_new_ex(NULL, NULL);
}
void CMS_ContentInfo_free(CMS_ContentInfo *cms)
CMS_ContentInfo *cms_Data_create(OPENSSL_CTX *libctx, const char *propq)
{
- CMS_ContentInfo *cms = CMS_ContentInfo_new_with_libctx(libctx, propq);
+ CMS_ContentInfo *cms = CMS_ContentInfo_new_ex(libctx, propq);
if (cms != NULL) {
cms->contentType = OBJ_nid2obj(NID_pkcs7_data);
goto err;
if (EVP_PKEY_CTX_set_signature_md(si->pctx, md) <= 0)
goto err;
- } else if (EVP_DigestSignInit_with_libctx(si->mctx, &si->pctx,
- EVP_MD_name(md),
- ctx->libctx, ctx->propq,
- pk) <= 0) {
+ } else if (EVP_DigestSignInit_ex(si->mctx, &si->pctx, EVP_MD_name(md),
+ ctx->libctx, ctx->propq, pk) <= 0) {
goto err;
}
}
CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN, ERR_R_MALLOC_FAILURE);
goto err;
}
- if (!EVP_SignFinal_with_libctx(mctx, sig, &siglen, si->pkey,
- ctx->libctx, ctx->propq)) {
+ if (!EVP_SignFinal_ex(mctx, sig, &siglen, si->pkey, ctx->libctx,
+ ctx->propq)) {
CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN, CMS_R_SIGNFINAL_ERROR);
OPENSSL_free(sig);
goto err;
pctx = si->pctx;
else {
EVP_MD_CTX_reset(mctx);
- if (EVP_DigestSignInit_with_libctx(mctx, &pctx,
- md_name, ctx->libctx, ctx->propq,
- si->pkey) <= 0)
+ if (EVP_DigestSignInit_ex(mctx, &pctx, md_name, ctx->libctx, ctx->propq,
+ si->pkey) <= 0)
goto err;
si->pctx = pctx;
}
goto err;
}
mctx = si->mctx;
- if (EVP_DigestVerifyInit_with_libctx(mctx, &si->pctx,
- EVP_MD_name(md), ctx->libctx, NULL,
- si->pkey) <= 0)
+ if (EVP_DigestVerifyInit_ex(mctx, &si->pctx, EVP_MD_name(md), ctx->libctx,
+ NULL, si->pkey) <= 0)
goto err;
if (!cms_sd_asn1_ctrl(si, 1))
return r;
}
-CMS_ContentInfo *CMS_data_create_with_libctx(BIO *in, unsigned int flags,
- OPENSSL_CTX *libctx,
- const char *propq)
+CMS_ContentInfo *CMS_data_create_ex(BIO *in, unsigned int flags,
+ OPENSSL_CTX *libctx, const char *propq)
{
CMS_ContentInfo *cms = cms_Data_create(libctx, propq);
CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags)
{
- return CMS_data_create_with_libctx(in, flags, NULL, NULL);
+ return CMS_data_create_ex(in, flags, NULL, NULL);
}
int CMS_digest_verify(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
return r;
}
-CMS_ContentInfo *CMS_digest_create_with_libctx(BIO *in,
- const EVP_MD *md,
- unsigned int flags,
- OPENSSL_CTX *ctx,
- const char *propq)
+CMS_ContentInfo *CMS_digest_create_ex(BIO *in, const EVP_MD *md,
+ unsigned int flags, OPENSSL_CTX *ctx,
+ const char *propq)
{
CMS_ContentInfo *cms;
CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md,
unsigned int flags)
{
- return CMS_digest_create_with_libctx(in, md, flags, NULL, NULL);
+ return CMS_digest_create_ex(in, md, flags, NULL, NULL);
}
int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms,
return r;
}
-CMS_ContentInfo *CMS_EncryptedData_encrypt_with_libctx(BIO *in,
- const EVP_CIPHER *cipher,
- const unsigned char *key,
- size_t keylen,
- unsigned int flags,
- OPENSSL_CTX *libctx,
- const char *propq)
+CMS_ContentInfo *CMS_EncryptedData_encrypt_ex(BIO *in, const EVP_CIPHER *cipher,
+ const unsigned char *key,
+ size_t keylen, unsigned int flags,
+ OPENSSL_CTX *libctx,
+ const char *propq)
{
CMS_ContentInfo *cms;
CMSerr(0, CMS_R_NO_CIPHER);
return NULL;
}
- cms = CMS_ContentInfo_new_with_libctx(libctx, propq);
+ cms = CMS_ContentInfo_new_ex(libctx, propq);
if (cms == NULL)
return NULL;
if (!CMS_EncryptedData_set1_key(cms, cipher, key, keylen))
const unsigned char *key,
size_t keylen, unsigned int flags)
{
- return CMS_EncryptedData_encrypt_with_libctx(in, cipher, key, keylen, flags,
- NULL, NULL);
+ return CMS_EncryptedData_encrypt_ex(in, cipher, key, keylen, flags, NULL,
+ NULL);
}
static int cms_signerinfo_verify_cert(CMS_SignerInfo *si,
X509 *signer;
int i, j, r = 0;
- ctx = X509_STORE_CTX_new_with_libctx(cms_ctx->libctx, cms_ctx->propq);
+ ctx = X509_STORE_CTX_new_ex(cms_ctx->libctx, cms_ctx->propq);
if (ctx == NULL) {
CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CERT, ERR_R_MALLOC_FAILURE);
goto err;
return cms_Receipt_verify(rcms, ocms);
}
-CMS_ContentInfo *CMS_sign_with_libctx(X509 *signcert, EVP_PKEY *pkey,
- STACK_OF(X509) *certs, BIO *data,
- unsigned int flags,
- OPENSSL_CTX *libctx, const char *propq)
+CMS_ContentInfo *CMS_sign_ex(X509 *signcert, EVP_PKEY *pkey,
+ STACK_OF(X509) *certs, BIO *data,
+ unsigned int flags, OPENSSL_CTX *libctx,
+ const char *propq)
{
CMS_ContentInfo *cms;
int i;
- cms = CMS_ContentInfo_new_with_libctx(libctx, propq);
+ cms = CMS_ContentInfo_new_ex(libctx, propq);
if (cms == NULL || !CMS_SignedData_init(cms))
goto merr;
if (flags & CMS_ASCIICRLF
CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
BIO *data, unsigned int flags)
{
- return CMS_sign_with_libctx(signcert, pkey, certs, data, flags, NULL, NULL);
+ return CMS_sign_ex(signcert, pkey, certs, data, flags, NULL, NULL);
}
CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
/* Initialize signed data */
- cms = CMS_sign_with_libctx(NULL, NULL, certs, NULL, flags,
- ctx->libctx, ctx->propq);
+ cms = CMS_sign_ex(NULL, NULL, certs, NULL, flags, ctx->libctx, ctx->propq);
if (cms == NULL)
goto err;
}
-CMS_ContentInfo *CMS_encrypt_with_libctx(STACK_OF(X509) *certs,
- BIO *data, const EVP_CIPHER *cipher,
- unsigned int flags,
- OPENSSL_CTX *libctx, const char *propq)
+CMS_ContentInfo *CMS_encrypt_ex(STACK_OF(X509) *certs, BIO *data,
+ const EVP_CIPHER *cipher, unsigned int flags,
+ OPENSSL_CTX *libctx, const char *propq)
{
CMS_ContentInfo *cms;
int i;
cms = (EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER)
- ? CMS_AuthEnvelopedData_create_with_libctx(cipher, libctx, propq)
- : CMS_EnvelopedData_create_with_libctx(cipher, libctx, propq);
+ ? CMS_AuthEnvelopedData_create_ex(cipher, libctx, propq)
+ : CMS_EnvelopedData_create_ex(cipher, libctx, propq);
if (cms == NULL)
goto merr;
for (i = 0; i < sk_X509_num(certs); i++) {
CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *data,
const EVP_CIPHER *cipher, unsigned int flags)
{
- return CMS_encrypt_with_libctx(certs, data, cipher, flags, NULL, NULL);
+ return CMS_encrypt_ex(certs, data, cipher, flags, NULL, NULL);
}
static int cms_kari_set1_pkey_and_peer(CMS_ContentInfo *cms,
* the "CONF classic" functions, for consistency.
*/
-CONF *NCONF_new_with_libctx(OPENSSL_CTX *libctx, CONF_METHOD *meth)
+CONF *NCONF_new_ex(OPENSSL_CTX *libctx, CONF_METHOD *meth)
{
CONF *ret;
CONF *NCONF_new(CONF_METHOD *meth)
{
- return NCONF_new_with_libctx(NULL, meth);
+ return NCONF_new_ex(NULL, meth);
}
void NCONF_free(CONF *conf)
}
-int CONF_modules_load_file_with_libctx(OPENSSL_CTX *libctx,
- const char *filename,
- const char *appname, unsigned long flags)
+int CONF_modules_load_file_ex(OPENSSL_CTX *libctx, const char *filename,
+ const char *appname, unsigned long flags)
{
char *file = NULL;
CONF *conf = NULL;
int ret = 0, diagnostics = 0;
- conf = NCONF_new_with_libctx(libctx, NULL);
+ conf = NCONF_new_ex(libctx, NULL);
if (conf == NULL)
goto err;
int CONF_modules_load_file(const char *filename,
const char *appname, unsigned long flags)
{
- return CONF_modules_load_file_with_libctx(NULL, filename, appname, flags);
+ return CONF_modules_load_file_ex(NULL, filename, appname, flags);
}
DEFINE_RUN_ONCE_STATIC(do_load_builtin_modules)
#ifndef FIPS_MODULE
int OPENSSL_CTX_load_config(OPENSSL_CTX *ctx, const char *config_file)
{
- return CONF_modules_load_file_with_libctx(ctx, config_file, NULL, 0) > 0;
+ return CONF_modules_load_file_ex(ctx, config_file, NULL, 0) > 0;
}
#endif
return 0;
}
- return ASN1_item_sign_with_libctx(ASN1_ITEM_rptr(OSSL_CRMF_CERTREQUEST),
- ps->algorithmIdentifier, NULL,
- ps->signature, cr, NULL, pkey, digest,
- libctx, propq);
+ return ASN1_item_sign_ex(ASN1_ITEM_rptr(OSSL_CRMF_CERTREQUEST),
+ ps->algorithmIdentifier, NULL, ps->signature, cr,
+ NULL, pkey, digest, libctx, propq);
}
it = ASN1_ITEM_rptr(OSSL_CRMF_CERTREQUEST);
asn = req->certReq;
}
- if (ASN1_item_verify_with_libctx(it, sig->algorithmIdentifier,
- sig->signature, asn, NULL,
- X509_PUBKEY_get0(pubkey),
- libctx, propq) < 1)
+ if (ASN1_item_verify_ex(it, sig->algorithmIdentifier, sig->signature,
+ asn, NULL, X509_PUBKEY_get0(pubkey), libctx,
+ propq) < 1)
return 0;
break;
case OSSL_CRMF_POPO_KEYENC:
outlen += n;
/* convert decrypted certificate from DER to internal ASN.1 structure */
- if ((cert = X509_new_with_libctx(libctx, propq)) == NULL)
+ if ((cert = X509_new_ex(libctx, propq)) == NULL)
goto end;
if (d2i_X509(&cert, &p, outlen) == NULL)
CRMFerr(CRMF_F_OSSL_CRMF_ENCRYPTEDVALUE_GET1_ENCCERT,
* 0 on decoding failure, or invalid parameter if any
* -1 on internal (malloc) failure
*/
-int CTLOG_new_from_base64_with_libctx(CTLOG **ct_log, const char *pkey_base64,
- const char *name, OPENSSL_CTX *libctx,
- const char *propq)
+int CTLOG_new_from_base64_ex(CTLOG **ct_log, const char *pkey_base64,
+ const char *name, OPENSSL_CTX *libctx,
+ const char *propq)
{
unsigned char *pkey_der = NULL;
int pkey_der_len;
return 0;
}
- *ct_log = CTLOG_new_with_libctx(pkey, name, libctx, propq);
+ *ct_log = CTLOG_new_ex(pkey, name, libctx, propq);
if (*ct_log == NULL) {
EVP_PKEY_free(pkey);
return 0;
int CTLOG_new_from_base64(CTLOG **ct_log, const char *pkey_base64,
const char *name)
{
- return CTLOG_new_from_base64_with_libctx(ct_log, pkey_base64, name, NULL,
- NULL);
+ return CTLOG_new_from_base64_ex(ct_log, pkey_base64, name, NULL, NULL);
}
return ret;
}
-CTLOG_STORE *CTLOG_STORE_new_with_libctx(OPENSSL_CTX *libctx, const char *propq)
+CTLOG_STORE *CTLOG_STORE_new_ex(OPENSSL_CTX *libctx, const char *propq)
{
CTLOG_STORE *ret = OPENSSL_zalloc(sizeof(*ret));
CTLOG_STORE *CTLOG_STORE_new(void)
{
- return CTLOG_STORE_new_with_libctx(NULL, NULL);
+ return CTLOG_STORE_new_ex(NULL, NULL);
}
void CTLOG_STORE_free(CTLOG_STORE *store)
return 0;
}
- return CTLOG_new_from_base64_with_libctx(ct_log, pkey_base64, description,
- store->libctx, store->propq);
+ return CTLOG_new_from_base64_ex(ct_log, pkey_base64, description,
+ store->libctx, store->propq);
}
int CTLOG_STORE_load_default_file(CTLOG_STORE *store)
* Takes ownership of the public key.
* Copies the name.
*/
-CTLOG *CTLOG_new_with_libctx(EVP_PKEY *public_key, const char *name,
- OPENSSL_CTX *libctx, const char *propq)
+CTLOG *CTLOG_new_ex(EVP_PKEY *public_key, const char *name, OPENSSL_CTX *libctx,
+ const char *propq)
{
CTLOG *ret = OPENSSL_zalloc(sizeof(*ret));
CTLOG *CTLOG_new(EVP_PKEY *public_key, const char *name)
{
- return CTLOG_new_with_libctx(public_key, name, NULL, NULL);
+ return CTLOG_new_ex(public_key, name, NULL, NULL);
}
/* Frees CT log and associated structures */
*/
static const time_t SCT_CLOCK_DRIFT_TOLERANCE = 300;
-CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new_with_libctx(OPENSSL_CTX *libctx,
- const char *propq)
+CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new_ex(OPENSSL_CTX *libctx,
+ const char *propq)
{
CT_POLICY_EVAL_CTX *ctx = OPENSSL_zalloc(sizeof(CT_POLICY_EVAL_CTX));
CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new(void)
{
- return CT_POLICY_EVAL_CTX_new_with_libctx(NULL, NULL);
+ return CT_POLICY_EVAL_CTX_new_ex(NULL, NULL);
}
void CT_POLICY_EVAL_CTX_free(CT_POLICY_EVAL_CTX *ctx)
if (ctx == NULL)
goto end;
- if (!EVP_DigestVerifyInit_with_libctx(ctx, NULL,
- "SHA2-256", sctx->libctx, sctx->propq,
- sctx->pkey))
+ if (!EVP_DigestVerifyInit_ex(ctx, NULL, "SHA2-256", sctx->libctx,
+ sctx->propq, sctx->pkey))
goto end;
if (!sct_ctx_update(ctx, sctx, sct))
{
EVP_PKEY_CTX *pctx = vpctx;
EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(pctx);
- DH *dh = dh_new_with_libctx(pctx->libctx);
+ DH *dh = dh_new_ex(pctx->libctx);
if (dh == NULL) {
ERR_raise(ERR_LIB_DH, ERR_R_MALLOC_FAILURE);
if (nid == NID_undef)
return 0;
- dh = dh_new_by_nid_with_libctx(libctx, nid);
+ dh = dh_new_by_nid_ex(libctx, nid);
if (dh != NULL
&& ffc_params_copy(&ret->params, &dh->params)) {
ok = 1;
static DH *dh_param_init(OPENSSL_CTX *libctx, int uid, const BIGNUM *p,
const BIGNUM *q, const BIGNUM *g)
{
- DH *dh = dh_new_with_libctx(libctx);
+ DH *dh = dh_new_ex(libctx);
if (dh == NULL)
return NULL;
return NULL;
}
-DH *dh_new_by_nid_with_libctx(OPENSSL_CTX *libctx, int nid)
+DH *dh_new_by_nid_ex(OPENSSL_CTX *libctx, int nid)
{
const char *name = ffc_named_group_from_uid(nid);
DH *DH_new_by_nid(int nid)
{
- return dh_new_by_nid_with_libctx(NULL, nid);
+ return dh_new_by_nid_ex(NULL, nid);
}
int ffc_set_group_pqg(FFC_PARAMS *ffc, const char *group_name)
}
#endif /* !FIPS_MODULE */
-DH *dh_new_with_libctx(OPENSSL_CTX *libctx)
+DH *dh_new_ex(OPENSSL_CTX *libctx)
{
return dh_new_intern(NULL, libctx);
}
EC_KEY *eckey = NULL;
EC_GROUP *group = NULL;
- if ((eckey = EC_KEY_new_with_libctx(libctx, propq)) == NULL) {
+ if ((eckey = EC_KEY_new_ex(libctx, propq)) == NULL) {
ECerr(EC_F_ECKEY_TYPE2PARAM, ERR_R_MALLOC_FAILURE);
goto ecerr;
}
* type == V_ASN1_OBJECT => the parameters are given by an asn1 OID
*/
- group = EC_GROUP_new_by_curve_name_with_libctx(libctx, propq,
- OBJ_obj2nid(poid));
+ group = EC_GROUP_new_by_curve_name_ex(libctx, propq, OBJ_obj2nid(poid));
if (group == NULL)
goto ecerr;
EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE);
return -2;
}
-static int eckey_priv_decode_with_libctx(EVP_PKEY *pkey,
- const PKCS8_PRIV_KEY_INFO *p8,
- OPENSSL_CTX *libctx,
- const char *propq)
+static int eckey_priv_decode_ex(EVP_PKEY *pkey, const PKCS8_PRIV_KEY_INFO *p8,
+ OPENSSL_CTX *libctx, const char *propq)
{
const unsigned char *p = NULL;
const void *pval;
{
EVP_PKEY_CTX *pctx = vpctx;
EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(pctx);
- EC_KEY *ec = EC_KEY_new_with_libctx(pctx->libctx, pctx->propquery);
+ EC_KEY *ec = EC_KEY_new_ex(pctx->libctx, pctx->propquery);
if (ec == NULL) {
ERR_raise(ERR_LIB_DH, ERR_R_MALLOC_FAILURE);
ec_pkey_dirty_cnt,
ec_pkey_export_to,
ec_pkey_import_from,
- eckey_priv_decode_with_libctx
+ eckey_priv_decode_ex
};
#if !defined(OPENSSL_NO_SM2)
/* If no curve data curve method must handle everything */
if (curve.data == NULL)
- return ec_group_new_with_libctx(libctx, propq,
- curve.meth != NULL ? curve.meth() : NULL);
+ return ec_group_new_ex(libctx, propq,
+ curve.meth != NULL ? curve.meth() : NULL);
if ((ctx = BN_CTX_new_ex(libctx)) == NULL) {
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_MALLOC_FAILURE);
if (curve.meth != 0) {
meth = curve.meth();
- if (((group = ec_group_new_with_libctx(libctx, propq, meth)) == NULL) ||
+ if (((group = ec_group_new_ex(libctx, propq, meth)) == NULL) ||
(!(group->meth->group_set_curve(group, p, a, b, ctx)))) {
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
goto err;
return group;
}
-EC_GROUP *EC_GROUP_new_by_curve_name_with_libctx(OPENSSL_CTX *libctx,
- const char *propq, int nid)
+EC_GROUP *EC_GROUP_new_by_curve_name_ex(OPENSSL_CTX *libctx, const char *propq,
+ int nid)
{
EC_GROUP *ret = NULL;
const ec_list_element *curve;
#ifndef FIPS_MODULE
EC_GROUP *EC_GROUP_new_by_curve_name(int nid)
{
- return EC_GROUP_new_by_curve_name_with_libctx(NULL, NULL, nid);
+ return EC_GROUP_new_by_curve_name_ex(NULL, NULL, nid);
}
#endif
meth = EC_GFp_mont_method();
#endif
- ret = ec_group_new_with_libctx(bn_get_lib_ctx(ctx), NULL, meth);
+ ret = ec_group_new_ex(bn_get_lib_ctx(ctx), NULL, meth);
if (ret == NULL)
return NULL;
meth = EC_GF2m_simple_method();
- ret = ec_group_new_with_libctx(bn_get_lib_ctx(ctx), NULL, meth);
+ ret = ec_group_new_ex(bn_get_lib_ctx(ctx), NULL, meth);
if (ret == NULL)
return NULL;
}
#endif
-EC_KEY *EC_KEY_new_with_libctx(OPENSSL_CTX *ctx, const char *propq)
+EC_KEY *EC_KEY_new_ex(OPENSSL_CTX *ctx, const char *propq)
{
return ec_key_new_method_int(ctx, propq, NULL);
}
-EC_KEY *EC_KEY_new_by_curve_name_with_libctx(OPENSSL_CTX *ctx,
- const char *propq, int nid)
+EC_KEY *EC_KEY_new_by_curve_name_ex(OPENSSL_CTX *ctx, const char *propq,
+ int nid)
{
- EC_KEY *ret = EC_KEY_new_with_libctx(ctx, propq);
+ EC_KEY *ret = EC_KEY_new_ex(ctx, propq);
if (ret == NULL)
return NULL;
- ret->group = EC_GROUP_new_by_curve_name_with_libctx(ctx, propq, nid);
+ ret->group = EC_GROUP_new_by_curve_name_ex(ctx, propq, nid);
if (ret->group == NULL) {
EC_KEY_free(ret);
return NULL;
#ifndef FIPS_MODULE
EC_KEY *EC_KEY_new_by_curve_name(int nid)
{
- return EC_KEY_new_by_curve_name_with_libctx(NULL, NULL, nid);
+ return EC_KEY_new_by_curve_name_ex(NULL, NULL, nid);
}
#endif
if (src->group != NULL) {
/* clear the old group */
EC_GROUP_free(dest->group);
- dest->group = ec_group_new_with_libctx(src->libctx, src->propq,
- src->group->meth);
+ dest->group = ec_group_new_ex(src->libctx, src->propq, src->group->meth);
if (dest->group == NULL)
return NULL;
if (!EC_GROUP_copy(dest->group, src->group))
/* functions for EC_GROUP objects */
-EC_GROUP *ec_group_new_with_libctx(OPENSSL_CTX *libctx, const char *propq,
- const EC_METHOD *meth)
+EC_GROUP *ec_group_new_ex(OPENSSL_CTX *libctx, const char *propq,
+ const EC_METHOD *meth)
{
EC_GROUP *ret;
# ifndef FIPS_MODULE
EC_GROUP *EC_GROUP_new(const EC_METHOD *meth)
{
- return ec_group_new_with_libctx(NULL, NULL, meth);
+ return ec_group_new_ex(NULL, NULL, meth);
}
# endif
#endif
if (a == NULL)
return NULL;
- if ((t = ec_group_new_with_libctx(a->libctx, a->propq, a->meth)) == NULL)
+ if ((t = ec_group_new_ex(a->libctx, a->propq, a->meth)) == NULL)
return NULL;
if (!EC_GROUP_copy(t, a))
goto err;
curve_name_nid = NID_secp224r1;
#endif /* !def(OPENSSL_NO_EC_NISTP_64_GCC_128) */
- ret_group = EC_GROUP_new_by_curve_name_with_libctx(libctx, propq,
- curve_name_nid);
+ ret_group = EC_GROUP_new_by_curve_name_ex(libctx, propq, curve_name_nid);
if (ret_group == NULL)
goto err;
ECerr(0, EC_R_INVALID_CURVE);
return NULL;
} else {
- return EC_GROUP_new_by_curve_name_with_libctx(libctx, propq, nid);
+ return EC_GROUP_new_by_curve_name_ex(libctx, propq, nid);
}
}
return NULL;
* \param meth EC_METHOD to use
* \return newly created EC_GROUP object or NULL in case of an error.
*/
-EC_GROUP *ec_group_new_with_libctx(OPENSSL_CTX *libctx, const char *propq,
- const EC_METHOD *meth);
+EC_GROUP *ec_group_new_ex(OPENSSL_CTX *libctx, const char *propq,
+ const EC_METHOD *meth);
#ifdef ECP_NISTZ256_ASM
/** Returns GFp methods using montgomery multiplication, with x86-64 optimized
return CRYPTO_memcmp(akey->pubkey, bkey->pubkey, KEYLEN(a)) == 0;
}
-static int ecx_priv_decode_with_libctx(EVP_PKEY *pkey,
- const PKCS8_PRIV_KEY_INFO *p8,
- OPENSSL_CTX *libctx, const char *propq)
+static int ecx_priv_decode_ex(EVP_PKEY *pkey, const PKCS8_PRIV_KEY_INFO *p8,
+ OPENSSL_CTX *libctx, const char *propq)
{
const unsigned char *p;
int plen;
ecx_pkey_export_to,
x25519_import_from,
- ecx_priv_decode_with_libctx
+ ecx_priv_decode_ex
};
static int x448_import_from(const OSSL_PARAM params[], void *vpctx)
ecx_pkey_export_to,
x448_import_from,
- ecx_priv_decode_with_libctx
+ ecx_priv_decode_ex
};
static int ecd_size25519(const EVP_PKEY *pkey)
ecx_pkey_export_to,
ed25519_import_from,
- ecx_priv_decode_with_libctx
+ ecx_priv_decode_ex
};
static int ed448_import_from(const OSSL_PARAM params[], void *vpctx)
ecx_pkey_export_to,
ed448_import_from,
- ecx_priv_decode_with_libctx
+ ecx_priv_decode_ex
};
static int pkey_ecx_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
}
#ifndef FIPS_MODULE
-EVP_MD_CTX *evp_md_ctx_new_with_libctx(EVP_PKEY *pkey,
- const ASN1_OCTET_STRING *id,
- OPENSSL_CTX *libctx, const char *propq)
+EVP_MD_CTX *evp_md_ctx_new_ex(EVP_PKEY *pkey, const ASN1_OCTET_STRING *id,
+ OPENSSL_CTX *libctx, const char *propq)
{
EVP_MD_CTX *ctx;
EVP_PKEY_CTX *pctx = NULL;
* Prior to OpenSSL 3.0 EVP_DigestSignUpdate() and
* EVP_DigestVerifyUpdate() were just macros for EVP_DigestUpdate().
* Some code calls EVP_DigestUpdate() directly even when initialised
- * with EVP_DigestSignInit_with_libctx() or
- * EVP_DigestVerifyInit_with_libctx(), so we detect that and redirect to
+ * with EVP_DigestSignInit_ex() or
+ * EVP_DigestVerifyInit_ex(), so we detect that and redirect to
* the correct EVP_Digest*Update() function
*/
if (ctx->pctx->operation == EVP_PKEY_OP_SIGNCTX)
/* Extract a private key from a PKCS8 structure */
-EVP_PKEY *EVP_PKCS82PKEY_with_libctx(const PKCS8_PRIV_KEY_INFO *p8,
- OPENSSL_CTX *libctx, const char *propq)
+EVP_PKEY *EVP_PKCS82PKEY_ex(const PKCS8_PRIV_KEY_INFO *p8, OPENSSL_CTX *libctx,
+ const char *propq)
{
EVP_PKEY *pkey = NULL;
const ASN1_OBJECT *algoid;
goto error;
}
- if (pkey->ameth->priv_decode_with_libctx != NULL) {
- if (!pkey->ameth->priv_decode_with_libctx(pkey, p8, libctx, propq))
+ if (pkey->ameth->priv_decode_ex != NULL) {
+ if (!pkey->ameth->priv_decode_ex(pkey, p8, libctx, propq))
goto error;
} else if (pkey->ameth->priv_decode != NULL) {
if (!pkey->ameth->priv_decode(pkey, p8)) {
EVP_PKEY *EVP_PKCS82PKEY(const PKCS8_PRIV_KEY_INFO *p8)
{
- return EVP_PKCS82PKEY_with_libctx(p8, NULL, NULL);
+ return EVP_PKCS82PKEY_ex(p8, NULL, NULL);
}
/* Turn a private key into a PKCS8 structure */
return ret > 0 ? 1 : 0;
}
-int EVP_DigestSignInit_with_libctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
- const char *mdname,
- OPENSSL_CTX *libctx, const char *props,
- EVP_PKEY *pkey)
+int EVP_DigestSignInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+ const char *mdname, OPENSSL_CTX *libctx,
+ const char *props, EVP_PKEY *pkey)
{
return do_sigver_init(ctx, pctx, NULL, mdname, libctx, props, NULL, pkey, 0);
}
return do_sigver_init(ctx, pctx, type, NULL, NULL, NULL, e, pkey, 0);
}
-int EVP_DigestVerifyInit_with_libctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
- const char *mdname,
- OPENSSL_CTX *libctx, const char *props,
- EVP_PKEY *pkey)
+int EVP_DigestVerifyInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+ const char *mdname, OPENSSL_CTX *libctx,
+ const char *props, EVP_PKEY *pkey)
{
return do_sigver_init(ctx, pctx, NULL, mdname, libctx, props, NULL, pkey, 1);
}
#include "crypto/evp.h"
#include "evp_local.h"
-int pkcs5_pbkdf2_hmac_with_libctx(const char *pass, int passlen,
- const unsigned char *salt, int saltlen,
- int iter, const EVP_MD *digest, int keylen,
- unsigned char *out,
- OPENSSL_CTX *libctx, const char *propq)
+int pkcs5_pbkdf2_hmac_ex(const char *pass, int passlen,
+ const unsigned char *salt, int saltlen, int iter,
+ const EVP_MD *digest, int keylen, unsigned char *out,
+ OPENSSL_CTX *libctx, const char *propq)
{
const char *empty = "";
int rv = 1, mode = 1;
int saltlen, int iter, const EVP_MD *digest, int keylen,
unsigned char *out)
{
- return pkcs5_pbkdf2_hmac_with_libctx(pass, passlen, salt, saltlen, iter,
- digest, keylen, out, NULL, NULL);
+ return pkcs5_pbkdf2_hmac_ex(pass, passlen, salt, saltlen, iter, digest,
+ keylen, out, NULL, NULL);
}
return pkey;
}
-EVP_PKEY *EVP_PKEY_new_raw_private_key_with_libctx(OPENSSL_CTX *libctx,
- const char *keytype,
- const char *propq,
- const unsigned char *priv,
- size_t len)
+EVP_PKEY *EVP_PKEY_new_raw_private_key_ex(OPENSSL_CTX *libctx,
+ const char *keytype,
+ const char *propq,
+ const unsigned char *priv, size_t len)
{
return new_raw_key_int(libctx, keytype, propq, EVP_PKEY_NONE, NULL, priv,
len, 1);
return new_raw_key_int(NULL, NULL, NULL, type, e, priv, len, 1);
}
-EVP_PKEY *EVP_PKEY_new_raw_public_key_with_libctx(OPENSSL_CTX *libctx,
- const char *keytype,
- const char *propq,
- const unsigned char *pub,
- size_t len)
+EVP_PKEY *EVP_PKEY_new_raw_public_key_ex(OPENSSL_CTX *libctx,
+ const char *keytype, const char *propq,
+ const unsigned char *pub, size_t len)
{
return new_raw_key_int(libctx, keytype, propq, EVP_PKEY_NONE, NULL, pub,
len, 0);
# endif
}
-EVP_PKEY *EVP_PKEY_new_CMAC_key_with_libctx(const unsigned char *priv,
- size_t len,
- const char *cipher_name,
- OPENSSL_CTX *libctx,
- const char *propq)
+EVP_PKEY *EVP_PKEY_new_CMAC_key_ex(const unsigned char *priv, size_t len,
+ const char *cipher_name, OPENSSL_CTX *libctx,
+ const char *propq)
{
return new_cmac_key_int(priv, len, cipher_name, NULL, libctx, propq, NULL);
}
#include <openssl/x509.h>
#include "crypto/evp.h"
-int EVP_SignFinal_with_libctx(EVP_MD_CTX *ctx, unsigned char *sigret,
- unsigned int *siglen, EVP_PKEY *pkey,
- OPENSSL_CTX *libctx, const char *propq)
+int EVP_SignFinal_ex(EVP_MD_CTX *ctx, unsigned char *sigret,
+ unsigned int *siglen, EVP_PKEY *pkey, OPENSSL_CTX *libctx,
+ const char *propq)
{
unsigned char m[EVP_MAX_MD_SIZE];
unsigned int m_len = 0;
int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
unsigned int *siglen, EVP_PKEY *pkey)
{
- return EVP_SignFinal_with_libctx(ctx, sigret, siglen, pkey, NULL, NULL);
+ return EVP_SignFinal_ex(ctx, sigret, siglen, pkey, NULL, NULL);
}
#include <openssl/x509.h>
#include "crypto/evp.h"
-int EVP_VerifyFinal_with_libctx(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
- unsigned int siglen, EVP_PKEY *pkey,
- OPENSSL_CTX *libctx, const char *propq)
+int EVP_VerifyFinal_ex(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
+ unsigned int siglen, EVP_PKEY *pkey, OPENSSL_CTX *libctx,
+ const char *propq)
{
unsigned char m[EVP_MAX_MD_SIZE];
unsigned int m_len = 0;
int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
unsigned int siglen, EVP_PKEY *pkey)
{
- return EVP_VerifyFinal_with_libctx(ctx, sigbuf, siglen, pkey, NULL, NULL);
+ return EVP_VerifyFinal_ex(ctx, sigbuf, siglen, pkey, NULL, NULL);
}
#ifndef OPENSSL_NO_STDIO
STACK_OF(X509_INFO)
-*PEM_X509_INFO_read_with_libctx(FILE *fp, STACK_OF(X509_INFO) *sk,
- pem_password_cb *cb, void *u,
- OPENSSL_CTX *libctx, const char *propq)
+*PEM_X509_INFO_read_ex(FILE *fp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb,
+ void *u, OPENSSL_CTX *libctx, const char *propq)
{
BIO *b;
STACK_OF(X509_INFO) *ret;
return 0;
}
BIO_set_fp(b, fp, BIO_NOCLOSE);
- ret = PEM_X509_INFO_read_bio_with_libctx(b, sk, cb, u, libctx, propq);
+ ret = PEM_X509_INFO_read_bio_ex(b, sk, cb, u, libctx, propq);
BIO_free(b);
return ret;
}
STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk,
pem_password_cb *cb, void *u)
{
- return PEM_X509_INFO_read_with_libctx(fp, sk, cb, u, NULL, NULL);
+ return PEM_X509_INFO_read_ex(fp, sk, cb, u, NULL, NULL);
}
#endif
STACK_OF(X509_INFO)
-*PEM_X509_INFO_read_bio_with_libctx(BIO *bp, STACK_OF(X509_INFO) *sk,
- pem_password_cb *cb, void *u,
- OPENSSL_CTX *libctx, const char *propq)
+*PEM_X509_INFO_read_bio_ex(BIO *bp, STACK_OF(X509_INFO) *sk,
+ pem_password_cb *cb, void *u, OPENSSL_CTX *libctx,
+ const char *propq)
{
X509_INFO *xi = NULL;
char *name = NULL, *header = NULL;
goto err;
goto start;
}
- xi->x509 = X509_new_with_libctx(libctx, propq);
+ xi->x509 = X509_new_ex(libctx, propq);
if (xi->x509 == NULL)
goto err;
pp = &(xi->x509);
goto err;
goto start;
}
- xi->x509 = X509_new_with_libctx(libctx, propq);
+ xi->x509 = X509_new_ex(libctx, propq);
if (xi->x509 == NULL)
goto err;
pp = &(xi->x509);
STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk,
pem_password_cb *cb, void *u)
{
- return PEM_X509_INFO_read_bio_with_libctx(bp, sk, cb, u, NULL, NULL);
+ return PEM_X509_INFO_read_bio_ex(bp, sk, cb, u, NULL, NULL);
}
/* A TJH addition */
return (PKCS7 *)ASN1_item_new(ASN1_ITEM_rptr(PKCS7));
}
-PKCS7 *PKCS7_new_with_libctx(OPENSSL_CTX *libctx, const char *propq)
+PKCS7 *PKCS7_new_ex(OPENSSL_CTX *libctx, const char *propq)
{
PKCS7 *pkcs7 = PKCS7_new();
if (abuf == NULL)
goto err;
- if (!EVP_SignFinal_with_libctx(ctx_tmp, abuf, &abuflen, si->pkey,
- p7_ctx->libctx, p7_ctx->propq)) {
+ if (!EVP_SignFinal_ex(ctx_tmp, abuf, &abuflen, si->pkey,
+ p7_ctx->libctx, p7_ctx->propq)) {
OPENSSL_free(abuf);
PKCS7err(PKCS7_F_PKCS7_DATAFINAL, ERR_R_EVP_LIB);
goto err;
goto err;
}
- if (EVP_DigestSignInit_with_libctx(mctx, &pctx,
- EVP_MD_name(md), ctx->libctx, ctx->propq,
- si->pkey) <= 0)
+ if (EVP_DigestSignInit_ex(mctx, &pctx, EVP_MD_name(md), ctx->libctx,
+ ctx->propq, si->pkey) <= 0)
goto err;
/*
goto err;
}
- i = EVP_VerifyFinal_with_libctx(mdc_tmp, os->data, os->length, pkey,
- ctx->libctx, ctx->propq);
+ i = EVP_VerifyFinal_ex(mdc_tmp, os->data, os->length, pkey, ctx->libctx,
+ ctx->propq);
if (i <= 0) {
PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, PKCS7_R_SIGNATURE_FAILURE);
ret = -1;
flags ^= SMIME_OLDMIME;
- return SMIME_write_ASN1_with_libctx(bio, (ASN1_VALUE *)p7, data, flags,
- ctype_nid, NID_undef, mdalgs,
- ASN1_ITEM_rptr(PKCS7),
- pkcs7_ctx_get0_libctx(ctx),
- pkcs7_ctx_get0_propq(ctx));
+ return SMIME_write_ASN1_ex(bio, (ASN1_VALUE *)p7, data, flags, ctype_nid,
+ NID_undef, mdalgs, ASN1_ITEM_rptr(PKCS7),
+ pkcs7_ctx_get0_libctx(ctx),
+ pkcs7_ctx_get0_propq(ctx));
}
PKCS7 *SMIME_read_PKCS7_ex(BIO *bio, BIO **bcont, PKCS7 **p7)
static int pkcs7_copy_existing_digest(PKCS7 *p7, PKCS7_SIGNER_INFO *si);
-PKCS7 *PKCS7_sign_with_libctx(X509 *signcert, EVP_PKEY *pkey,
- STACK_OF(X509) *certs, BIO *data, int flags,
- OPENSSL_CTX *libctx, const char *propq)
+PKCS7 *PKCS7_sign_ex(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
+ BIO *data, int flags, OPENSSL_CTX *libctx,
+ const char *propq)
{
PKCS7 *p7;
int i;
- if ((p7 = PKCS7_new_with_libctx(libctx, propq)) == NULL) {
+ if ((p7 = PKCS7_new_ex(libctx, propq)) == NULL) {
PKCS7err(0, ERR_R_MALLOC_FAILURE);
return NULL;
}
PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
BIO *data, int flags)
{
- return PKCS7_sign_with_libctx(signcert, pkey, certs, data, flags, NULL, NULL);
+ return PKCS7_sign_ex(signcert, pkey, certs, data, flags, NULL, NULL);
}
/* Now verify the certificates */
p7_ctx = pkcs7_get0_ctx(p7);
- cert_ctx = X509_STORE_CTX_new_with_libctx(p7_ctx->libctx, p7_ctx->propq);
+ cert_ctx = X509_STORE_CTX_new_ex(p7_ctx->libctx, p7_ctx->propq);
if (cert_ctx == NULL)
goto err;
if (!(flags & PKCS7_NOVERIFY))
/* Build a complete PKCS#7 enveloped data */
-PKCS7 *PKCS7_encrypt_with_libctx(STACK_OF(X509) *certs, BIO *in,
- const EVP_CIPHER *cipher, int flags,
- OPENSSL_CTX *libctx, const char *propq)
+PKCS7 *PKCS7_encrypt_ex(STACK_OF(X509) *certs, BIO *in,
+ const EVP_CIPHER *cipher, int flags,
+ OPENSSL_CTX *libctx, const char *propq)
{
PKCS7 *p7;
BIO *p7bio = NULL;
int i;
X509 *x509;
- if ((p7 = PKCS7_new_with_libctx(libctx, propq)) == NULL) {
+ if ((p7 = PKCS7_new_ex(libctx, propq)) == NULL) {
PKCS7err(0, ERR_R_MALLOC_FAILURE);
return NULL;
}
PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher,
int flags)
{
- return PKCS7_encrypt_with_libctx(certs, in, cipher, flags, NULL, NULL);
+ return PKCS7_encrypt_ex(certs, in, cipher, flags, NULL, NULL);
}
int nbits, const BIGNUM *e, BN_CTX *ctx,
BN_GENCB *cb);
-int rsa_padding_add_SSLv23_with_libctx(OPENSSL_CTX *libctx, unsigned char *to,
- int tlen, const unsigned char *from,
- int flen);
-int rsa_padding_add_PKCS1_type_2_with_libctx(OPENSSL_CTX *libctx,
- unsigned char *to, int tlen,
- const unsigned char *from,
- int flen);
+int rsa_padding_add_SSLv23_ex(OPENSSL_CTX *libctx, unsigned char *to, int tlen,
+ const unsigned char *from, int flen);
+int rsa_padding_add_PKCS1_type_2_ex(OPENSSL_CTX *libctx, unsigned char *to,
+ int tlen, const unsigned char *from,
+ int flen);
#endif /* OSSL_CRYPTO_RSA_LOCAL_H */
const unsigned char *from, int flen,
const unsigned char *param, int plen)
{
- return rsa_padding_add_PKCS1_OAEP_mgf1_with_libctx(NULL, to, tlen, from,
- flen, param, plen, NULL,
- NULL);
+ return rsa_padding_add_PKCS1_OAEP_mgf1_ex(NULL, to, tlen, from, flen, param,
+ plen, NULL, NULL);
}
/*
* Step numbers are included here but not in the constant time inverse below
* to avoid complicating an already difficult enough function.
*/
-int rsa_padding_add_PKCS1_OAEP_mgf1_with_libctx(OPENSSL_CTX *libctx,
- unsigned char *to, int tlen,
- const unsigned char *from,
- int flen,
- const unsigned char *param,
- int plen, const EVP_MD *md,
- const EVP_MD *mgf1md)
+int rsa_padding_add_PKCS1_OAEP_mgf1_ex(OPENSSL_CTX *libctx, unsigned char *to,
+ int tlen, const unsigned char *from,
+ int flen, const unsigned char *param,
+ int plen, const EVP_MD *md,
+ const EVP_MD *mgf1md)
{
int rv = 0;
int i, emlen = tlen - 1;
const unsigned char *param, int plen,
const EVP_MD *md, const EVP_MD *mgf1md)
{
- return rsa_padding_add_PKCS1_OAEP_mgf1_with_libctx(NULL, to, tlen, from,
- flen, param, plen, md,
- mgf1md);
+ return rsa_padding_add_PKCS1_OAEP_mgf1_ex(NULL, to, tlen, from, flen, param,
+ plen, md, mgf1md);
}
int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,
switch (padding) {
case RSA_PKCS1_PADDING:
- i = rsa_padding_add_PKCS1_type_2_with_libctx(rsa->libctx, buf, num,
- from, flen);
+ i = rsa_padding_add_PKCS1_type_2_ex(rsa->libctx, buf, num, from, flen);
break;
case RSA_PKCS1_OAEP_PADDING:
- i = rsa_padding_add_PKCS1_OAEP_mgf1_with_libctx(rsa->libctx, buf, num,
- from, flen, NULL, 0,
- NULL, NULL);
+ i = rsa_padding_add_PKCS1_OAEP_mgf1_ex(rsa->libctx, buf, num, from,
+ flen, NULL, 0, NULL, NULL);
break;
#ifndef FIPS_MODULE
case RSA_SSLV23_PADDING:
- i = rsa_padding_add_SSLv23_with_libctx(rsa->libctx, buf, num, from,
- flen);
+ i = rsa_padding_add_SSLv23_ex(rsa->libctx, buf, num, from, flen);
break;
#endif
case RSA_NO_PADDING:
return j;
}
-int rsa_padding_add_PKCS1_type_2_with_libctx(OPENSSL_CTX *libctx,
- unsigned char *to, int tlen,
- const unsigned char *from,
- int flen)
+int rsa_padding_add_PKCS1_type_2_ex(OPENSSL_CTX *libctx, unsigned char *to,
+ int tlen, const unsigned char *from,
+ int flen)
{
int i, j;
unsigned char *p;
int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
const unsigned char *from, int flen)
{
- return rsa_padding_add_PKCS1_type_2_with_libctx(NULL, to, tlen, from, flen);
+ return rsa_padding_add_PKCS1_type_2_ex(NULL, to, tlen, from, flen);
}
int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
#include "internal/constant_time.h"
#include "rsa_local.h"
-int rsa_padding_add_SSLv23_with_libctx(OPENSSL_CTX *libctx, unsigned char *to,
- int tlen, const unsigned char *from,
- int flen)
+int rsa_padding_add_SSLv23_ex(OPENSSL_CTX *libctx, unsigned char *to, int tlen,
+ const unsigned char *from, int flen)
{
int i, j;
unsigned char *p;
int RSA_padding_add_SSLv23(unsigned char *to, int tlen,
const unsigned char *from, int flen)
{
- return rsa_padding_add_SSLv23_with_libctx(NULL, to, tlen, from, flen);
+ return rsa_padding_add_SSLv23_ex(NULL, to, tlen, from, flen);
}
/*
static int ossl_store_close_it(OSSL_STORE_CTX *ctx);
OSSL_STORE_CTX *
-OSSL_STORE_open_with_libctx(const char *uri,
- OPENSSL_CTX *libctx, const char *propq,
- const UI_METHOD *ui_method, void *ui_data,
- OSSL_STORE_post_process_info_fn post_process,
- void *post_process_data)
+OSSL_STORE_open_ex(const char *uri, OPENSSL_CTX *libctx, const char *propq,
+ const UI_METHOD *ui_method, void *ui_data,
+ OSSL_STORE_post_process_info_fn post_process,
+ void *post_process_data)
{
const OSSL_STORE_LOADER *loader = NULL;
OSSL_STORE_LOADER *fetched_loader = NULL;
OSSL_TRACE1(STORE, "Looking up scheme %s\n", schemes[i]);
#ifndef OPENSSL_NO_DEPRECATED_3_0
if ((loader = ossl_store_get0_loader_int(schemes[i])) != NULL) {
- if (loader->open_with_libctx != NULL)
- loader_ctx = loader->open_with_libctx(loader, uri, libctx, propq,
- ui_method, ui_data);
+ if (loader->open_ex != NULL)
+ loader_ctx = loader->open_ex(loader, uri, libctx, propq,
+ ui_method, ui_data);
else
loader_ctx = loader->open(loader, uri, ui_method, ui_data);
}
OSSL_STORE_post_process_info_fn post_process,
void *post_process_data)
{
- return OSSL_STORE_open_with_libctx(uri, NULL, NULL, ui_method, ui_data,
- post_process, post_process_data);
+ return OSSL_STORE_open_ex(uri, NULL, NULL, ui_method, ui_data, post_process,
+ post_process_data);
}
#ifndef OPENSSL_NO_DEPRECATED_3_0
OSSL_STORE_eof_fn eof;
OSSL_STORE_error_fn error;
OSSL_STORE_close_fn close;
- OSSL_STORE_open_with_libctx_fn open_with_libctx;
+ OSSL_STORE_open_ex_fn open_ex;
#endif
/* Provider stuff */
return 1;
}
-int OSSL_STORE_LOADER_set_open_with_libctx
+int OSSL_STORE_LOADER_set_open_ex
(OSSL_STORE_LOADER *loader,
- OSSL_STORE_open_with_libctx_fn open_with_libctx_function)
+ OSSL_STORE_open_ex_fn open_ex_function)
{
- loader->open_with_libctx = open_with_libctx_function;
+ loader->open_ex = open_ex_function;
return 1;
}
template.load = NULL;
template.eof = NULL;
template.close = NULL;
- template.open_with_libctx = NULL;
+ template.open_ex = NULL;
if (!ossl_store_init_once())
return NULL;
p8info = d2i_PKCS8_PRIV_KEY_INFO(NULL, &derp, der_len);
RESET_ERR_MARK();
if (p8info != NULL) {
- pk = EVP_PKCS82PKEY_with_libctx(p8info, libctx, propq);
+ pk = EVP_PKCS82PKEY_ex(p8info, libctx, propq);
PKCS8_PRIV_KEY_INFO_free(p8info);
}
}
static int add_cert_dir(BY_DIR *ctx, const char *dir, int type);
static int get_cert_by_subject(X509_LOOKUP *xl, X509_LOOKUP_TYPE type,
const X509_NAME *name, X509_OBJECT *ret);
-static int get_cert_by_subject_with_libctx(X509_LOOKUP *xl,
- X509_LOOKUP_TYPE type,
- const X509_NAME *name,
- X509_OBJECT *ret,
- OPENSSL_CTX *libctx,
- const char *propq);
+static int get_cert_by_subject_ex(X509_LOOKUP *xl, X509_LOOKUP_TYPE type,
+ const X509_NAME *name, X509_OBJECT *ret,
+ OPENSSL_CTX *libctx, const char *propq);
static X509_LOOKUP_METHOD x509_dir_lookup = {
"Load certs from files in a directory",
new_dir, /* new_item */
NULL, /* get_by_issuer_serial */
NULL, /* get_by_fingerprint */
NULL, /* get_by_alias */
- get_cert_by_subject_with_libctx, /* get_by_subject_with_libctx */
- NULL, /* ctrl_with_libctx */
+ get_cert_by_subject_ex, /* get_by_subject_ex */
+ NULL, /* ctrl_ex */
};
X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void)
return 1;
}
-static int get_cert_by_subject_with_libctx(X509_LOOKUP *xl,
- X509_LOOKUP_TYPE type,
- const X509_NAME *name,
- X509_OBJECT *ret,
- OPENSSL_CTX *libctx,
- const char *propq)
+static int get_cert_by_subject_ex(X509_LOOKUP *xl, X509_LOOKUP_TYPE type,
+ const X509_NAME *name, X509_OBJECT *ret,
+ OPENSSL_CTX *libctx, const char *propq)
{
BY_DIR *ctx;
union {
#endif
/* found one. */
if (type == X509_LU_X509) {
- if ((X509_load_cert_file_with_libctx(xl, b->data, ent->dir_type,
- libctx, propq)) == 0)
+ if ((X509_load_cert_file_ex(xl, b->data, ent->dir_type, libctx,
+ propq)) == 0)
break;
} else if (type == X509_LU_CRL) {
if ((X509_load_crl_file(xl, b->data, ent->dir_type)) == 0)
static int get_cert_by_subject(X509_LOOKUP *xl, X509_LOOKUP_TYPE type,
const X509_NAME *name, X509_OBJECT *ret)
{
- return get_cert_by_subject_with_libctx(xl, type, name, ret, NULL, NULL);
+ return get_cert_by_subject_ex(xl, type, name, ret, NULL, NULL);
}
static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc,
long argl, char **ret);
-static int by_file_ctrl_with_libctx(X509_LOOKUP *ctx, int cmd,
- const char *argc, long argl, char **ret,
- OPENSSL_CTX *libctx, const char *propq);
+static int by_file_ctrl_ex(X509_LOOKUP *ctx, int cmd, const char *argc,
+ long argl, char **ret, OPENSSL_CTX *libctx,
+ const char *propq);
static X509_LOOKUP_METHOD x509_file_lookup = {
NULL, /* get_by_issuer_serial */
NULL, /* get_by_fingerprint */
NULL, /* get_by_alias */
- NULL, /* get_by_subject_with_libctx */
- by_file_ctrl_with_libctx, /* ctrl_with_libctx */
+ NULL, /* get_by_subject_ex */
+ by_file_ctrl_ex, /* ctrl_ex */
};
X509_LOOKUP_METHOD *X509_LOOKUP_file(void)
return &x509_file_lookup;
}
-static int by_file_ctrl_with_libctx(X509_LOOKUP *ctx, int cmd,
- const char *argp, long argl, char **ret,
- OPENSSL_CTX *libctx, const char *propq)
+static int by_file_ctrl_ex(X509_LOOKUP *ctx, int cmd, const char *argp,
+ long argl, char **ret, OPENSSL_CTX *libctx,
+ const char *propq)
{
int ok = 0;
const char *file;
if (argl == X509_FILETYPE_DEFAULT) {
file = ossl_safe_getenv(X509_get_default_cert_file_env());
if (file)
- ok = (X509_load_cert_crl_file_with_libctx(ctx, file,
- X509_FILETYPE_PEM,
- libctx, propq) != 0);
+ ok = (X509_load_cert_crl_file_ex(ctx, file, X509_FILETYPE_PEM,
+ libctx, propq) != 0);
else
- ok = (X509_load_cert_crl_file_with_libctx(
+ ok = (X509_load_cert_crl_file_ex(
ctx, X509_get_default_cert_file(),
X509_FILETYPE_PEM, libctx, propq) != 0);
}
} else {
if (argl == X509_FILETYPE_PEM)
- ok = (X509_load_cert_crl_file_with_libctx(ctx, argp,
- X509_FILETYPE_PEM,
- libctx, propq) != 0);
+ ok = (X509_load_cert_crl_file_ex(ctx, argp, X509_FILETYPE_PEM,
+ libctx, propq) != 0);
else
- ok = (X509_load_cert_file_with_libctx(ctx, argp, (int)argl,
- libctx, propq) != 0);
+ ok = (X509_load_cert_file_ex(ctx, argp, (int)argl, libctx,
+ propq) != 0);
}
break;
}
static int by_file_ctrl(X509_LOOKUP *ctx, int cmd,
const char *argp, long argl, char **ret)
{
- return by_file_ctrl_with_libctx(ctx, cmd, argp, argl, ret, NULL, NULL);
+ return by_file_ctrl_ex(ctx, cmd, argp, argl, ret, NULL, NULL);
}
-int X509_load_cert_file_with_libctx(X509_LOOKUP *ctx, const char *file, int type,
- OPENSSL_CTX *libctx, const char *propq)
+int X509_load_cert_file_ex(X509_LOOKUP *ctx, const char *file, int type,
+ OPENSSL_CTX *libctx, const char *propq)
{
int ret = 0;
BIO *in = NULL;
X509err(0, X509_R_BAD_X509_FILETYPE);
goto err;
}
- x = X509_new_with_libctx(libctx, propq);
+ x = X509_new_ex(libctx, propq);
if (x == NULL) {
X509err(0, ERR_R_MALLOC_FAILURE);
goto err;
int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type)
{
- return X509_load_cert_file_with_libctx(ctx, file, type, NULL, NULL);
+ return X509_load_cert_file_ex(ctx, file, type, NULL, NULL);
}
int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type)
return ret;
}
-int X509_load_cert_crl_file_with_libctx(X509_LOOKUP *ctx, const char *file,
- int type, OPENSSL_CTX *libctx,
- const char *propq)
+int X509_load_cert_crl_file_ex(X509_LOOKUP *ctx, const char *file, int type,
+ OPENSSL_CTX *libctx, const char *propq)
{
STACK_OF(X509_INFO) *inf;
X509_INFO *itmp;
int i, count = 0;
if (type != X509_FILETYPE_PEM)
- return X509_load_cert_file_with_libctx(ctx, file, type, libctx, propq);
+ return X509_load_cert_file_ex(ctx, file, type, libctx, propq);
in = BIO_new_file(file, "r");
if (!in) {
X509err(0, ERR_R_SYS_LIB);
return 0;
}
- inf = PEM_X509_INFO_read_bio_with_libctx(in, NULL, NULL, "", libctx, propq);
+ inf = PEM_X509_INFO_read_bio_ex(in, NULL, NULL, "", libctx, propq);
BIO_free(in);
if (!inf) {
X509err(0, ERR_R_PEM_LIB);
int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type)
{
- return X509_load_cert_crl_file_with_libctx(ctx, file, type, NULL, NULL);
+ return X509_load_cert_crl_file_ex(ctx, file, type, NULL, NULL);
}
OSSL_STORE_CTX *ctx = NULL;
X509_STORE *xstore = X509_LOOKUP_get_store(lctx);
- if ((ctx = OSSL_STORE_open_with_libctx(uri, libctx, propq,
- NULL, NULL, NULL, NULL)) == NULL)
+ if ((ctx = OSSL_STORE_open_ex(uri, libctx, propq, NULL, NULL, NULL, NULL)) == NULL)
return 0;
/*
sk_OPENSSL_STRING_pop_free(uris, free_uri);
}
-static int by_store_ctrl_with_libctx(X509_LOOKUP *ctx, int cmd,
- const char *argp, long argl,
- char **retp,
- OPENSSL_CTX *libctx, const char *propq)
+static int by_store_ctrl_ex(X509_LOOKUP *ctx, int cmd, const char *argp,
+ long argl, char **retp, OPENSSL_CTX *libctx,
+ const char *propq)
{
switch (cmd) {
case X509_L_ADD_STORE:
static int by_store_ctrl(X509_LOOKUP *ctx, int cmd,
const char *argp, long argl, char **retp)
{
- return by_store_ctrl_with_libctx(ctx, cmd, argp, argl, retp, NULL, NULL);
+ return by_store_ctrl_ex(ctx, cmd, argp, argl, retp, NULL, NULL);
}
static int by_store(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
return ok;
}
-static int by_store_subject_with_libctx(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
- const X509_NAME *name, X509_OBJECT *ret,
- OPENSSL_CTX *libctx, const char *propq)
+static int by_store_subject_ex(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
+ const X509_NAME *name, X509_OBJECT *ret,
+ OPENSSL_CTX *libctx, const char *propq)
{
OSSL_STORE_SEARCH *criterion =
OSSL_STORE_SEARCH_by_name((X509_NAME *)name); /* won't modify it */
static int by_store_subject(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
const X509_NAME *name, X509_OBJECT *ret)
{
- return by_store_subject_with_libctx(ctx, type, name, ret, NULL, NULL);
+ return by_store_subject_ex(ctx, type, name, ret, NULL, NULL);
}
/*
NULL, /* get_by_issuer_serial */
NULL, /* get_by_fingerprint */
NULL, /* get_by_alias */
- by_store_subject_with_libctx,
- by_store_ctrl_with_libctx
+ by_store_subject_ex,
+ by_store_ctrl_ex
};
X509_LOOKUP_METHOD *X509_LOOKUP_store(void)
#include <openssl/crypto.h>
#include <openssl/x509.h>
-int X509_STORE_set_default_paths_with_libctx(X509_STORE *ctx,
- OPENSSL_CTX *libctx,
- const char *propq)
+int X509_STORE_set_default_paths_ex(X509_STORE *ctx, OPENSSL_CTX *libctx,
+ const char *propq)
{
X509_LOOKUP *lookup;
lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_file());
if (lookup == NULL)
return 0;
- X509_LOOKUP_load_file_with_libctx(lookup, NULL, X509_FILETYPE_DEFAULT,
- libctx, propq);
+ X509_LOOKUP_load_file_ex(lookup, NULL, X509_FILETYPE_DEFAULT, libctx, propq);
lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_hash_dir());
if (lookup == NULL)
lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_store());
if (lookup == NULL)
return 0;
- X509_LOOKUP_add_store_with_libctx(lookup, NULL, libctx, propq);
+ X509_LOOKUP_add_store_ex(lookup, NULL, libctx, propq);
/* clear any errors */
ERR_clear_error();
}
int X509_STORE_set_default_paths(X509_STORE *ctx)
{
- return X509_STORE_set_default_paths_with_libctx(ctx, NULL, NULL);
+ return X509_STORE_set_default_paths_ex(ctx, NULL, NULL);
}
-int X509_STORE_load_file_with_libctx(X509_STORE *ctx, const char *file,
- OPENSSL_CTX *libctx, const char *propq)
+int X509_STORE_load_file_ex(X509_STORE *ctx, const char *file,
+ OPENSSL_CTX *libctx, const char *propq)
{
X509_LOOKUP *lookup;
if (file == NULL
|| (lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_file())) == NULL
- || X509_LOOKUP_load_file_with_libctx(lookup, file, X509_FILETYPE_PEM,
- libctx, propq) == 0)
+ || X509_LOOKUP_load_file_ex(lookup, file, X509_FILETYPE_PEM, libctx,
+ propq) == 0)
return 0;
return 1;
int X509_STORE_load_file(X509_STORE *ctx, const char *file)
{
- return X509_STORE_load_file_with_libctx(ctx, file, NULL, NULL);
+ return X509_STORE_load_file_ex(ctx, file, NULL, NULL);
}
int X509_STORE_load_path(X509_STORE *ctx, const char *path)
return 1;
}
-int X509_STORE_load_store_with_libctx(X509_STORE *ctx, const char *uri,
- OPENSSL_CTX *libctx, const char *propq)
+int X509_STORE_load_store_ex(X509_STORE *ctx, const char *uri,
+ OPENSSL_CTX *libctx, const char *propq)
{
X509_LOOKUP *lookup;
if (uri == NULL
|| (lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_store())) == NULL
- || X509_LOOKUP_add_store_with_libctx(lookup, uri, libctx, propq) == 0)
+ || X509_LOOKUP_add_store_ex(lookup, uri, libctx, propq) == 0)
return 0;
return 1;
int X509_STORE_load_store(X509_STORE *ctx, const char *uri)
{
- return X509_STORE_load_store_with_libctx(ctx, uri, NULL, NULL);
+ return X509_STORE_load_store_ex(ctx, uri, NULL, NULL);
}
-int X509_STORE_load_locations_with_libctx(X509_STORE *ctx, const char *file,
- const char *path,
- OPENSSL_CTX *libctx, const char *propq)
+int X509_STORE_load_locations_ex(X509_STORE *ctx, const char *file,
+ const char *path, OPENSSL_CTX *libctx,
+ const char *propq)
{
if (file == NULL && path == NULL)
return 0;
- if (file != NULL && !X509_STORE_load_file_with_libctx(ctx, file,
- libctx, propq))
+ if (file != NULL && !X509_STORE_load_file_ex(ctx, file, libctx, propq))
return 0;
if (path != NULL && !X509_STORE_load_path(ctx, path))
return 0;
int X509_STORE_load_locations(X509_STORE *ctx, const char *file,
const char *path)
{
- return X509_STORE_load_locations_with_libctx(ctx, file, path, NULL, NULL);
+ return X509_STORE_load_locations_ex(ctx, file, path, NULL, NULL);
}
X509_OBJECT *ret);
int (*get_by_alias) (X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
const char *str, int len, X509_OBJECT *ret);
- int (*get_by_subject_with_libctx) (X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
+ int (*get_by_subject_ex) (X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
const X509_NAME *name, X509_OBJECT *ret,
OPENSSL_CTX *libctx, const char *propq);
- int (*ctrl_with_libctx) (X509_LOOKUP *ctx, int cmd,
+ int (*ctrl_ex) (X509_LOOKUP *ctx, int cmd,
const char *argc, long argl, char **ret,
OPENSSL_CTX *libctx, const char *propq);
};
return 1;
}
-int X509_LOOKUP_ctrl_with_libctx(X509_LOOKUP *ctx, int cmd, const char *argc,
- long argl, char **ret,
- OPENSSL_CTX *libctx, const char *propq)
+int X509_LOOKUP_ctrl_ex(X509_LOOKUP *ctx, int cmd, const char *argc, long argl,
+ char **ret, OPENSSL_CTX *libctx, const char *propq)
{
if (ctx->method == NULL)
return -1;
- if (ctx->method->ctrl_with_libctx != NULL)
- return ctx->method->ctrl_with_libctx(ctx, cmd, argc, argl, ret,
- libctx, propq);
+ if (ctx->method->ctrl_ex != NULL)
+ return ctx->method->ctrl_ex(ctx, cmd, argc, argl, ret, libctx, propq);
if (ctx->method->ctrl != NULL)
return ctx->method->ctrl(ctx, cmd, argc, argl, ret);
return 1;
int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl,
char **ret)
{
- return X509_LOOKUP_ctrl_with_libctx(ctx, cmd, argc, argl, ret, NULL, NULL);
+ return X509_LOOKUP_ctrl_ex(ctx, cmd, argc, argl, ret, NULL, NULL);
}
-int X509_LOOKUP_by_subject_with_libctx(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
- const X509_NAME *name, X509_OBJECT *ret,
- OPENSSL_CTX *libctx, const char *propq)
+int X509_LOOKUP_by_subject_ex(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
+ const X509_NAME *name, X509_OBJECT *ret,
+ OPENSSL_CTX *libctx, const char *propq)
{
if (ctx->skip
|| ctx->method == NULL
|| (ctx->method->get_by_subject == NULL
- && ctx->method->get_by_subject_with_libctx == NULL))
+ && ctx->method->get_by_subject_ex == NULL))
return 0;
- if (ctx->method->get_by_subject_with_libctx != NULL)
- return ctx->method->get_by_subject_with_libctx(ctx, type, name, ret,
- libctx, propq);
+ if (ctx->method->get_by_subject_ex != NULL)
+ return ctx->method->get_by_subject_ex(ctx, type, name, ret, libctx,
+ propq);
else
return ctx->method->get_by_subject(ctx, type, name, ret);
}
int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
const X509_NAME *name, X509_OBJECT *ret)
{
- return X509_LOOKUP_by_subject_with_libctx(ctx, type, name, ret, NULL, NULL);
+ return X509_LOOKUP_by_subject_ex(ctx, type, name, ret, NULL, NULL);
}
int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
if (tmp == NULL || type == X509_LU_CRL) {
for (i = 0; i < sk_X509_LOOKUP_num(store->get_cert_methods); i++) {
lu = sk_X509_LOOKUP_value(store->get_cert_methods, i);
- j = X509_LOOKUP_by_subject_with_libctx(lu, type, name, &stmp,
- vs->libctx, vs->propq);
+ j = X509_LOOKUP_by_subject_ex(lu, type, name, &stmp, vs->libctx,
+ vs->propq);
if (j) {
tmp = &stmp;
break;
return 1;
}
-X509_STORE_CTX *X509_STORE_CTX_new_with_libctx(OPENSSL_CTX *libctx,
- const char *propq)
+X509_STORE_CTX *X509_STORE_CTX_new_ex(OPENSSL_CTX *libctx, const char *propq)
{
X509_STORE_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx));
X509_STORE_CTX *X509_STORE_CTX_new(void)
{
- return X509_STORE_CTX_new_with_libctx(NULL, NULL);
+ return X509_STORE_CTX_new_ex(NULL, NULL);
}
if (X509_ALGOR_cmp(&a->sig_alg, &a->cert_info.signature))
return 0;
- return ASN1_item_verify_with_libctx(ASN1_ITEM_rptr(X509_CINF), &a->sig_alg,
- &a->signature, &a->cert_info,
- a->distinguishing_id, r,
- a->libctx, a->propq);
+ return ASN1_item_verify_ex(ASN1_ITEM_rptr(X509_CINF), &a->sig_alg,
+ &a->signature, &a->cert_info,
+ a->distinguishing_id, r, a->libctx, a->propq);
}
-int X509_REQ_verify_with_libctx(X509_REQ *a, EVP_PKEY *r, OPENSSL_CTX *libctx,
- const char *propq)
+int X509_REQ_verify_ex(X509_REQ *a, EVP_PKEY *r, OPENSSL_CTX *libctx,
+ const char *propq)
{
- return ASN1_item_verify_with_libctx(ASN1_ITEM_rptr(X509_REQ_INFO),
- &a->sig_alg, a->signature, &a->req_info,
- a->distinguishing_id, r, libctx, propq);
+ return ASN1_item_verify_ex(ASN1_ITEM_rptr(X509_REQ_INFO), &a->sig_alg,
+ a->signature, &a->req_info, a->distinguishing_id,
+ r, libctx, propq);
}
int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r)
{
- return X509_REQ_verify_with_libctx(a, r, NULL, NULL);
+ return X509_REQ_verify_ex(a, r, NULL, NULL);
}
int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r)
memcpy(data, cert->sha1_hash, sizeof(cert->sha1_hash));
return 1;
}
- return (asn1_item_digest_with_libctx(ASN1_ITEM_rptr(X509), md, (char *)cert,
- data, len, cert->libctx, cert->propq));
+ return (asn1_item_digest_ex(ASN1_ITEM_rptr(X509), md, (char *)cert, data,
+ len, cert->libctx, cert->propq));
}
/* calculate cert digest using the same hash algorithm as in its signature */
/*
* This should only be used if the X509 object was embedded inside another
* asn1 object and it needs a libctx to operate.
- * Use X509_new_with_libctx() instead if possible.
+ * Use X509_new_ex() instead if possible.
*/
int x509_set0_libctx(X509 *x, OPENSSL_CTX *libctx, const char *propq)
{
return 1;
}
-X509 *X509_new_with_libctx(OPENSSL_CTX *libctx, const char *propq)
+X509 *X509_new_ex(OPENSSL_CTX *libctx, const char *propq)
{
X509 *cert = NULL;
=head1 NAME
-CMS_EncryptedData_encrypt_with_libctx, CMS_EncryptedData_encrypt
+CMS_EncryptedData_encrypt_ex, CMS_EncryptedData_encrypt
- Create CMS EncryptedData
=head1 SYNOPSIS
#include <openssl/cms.h>
- CMS_ContentInfo *CMS_EncryptedData_encrypt_with_libctx(BIO *in,
- const EVP_CIPHER *cipher, const unsigned char *key, size_t keylen,
- unsigned int flags, OPENSSL_CTX *ctx, const char *propq);
+ CMS_ContentInfo *CMS_EncryptedData_encrypt_ex(BIO *in,
+ const EVP_CIPHER *cipher,
+ const unsigned char *key,
+ size_t keylen,
+ unsigned int flags,
+ OPENSSL_CTX *ctx,
+ const char *propq);
CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in,
const EVP_CIPHER *cipher, const unsigned char *key, size_t keylen,
=head1 DESCRIPTION
-CMS_EncryptedData_encrypt_with_libctx() creates a B<CMS_ContentInfo> structure
+CMS_EncryptedData_encrypt_ex() creates a B<CMS_ContentInfo> structure
with a type B<NID_pkcs7_encrypted>. I<in> is a BIO containing the data to
encrypt using I<cipher> and the encryption key I<key> of size I<keylen> bytes.
The library context I<libctx> and the property query I<propq> are used when
The B<CMS_ContentInfo> structure can be freed using L<CMS_ContentInfo_free(3)>.
-CMS_EncryptedData_encrypt() is similar to CMS_EncryptedData_encrypt_with_libctx()
+CMS_EncryptedData_encrypt() is similar to CMS_EncryptedData_encrypt_ex()
but uses default values of NULL for the library context I<libctx> and the
property query I<propq>.
=head1 RETURN VALUES
-If the allocation fails, CMS_EncryptedData_encrypt_with_libctx() and
+If the allocation fails, CMS_EncryptedData_encrypt_ex() and
CMS_EncryptedData_encrypt() return NULL and set an error code that can be
obtained by L<ERR_get_error(3)>. Otherwise they return a pointer to the newly
allocated structure.
head1 HISTORY
-The CMS_EncryptedData_encrypt_with_libctx() method was added in OpenSSL 3.0.
+The CMS_EncryptedData_encrypt_ex() method was added in OpenSSL 3.0.
=head1 COPYRIGHT
=head1 NAME
-CMS_EnvelopedData_create_with_libctx, CMS_EnvelopedData_create,
-CMS_AuthEnvelopedData_create, CMS_AuthEnvelopedData_create_with_libctx
+CMS_EnvelopedData_create_ex, CMS_EnvelopedData_create,
+CMS_AuthEnvelopedData_create, CMS_AuthEnvelopedData_create_ex
- Create CMS envelope
=head1 SYNOPSIS
#include <openssl/cms.h>
CMS_ContentInfo *
- CMS_EnvelopedData_create_with_libctx(const EVP_CIPHER *cipher,
- OPENSSL_CTX *libctx,
- const char *propq);
+ CMS_EnvelopedData_create_ex(const EVP_CIPHER *cipher, OPENSSL_CTX *libctx,
+ const char *propq);
CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher);
CMS_ContentInfo *
- CMS_AuthEnvelopedData_create_with_libctx(const EVP_CIPHER *cipher,
- OPENSSL_CTX *libctx,
- const char *propq);
+ CMS_AuthEnvelopedData_create_ex(const EVP_CIPHER *cipher, OPENSSL_CTX *libctx,
+ const char *propq);
CMS_ContentInfo *CMS_AuthEnvelopedData_create(const EVP_CIPHER *cipher);
=head1 DESCRIPTION
-CMS_EnvelopedData_create_with_libctx() creates a B<CMS_ContentInfo> structure
+CMS_EnvelopedData_create_ex() creates a B<CMS_ContentInfo> structure
with a type B<NID_pkcs7_enveloped>. I<cipher> is the symmetric cipher to use.
The library context I<libctx> and the property query I<propq> are used when
retrieving algorithms from providers.
-CMS_AuthEnvelopedData_create_with_libctx() creates a B<CMS_ContentInfo>
+CMS_AuthEnvelopedData_create_ex() creates a B<CMS_ContentInfo>
structure with a type B<NID_id_smime_ct_authEnvelopedData>. B<cipher> is the
symmetric AEAD cipher to use. Currently only AES variants with GCM mode are
supported. The library context I<libctx> and the property query I<propq> are
and then freed using L<CMS_ContentInfo_free(3)>.
CMS_EnvelopedData_create() and CMS_AuthEnvelopedData_create are similar to
-CMS_EnvelopedData_create_with_libctx() and
-CMS_AuthEnvelopedData_create_with_libctx() but use default values of NULL for
+CMS_EnvelopedData_create_ex() and
+CMS_AuthEnvelopedData_create_ex() but use default values of NULL for
the library context I<libctx> and the property query I<propq>.
=head1 NOTES
head1 HISTORY
-The CMS_EnvelopedData_create_with_libctx() method was added in OpenSSL 3.0.
+The CMS_EnvelopedData_create_ex() method was added in OpenSSL 3.0.
=head1 COPYRIGHT
=head1 NAME
-CMS_data_create_with_libctx, CMS_data_create
+CMS_data_create_ex, CMS_data_create
- Create CMS Data object
=head1 SYNOPSIS
#include <openssl/cms.h>
- CMS_ContentInfo *CMS_data_create_with_libctx(BIO *in, unsigned int flags,
- OPENSSL_CTX *libctx,
- const char *propq);
+ CMS_ContentInfo *CMS_data_create_ex(BIO *in, unsigned int flags,
+ OPENSSL_CTX *libctx, const char *propq);
CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags);
=head1 DESCRIPTION
-CMS_data_create_with_libctx() creates a B<CMS_ContentInfo> structure
+CMS_data_create_ex() creates a B<CMS_ContentInfo> structure
with a type B<NID_pkcs7_data>. The data is supplied via the I<in> BIO.
The library context I<libctx> and the property query I<propq> are used when
retrieving algorithms from providers. The I<flags> field supports the
The B<CMS_ContentInfo> structure can be freed using L<CMS_ContentInfo_free(3)>.
-CMS_data_create() is similar to CMS_data_create_with_libctx()
+CMS_data_create() is similar to CMS_data_create_ex()
but uses default values of NULL for the library context I<libctx> and the
property query I<propq>.
=head1 RETURN VALUES
-If the allocation fails, CMS_data_create_with_libctx() and CMS_data_create()
+If the allocation fails, CMS_data_create_ex() and CMS_data_create()
return NULL and set an error code that can be obtained by L<ERR_get_error(3)>.
Otherwise they return a pointer to the newly allocated structure.
head1 HISTORY
-The CMS_data_create_with_libctx() method was added in OpenSSL 3.0.
+The CMS_data_create_ex() method was added in OpenSSL 3.0.
=head1 COPYRIGHT
=head1 NAME
-CMS_digest_create_with_libctx, CMS_digest_create
+CMS_digest_create_ex, CMS_digest_create
- Create CMS DigestedData object
=head1 SYNOPSIS
#include <openssl/cms.h>
- CMS_ContentInfo *CMS_digest_create_with_libctx(BIO *in,
- const EVP_MD *md, unsigned int flags,
- OPENSSL_CTX *ctx, const char *propq);
+ CMS_ContentInfo *CMS_digest_create_ex(BIO *in, const EVP_MD *md,
+ unsigned int flags, OPENSSL_CTX *ctx,
+ const char *propq);
CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md,
unsigned int flags);
=head1 DESCRIPTION
-CMS_digest_create_with_libctx() creates a B<CMS_ContentInfo> structure
+CMS_digest_create_ex() creates a B<CMS_ContentInfo> structure
with a type B<NID_pkcs7_digest>. The data supplied via the I<in> BIO is digested
using I<md>. The library context I<libctx> and the property query I<propq> are
used when retrieving algorithms from providers.
The B<CMS_ContentInfo> structure can be freed using L<CMS_ContentInfo_free(3)>.
-CMS_digest_create() is similar to CMS_digest_create_with_libctx()
+CMS_digest_create() is similar to CMS_digest_create_ex()
but uses default values of NULL for the library context I<libctx> and the
property query I<propq>.
=head1 RETURN VALUES
-If the allocation fails, CMS_digest_create_with_libctx() and CMS_digest_create()
+If the allocation fails, CMS_digest_create_ex() and CMS_digest_create()
return NULL and set an error code that can be obtained by L<ERR_get_error(3)>.
Otherwise they return a pointer to the newly allocated structure.
head1 HISTORY
-The CMS_digest_create_with_libctx() method was added in OpenSSL 3.0.
+The CMS_digest_create_ex() method was added in OpenSSL 3.0.
=head1 COPYRIGHT
=head1 NAME
-CMS_encrypt_with_libctx, CMS_encrypt - create a CMS envelopedData structure
+CMS_encrypt_ex, CMS_encrypt - create a CMS envelopedData structure
=head1 SYNOPSIS
#include <openssl/cms.h>
- CMS_ContentInfo *CMS_encrypt_with_libctx(STACK_OF(X509) *certs,
- BIO *in, const EVP_CIPHER *cipher,
- unsigned int flags,
- OPENSSL_CTX *libctx,
- const char *propq);
+ CMS_ContentInfo *CMS_encrypt_ex(STACK_OF(X509) *certs, BIO *in,
+ const EVP_CIPHER *cipher, unsigned int flags,
+ OPENSSL_CTX *libctx, const char *propq);
CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *in,
const EVP_CIPHER *cipher, unsigned int flags);
=head1 DESCRIPTION
-CMS_encrypt_with_libctx() creates and returns a CMS EnvelopedData or
+CMS_encrypt_ex() creates and returns a CMS EnvelopedData or
AuthEnvelopedData structure. I<certs> is a list of recipient certificates.
I<in> is the content to be encrypted. I<cipher> is the symmetric cipher to use.
I<flags> is an optional set of flags. The library context I<libctx> and the
The parameter B<certs> may be NULL if B<CMS_PARTIAL> is set and recipients
added later using CMS_add1_recipient_cert() or CMS_add0_recipient_key().
-CMS_encrypt() is similar to CMS_encrypt_with_libctx() but uses default values
+CMS_encrypt() is similar to CMS_encrypt_ex() but uses default values
of NULL for the library context I<libctx> and the property query I<propq>.
=head1 RETURN VALUES
-CMS_encrypt_with_libctx() and CMS_encrypt() return either a CMS_ContentInfo
+CMS_encrypt_ex() and CMS_encrypt() return either a CMS_ContentInfo
structure or NULL if an error occurred. The error can be obtained from
ERR_get_error(3).
=head1 HISTORY
-The function CMS_encrypt_with_libctx() was added in OpenSSL 3.0.
+The function CMS_encrypt_ex() was added in OpenSSL 3.0.
The B<CMS_STREAM> flag was first supported in OpenSSL 1.0.0.
=head1 NAME
-CMS_ReceiptRequest_create0_with_libctx, CMS_ReceiptRequest_create0,
+CMS_ReceiptRequest_create0_ex, CMS_ReceiptRequest_create0,
CMS_add1_ReceiptRequest, CMS_get1_ReceiptRequest, CMS_ReceiptRequest_get0_values
- CMS signed receipt request functions
#include <openssl/cms.h>
- CMS_ReceiptRequest *CMS_ReceiptRequest_create0_with_libctx(
+ CMS_ReceiptRequest *CMS_ReceiptRequest_create0_ex(
unsigned char *id, int idlen, int allorfirst,
STACK_OF(GENERAL_NAMES) *receiptList, STACK_OF(GENERAL_NAMES) *receiptsTo,
OPENSSL_CTX *libctx, const char *propq);
=head1 DESCRIPTION
-CMS_ReceiptRequest_create0_with_libctx() creates a signed receipt request
+CMS_ReceiptRequest_create0_ex() creates a signed receipt request
structure. The B<signedContentIdentifier> field is set using I<id> and I<idlen>,
or it is set to 32 bytes of pseudo random data if I<id> is NULL.
If I<receiptList> is NULL the allOrFirstTier option in I<receiptsFrom> is used
and the property query I<propq> are used when retrieving algorithms from providers.
CMS_ReceiptRequest_create0() is similar to
-CMS_ReceiptRequest_create0_with_libctx() but uses default values of NULL for the
+CMS_ReceiptRequest_create0_ex() but uses default values of NULL for the
library context I<libctx> and the property query I<propq>.
The CMS_add1_ReceiptRequest() function adds a signed receipt request B<rr>
=head1 RETURN VALUES
-CMS_ReceiptRequest_create0_with_libctx() and CMS_ReceiptRequest_create0() return
+CMS_ReceiptRequest_create0_ex() and CMS_ReceiptRequest_create0() return
a signed receipt request structure or NULL if an error occurred.
CMS_add1_ReceiptRequest() returns 1 for success or 0 if an error occurred.
=head1 HISTORY
-The function CMS_ReceiptRequest_create0_with_libctx() was added in OpenSSL 3.0.
+The function CMS_ReceiptRequest_create0_ex() was added in OpenSSL 3.0.
=head1 COPYRIGHT
=head1 NAME
-CMS_sign, CMS_sign_with_libctx - create a CMS SignedData structure
+CMS_sign, CMS_sign_ex - create a CMS SignedData structure
=head1 SYNOPSIS
#include <openssl/cms.h>
- CMS_ContentInfo *CMS_sign_with_libctx(X509 *signcert, EVP_PKEY *pkey,
- STACK_OF(X509) *certs, BIO *data,
- unsigned int flags,
- OPENSSL_CTX *ctx, const char *propq);
+ CMS_ContentInfo *CMS_sign_ex(X509 *signcert, EVP_PKEY *pkey,
+ STACK_OF(X509) *certs, BIO *data,
+ unsigned int flags, OPENSSL_CTX *ctx,
+ const char *propq);
CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
BIO *data, unsigned int flags);
=head1 DESCRIPTION
-CMS_sign_with_libctx() creates and returns a CMS SignedData structure.
+CMS_sign_ex() creates and returns a CMS SignedData structure.
I<signcert> is the certificate to sign with, I<pkey> is the corresponding
private key. I<certs> is an optional additional set of certificates to include
in the CMS structure (for example any intermediate CAs in the chain). The
B<flags> is an optional set of flags.
-CMS_sign() is similar to CMS_sign_with_libctx() but uses default values of NULL
+CMS_sign() is similar to CMS_sign_ex() but uses default values of NULL
for the library context I<libctx> and the property query I<propq>.
=head1 NOTES
=head1 RETURN VALUES
-CMS_sign_with_libctx() and CMS_sign() return either a valid CMS_ContentInfo
+CMS_sign_ex() and CMS_sign() return either a valid CMS_ContentInfo
structure or NULL if an error occurred. The error can be obtained from
ERR_get_error(3).
The B<CMS_STREAM> flag is only supported for detached data in OpenSSL 0.9.8,
it is supported for embedded data in OpenSSL 1.0.0 and later.
-The CMS_sign_with_libctx() method was added in OpenSSL 3.0.
+The CMS_sign_ex() method was added in OpenSSL 3.0.
=head1 COPYRIGHT
=head1 SEE ALSO
L<config(5)>, L<OPENSSL_config(3)>,
-L<CONF_modules_load_file_with_libctx(3)>
+L<CONF_modules_load_file_ex(3)>
=head1 HISTORY
=head1 NAME
-CONF_modules_load_file_with_libctx, CONF_modules_load_file, CONF_modules_load
+CONF_modules_load_file_ex, CONF_modules_load_file, CONF_modules_load
- OpenSSL configuration functions
=head1 SYNOPSIS
#include <openssl/conf.h>
- int CONF_modules_load_file_with_libctx(OPENSSL_CTX *libctx,
- const char *filename,
- const char *appname, unsigned long flags);
+ int CONF_modules_load_file_ex(OPENSSL_CTX *libctx, const char *filename,
+ const char *appname, unsigned long flags);
int CONF_modules_load_file(const char *filename, const char *appname,
unsigned long flags);
int CONF_modules_load(const CONF *cnf, const char *appname,
=head1 DESCRIPTION
-The function CONF_modules_load_file_with_libctx() configures OpenSSL using
+The function CONF_modules_load_file_ex() configures OpenSSL using
library context B<libctx> file B<filename> and application name B<appname>.
If B<filename> is NULL the standard OpenSSL configuration file is used.
If B<appname> is NULL the standard OpenSSL application name B<openssl_conf> is
The behaviour can be customized using B<flags>. Note that, the error suppressing
can be overriden by B<config_diagnostics> as described in L<config(5)>.
-CONF_modules_load_file() is the same as CONF_modules_load_file_with_libctx() but
+CONF_modules_load_file() is the same as CONF_modules_load_file_ex() but
has a NULL library context.
CONF_modules_load() is identical to CONF_modules_load_file() except it
This is used by default in L<OPENSSL_init_crypto(3)> to ignore any errors in
the default system-wide configuration file, as having all OpenSSL applications
fail to start when there are potentially minor issues in the file is too risky.
-Applications calling B<CONF_modules_load_file_with_libctx> explicitly should not
+Applications calling B<CONF_modules_load_file_ex> explicitly should not
generally set this flag.
If B<CONF_MFLAGS_NO_DSO> is set configuration module loading from DSOs is
B<CONF_MFLAGS_DEFAULT_SECTION> if set and B<appname> is not NULL will use the
default section pointed to by B<openssl_conf> if B<appname> does not exist.
-By using CONF_modules_load_file_with_libctx() with appropriate flags an
+By using CONF_modules_load_file_ex() with appropriate flags an
application can customise application configuration to best suit its needs.
In some cases the use of a configuration file is optional and its absence is not
an error: in this case B<CONF_MFLAGS_IGNORE_MISSING_FILE> would be set.
Load a configuration file and print out any errors and exit (missing file
considered fatal):
- if (CONF_modules_load_file_with_libctx(libctx, NULL, NULL, 0) <= 0) {
+ if (CONF_modules_load_file_ex(libctx, NULL, NULL, 0) <= 0) {
fprintf(stderr, "FATAL: error loading configuration file\n");
ERR_print_errors_fp(stderr);
exit(1);
Load default configuration file using the section indicated by "myapp",
tolerate missing files, but exit on other errors:
- if (CONF_modules_load_file_with_libctx(NULL, NULL, "myapp",
- CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0) {
+ if (CONF_modules_load_file_ex(NULL, NULL, "myapp",
+ CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0) {
fprintf(stderr, "FATAL: error loading configuration file\n");
ERR_print_errors_fp(stderr);
exit(1);
Load custom configuration file and section, only print warnings on error,
missing configuration file ignored:
- if (CONF_modules_load_file_with_libctx(NULL, "/something/app.cnf", "myapp",
- CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0) {
+ if (CONF_modules_load_file_ex(NULL, "/something/app.cnf", "myapp",
+ CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0) {
fprintf(stderr, "WARNING: error loading configuration file\n");
ERR_print_errors_fp(stderr);
}
fprintf(stderr, "Error opening configuration file\n");
/* Other missing configuration file behaviour */
} else {
- cnf = NCONF_new_with_libctx(libctx, NULL);
+ cnf = NCONF_new_ex(libctx, NULL);
if (NCONF_load_fp(cnf, fp, &eline) == 0) {
fprintf(stderr, "Error on line %ld of configuration file\n", eline);
ERR_print_errors_fp(stderr);
L<config(5)>,
L<OPENSSL_config(3)>,
-L<NCONF_new_with_libctx(3)>
+L<NCONF_new_ex(3)>
=head1 COPYRIGHT
=head1 NAME
-CTLOG_STORE_new_with_libctx,
+CTLOG_STORE_new_ex,
CTLOG_STORE_new, CTLOG_STORE_free,
CTLOG_STORE_load_default_file, CTLOG_STORE_load_file -
Create and populate a Certificate Transparency log list
#include <openssl/ct.h>
- CTLOG_STORE *CTLOG_STORE_new_with_libctx(OPENSSL_CTX *libctx,
- const char *propq);
+ CTLOG_STORE *CTLOG_STORE_new_ex(OPENSSL_CTX *libctx, const char *propq);
CTLOG_STORE *CTLOG_STORE_new(void);
void CTLOG_STORE_free(CTLOG_STORE *store);
logs). The list can be loaded from one or more files and then searched by LogID
(see RFC 6962, Section 3.2, for the definition of a LogID).
-CTLOG_STORE_new_with_libctx() creates an empty list of CT logs associated with
+CTLOG_STORE_new_ex() creates an empty list of CT logs associated with
the library context I<libctx> and the property query string I<propq>.
-CTLOG_STORE_new() does the same thing as CTLOG_STORE_new_with_libctx() but with
+CTLOG_STORE_new() does the same thing as CTLOG_STORE_new_ex() but with
the default library context and property query string.
The CTLOG_STORE is then populated by CTLOG_STORE_load_default_file() or
=head1 HISTORY
-CTLOG_STORE_new_with_libctx was added in OpenSSL 3.0. All other functions were
+CTLOG_STORE_new_ex was added in OpenSSL 3.0. All other functions were
added in OpenSSL 1.1.0.
=head1 COPYRIGHT
=head1 NAME
-CTLOG_new_with_libctx, CTLOG_new, CTLOG_new_from_base64,
-CTLOG_new_from_base64_with_libctx, CTLOG_free,
+CTLOG_new_ex, CTLOG_new, CTLOG_new_from_base64,
+CTLOG_new_from_base64_ex, CTLOG_free,
CTLOG_get0_name, CTLOG_get0_log_id, CTLOG_get0_public_key -
encapsulates information about a Certificate Transparency log
#include <openssl/ct.h>
- CTLOG *CTLOG_new_with_libctx(EVP_PKEY *public_key, const char *name,
- OPENSSL_CTX *libctx, const char *propq);
+ CTLOG *CTLOG_new_ex(EVP_PKEY *public_key, const char *name,
+ OPENSSL_CTX *libctx, const char *propq);
CTLOG *CTLOG_new(EVP_PKEY *public_key, const char *name);
- int CTLOG_new_from_base64_with_libctx(CTLOG **ct_log, const char *pkey_base64,
- const char *name, OPENSSL_CTX *libctx,
- const char *propq);
+ int CTLOG_new_from_base64_ex(CTLOG **ct_log, const char *pkey_base64,
+ const char *name, OPENSSL_CTX *libctx,
+ const char *propq);
int CTLOG_new_from_base64(CTLOG ** ct_log,
const char *pkey_base64, const char *name);
void CTLOG_free(CTLOG *log);
=head1 DESCRIPTION
-CTLOG_new_with_libctx() returns a new CTLOG that represents the Certificate
+CTLOG_new_ex() returns a new CTLOG that represents the Certificate
Transparency (CT) log with the given public key and associates it with the
library context I<libctx> and property query string I<propq>. A name must also
be provided that can be used to help users identify this log. Ownership of the
public key is transferred.
-CTLOG_new() does the same thing as CTLOG_new_with_libctx() but with the default
+CTLOG_new() does the same thing as CTLOG_new_ex() but with the default
library context and the default property query string.
-CTLOG_new_from_base64_with_libctx() also creates a new CTLOG, but takes the
+CTLOG_new_from_base64_ex() also creates a new CTLOG, but takes the
public key in base64-encoded DER form and sets the ct_log pointer to point to
the new CTLOG. The base64 will be decoded and the public key parsed. The CTLOG
will be associated with the given library context I<libctx> and property query
string I<propq>.
CTLOG_new_from_base64() does the same thing as
-CTLOG_new_from_base64_with_libctx() except that the default library context and
+CTLOG_new_from_base64_ex() except that the default library context and
property query string are used.
Regardless of whether CTLOG_new() or CTLOG_new_from_base64() is used, it is the
=head1 HISTORY
-The functions CTLOG_new_with_libctx() and CTLOG_new_from_base64_with_libctx()
+The functions CTLOG_new_with_libctx() and CTLOG_new_from_base64_ex()
were added in OpenSSL 3.0. All other functions were added in OpenSSL 1.1.0.
=head1 COPYRIGHT
=head1 NAME
-CT_POLICY_EVAL_CTX_new_with_libctx,
+CT_POLICY_EVAL_CTX_new_ex,
CT_POLICY_EVAL_CTX_new, CT_POLICY_EVAL_CTX_free,
CT_POLICY_EVAL_CTX_get0_cert, CT_POLICY_EVAL_CTX_set1_cert,
CT_POLICY_EVAL_CTX_get0_issuer, CT_POLICY_EVAL_CTX_set1_issuer,
#include <openssl/ct.h>
- CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new_with_libctx(OPENSSL_CTX *libctx,
- const char *propq);
+ CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new_ex(OPENSSL_CTX *libctx,
+ const char *propq);
CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new(void);
void CT_POLICY_EVAL_CTX_free(CT_POLICY_EVAL_CTX *ctx);
X509* CT_POLICY_EVAL_CTX_get0_cert(const CT_POLICY_EVAL_CTX *ctx);
The above requirements are met using the setters described below.
-CT_POLICY_EVAL_CTX_new_with_libctx() creates an empty policy evaluation context
+CT_POLICY_EVAL_CTX_new_ex() creates an empty policy evaluation context
and associates it with the given library context I<libctx> and property query
string I<propq>.
CT_POLICY_EVAL_CTX_new() does the same thing as
-CT_POLICY_EVAL_CTX_new_with_libctx() except that it uses the default library
+CT_POLICY_EVAL_CTX_new_ex() except that it uses the default library
context and property query string.
The CT_POLICY_EVAL_CTX should then be populated using:
=head1 RETURN VALUES
-CT_POLICY_EVAL_CTX_new_with_libctx() and CT_POLICY_EVAL_CTX_new() will return
+CT_POLICY_EVAL_CTX_new_ex() and CT_POLICY_EVAL_CTX_new() will return
NULL if malloc fails.
=head1 SEE ALSO
=head1 HISTORY
-CT_POLICY_EVAL_CTX_new_with_libctx was added in OpenSSL 3.0. All other
+CT_POLICY_EVAL_CTX_new_ex was added in OpenSSL 3.0. All other
functions were added in OpenSSL 1.1.0.
=head1 COPYRIGHT
EC_GROUP_clear_free,
EC_GROUP_new_curve_GFp,
EC_GROUP_new_curve_GF2m,
-EC_GROUP_new_by_curve_name_with_libctx,
+EC_GROUP_new_by_curve_name_ex,
EC_GROUP_new_by_curve_name,
EC_GROUP_set_curve,
EC_GROUP_get_curve,
const BIGNUM *b, BN_CTX *ctx);
EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a,
const BIGNUM *b, BN_CTX *ctx);
- EC_GROUP *EC_GROUP_new_by_curve_name_with_libctx(OPENSSL_CTX *libctx,
- const char *propq, int nid);
+ EC_GROUP *EC_GROUP_new_by_curve_name_ex(OPENSSL_CTX *libctx, const char *propq,
+ int nid);
EC_GROUP *EC_GROUP_new_by_curve_name(int nid);
int EC_GROUP_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
readable comment string describing the curve.
In order to construct a built-in curve use the function
-EC_GROUP_new_by_curve_name_with_libctx() and provide the I<nid> of the curve to
+EC_GROUP_new_by_curve_name_ex() and provide the I<nid> of the curve to
be constructed, the associated library context to be used in I<ctx> (see
L<OPENSSL_CTX(3)>) and any property query string in I<propq>. The I<ctx> value
may be NULL in which case the default library context is used. The I<propq>
value may also be NULL.
EC_GROUP_new_by_curve_name() is the same as
-EC_GROUP_new_by_curve_name_with_libctx() except that the default library context
+EC_GROUP_new_by_curve_name_ex() except that the default library context
is always used along with a NULL property query string.
EC_GROUP_free() frees the memory associated with the EC_GROUP.
EC_GROUP_new() was deprecated in OpenSSL 3.0.
-EC_GROUP_new_by_curve_name_with_libctx() and EC_GROUP_new_from_params() were
+EC_GROUP_new_by_curve_name_ex() and EC_GROUP_new_from_params() were
added in OpenSSL 3.0.
=item *
=head1 NAME
-EC_KEY_get_method, EC_KEY_set_method, EC_KEY_new_with_libctx,
+EC_KEY_get_method, EC_KEY_set_method, EC_KEY_new_ex,
EC_KEY_new, EC_KEY_get_flags, EC_KEY_set_flags, EC_KEY_clear_flags,
-EC_KEY_new_by_curve_name_with_libctx, EC_KEY_new_by_curve_name, EC_KEY_free,
+EC_KEY_new_by_curve_name_ex, EC_KEY_new_by_curve_name, EC_KEY_free,
EC_KEY_copy, EC_KEY_dup, EC_KEY_up_ref, EC_KEY_get0_engine,
EC_KEY_get0_group, EC_KEY_set_group, EC_KEY_get0_private_key,
EC_KEY_set_private_key, EC_KEY_get0_public_key, EC_KEY_set_public_key,
#include <openssl/ec.h>
- EC_KEY *EC_KEY_new_with_libctx(OPENSSL_CTX *ctx, const char *propq);
+ EC_KEY *EC_KEY_new_ex(OPENSSL_CTX *ctx, const char *propq);
EC_KEY *EC_KEY_new(void);
int EC_KEY_get_flags(const EC_KEY *key);
void EC_KEY_set_flags(EC_KEY *key, int flags);
void EC_KEY_clear_flags(EC_KEY *key, int flags);
- EC_KEY *EC_KEY_new_by_curve_name_with_libctx(OPENSSL_CTX *ctx,
- const char *propq, int nid);
+ EC_KEY *EC_KEY_new_by_curve_name_ex(OPENSSL_CTX *ctx, const char *propq,
+ int nid);
EC_KEY *EC_KEY_new_by_curve_name(int nid);
void EC_KEY_free(EC_KEY *key);
EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
context is always used.
Alternatively a new EC_KEY can be constructed by calling
-EC_KEY_new_by_curve_name_with_libctx() and supplying the nid of the associated
+EC_KEY_new_by_curve_name_ex() and supplying the nid of the associated
curve, the library context to be used I<ctx> (see L<OPENSSL_CTX(3)>) and any
property query string I<propq>.
The I<ctx> parameter may be NULL in which case the default library context is
used. The I<propq> value may also be NULL.
See L<EC_GROUP_new(3)> for a description of curve names.
This function simply wraps calls to EC_KEY_new_ex() and
-EC_GROUP_new_by_curve_name_with_libctx().
+EC_GROUP_new_by_curve_name_ex().
-EC_KEY_new_by_curve_name() is the same as EC_KEY_new_by_curve_name_with_libctx()
+EC_KEY_new_by_curve_name() is the same as EC_KEY_new_by_curve_name_ex()
except that the default library context is always used and a NULL property query
string.
=head1 RETURN VALUES
-EC_KEY_new_with_libctx(), EC_KEY_new(), EC_KEY_new_by_curve_name_with_libctx(),
+EC_KEY_new_with_libctx(), EC_KEY_new(), EC_KEY_new_by_curve_name_ex(),
EC_KEY_new_by_curve_name() and EC_KEY_dup() return a pointer to the newly
created EC_KEY object, or NULL on error.
=head1 NAME
-EVP_DigestSignInit_with_libctx, EVP_DigestSignInit, EVP_DigestSignUpdate,
+EVP_DigestSignInit_ex, EVP_DigestSignInit, EVP_DigestSignUpdate,
EVP_DigestSignFinal, EVP_DigestSign - EVP signing functions
=head1 SYNOPSIS
#include <openssl/evp.h>
- int EVP_DigestSignInit_with_libctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
- const char *mdname,
- OPENSSL_CTX *libctx, const char *props,
- EVP_PKEY *pkey);
+ int EVP_DigestSignInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+ const char *mdname, OPENSSL_CTX *libctx,
+ const char *props, EVP_PKEY *pkey);
int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
The EVP signature routines are a high-level interface to digital signatures.
Input data is digested first before the signing takes place.
-EVP_DigestSignInit_with_libctx() sets up signing context I<ctx> to use a digest
+EVP_DigestSignInit_ex() sets up signing context I<ctx> to use a digest
with the name I<mdname> and private key I<pkey>. The name of the digest to be
used is passed to the provider of the signature algorithm in use. How that
provider interprets the digest name is provider specific. The provider may
to I<*pctx>: this can be used to set alternative signing options. Note that any
existing value in I<*pctx> is overwritten. The EVP_PKEY_CTX value returned must
not be freed directly by the application if I<ctx> is not assigned an
-EVP_PKEY_CTX value before being passed to EVP_DigestSignInit_with_libctx()
-(which means the EVP_PKEY_CTX is created inside EVP_DigestSignInit_with_libctx()
+EVP_PKEY_CTX value before being passed to EVP_DigestSignInit_ex()
+(which means the EVP_PKEY_CTX is created inside EVP_DigestSignInit_ex()
and it will be freed automatically when the EVP_MD_CTX is freed). If the
-EVP_PKEY_CTX to be used is created by EVP_DigestSignInit_with_libctx then it
+EVP_PKEY_CTX to be used is created by EVP_DigestSignInit_ex then it
will use the B<OPENSSL_CTX> specified in I<libctx> and the property query string
specified in I<props>.
The digest I<mdname> may be NULL if the signing algorithm supports it. The
I<props> argument can always be NULL.
-No B<EVP_PKEY_CTX> will be created by EVP_DigestSignInit_with_libctx() if the
+No B<EVP_PKEY_CTX> will be created by EVP_DigestSignInit_ex() if the
passed I<ctx> has already been assigned one via L<EVP_MD_CTX_set_pkey_ctx(3)>.
See also L<SM2(7)>.
If RSA-PSS is used and restrictions apply then the digest must match.
-EVP_DigestSignInit() works in the same way as EVP_DigestSignInit_with_libctx()
+EVP_DigestSignInit() works in the same way as EVP_DigestSignInit_ex()
except that the I<mdname> parameter will be inferred from the supplied
digest I<type>, and I<props> will be NULL. Where supplied the ENGINE I<e> will
be used for the signing and digest algorithm implementations. I<e> may be NULL.
EVP_DigestSignInit(), EVP_DigestSignUpdate() and EVP_DigestSignFinal()
were added in OpenSSL 1.0.0.
-EVP_DigestSignInit_with_libctx() was added in OpenSSL 3.0.
+EVP_DigestSignInit_ex() was added in OpenSSL 3.0.
EVP_DigestSignUpdate() was converted from a macro to a function in OpenSSL 3.0.
=head1 NAME
-EVP_DigestVerifyInit_with_libctx, EVP_DigestVerifyInit, EVP_DigestVerifyUpdate,
+EVP_DigestVerifyInit_ex, EVP_DigestVerifyInit, EVP_DigestVerifyUpdate,
EVP_DigestVerifyFinal, EVP_DigestVerify - EVP signature verification functions
=head1 SYNOPSIS
#include <openssl/evp.h>
- int EVP_DigestVerifyInit_with_libctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
- const char *mdname,
- OPENSSL_CTX *libctx, const char *props,
- EVP_PKEY *pkey);
+ int EVP_DigestVerifyInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+ const char *mdname, OPENSSL_CTX *libctx,
+ const char *props, EVP_PKEY *pkey);
int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
The EVP signature routines are a high-level interface to digital signatures.
Input data is digested first before the signature verification takes place.
-EVP_DigestVerifyInit_with_libctx() sets up verification context B<ctx> to use a
+EVP_DigestVerifyInit_ex() sets up verification context B<ctx> to use a
digest with the name B<mdname> and public key B<pkey>. The name of the digest to
be used is passed to the provider of the signature algorithm in use. How that
provider interprets the digest name is provider specific. The provider may
written to B<*pctx>: this can be used to set alternative verification options.
Note that any existing value in B<*pctx> is overwritten. The EVP_PKEY_CTX value
returned must not be freed directly by the application if B<ctx> is not assigned
-an EVP_PKEY_CTX value before being passed to EVP_DigestVerifyInit_with_libctx()
+an EVP_PKEY_CTX value before being passed to EVP_DigestVerifyInit_ex()
(which means the EVP_PKEY_CTX is created inside
-EVP_DigestVerifyInit_with_libctx() and it will be freed automatically when the
+EVP_DigestVerifyInit_ex() and it will be freed automatically when the
EVP_MD_CTX is freed). If the EVP_PKEY_CTX to be used is created by
-EVP_DigestVerifyInit_with_libctx then it will use the B<OPENSSL_CTX> specified
+EVP_DigestVerifyInit_ex then it will use the B<OPENSSL_CTX> specified
in I<libctx> and the property query string specified in I<props>.
-No B<EVP_PKEY_CTX> will be created by EVP_DigestSignInit_with_libctx() if the
+No B<EVP_PKEY_CTX> will be created by EVP_DigestSignInit_ex() if the
passed B<ctx> has already been assigned one via L<EVP_MD_CTX_set_pkey_ctx(3)>.
See also L<SM2(7)>.
If RSA-PSS is used and restrictions apply then the digest must match.
EVP_DigestVerifyInit() works in the same way as
-EVP_DigestVerifyInit_with_libctx() except that the B<mdname> parameter will be
+EVP_DigestVerifyInit_ex() except that the B<mdname> parameter will be
inferred from the supplied digest B<type>, and B<props> will be NULL. Where
supplied the ENGINE B<e> will be used for the signature verification and digest
algorithm implementations. B<e> may be NULL.
EVP_DigestVerifyInit(), EVP_DigestVerifyUpdate() and EVP_DigestVerifyFinal()
were added in OpenSSL 1.0.0.
-EVP_DigestVerifyInit_with_libctx() was added in OpenSSL 3.0.
+EVP_DigestVerifyInit_ex() was added in OpenSSL 3.0.
EVP_DigestVerifyUpdate() was converted from a macro to a function in OpenSSL
3.0.
EVP_PKEY_new,
EVP_PKEY_up_ref,
EVP_PKEY_free,
-EVP_PKEY_new_raw_private_key_with_libctx,
+EVP_PKEY_new_raw_private_key_ex,
EVP_PKEY_new_raw_private_key,
-EVP_PKEY_new_raw_public_key_with_libctx,
+EVP_PKEY_new_raw_public_key_ex,
EVP_PKEY_new_raw_public_key,
-EVP_PKEY_new_CMAC_key_with_libctx,
+EVP_PKEY_new_CMAC_key_ex,
EVP_PKEY_new_CMAC_key,
EVP_PKEY_new_mac_key,
EVP_PKEY_get_raw_private_key,
int EVP_PKEY_up_ref(EVP_PKEY *key);
void EVP_PKEY_free(EVP_PKEY *key);
- EVP_PKEY *EVP_PKEY_new_raw_private_key_with_libctx(OPENSSL_CTX *libctx,
- const char *keytype,
- const char *propq,
- const unsigned char *key,
- size_t keylen);
+ EVP_PKEY *EVP_PKEY_new_raw_private_key_ex(OPENSSL_CTX *libctx,
+ const char *keytype,
+ const char *propq,
+ const unsigned char *key,
+ size_t keylen);
EVP_PKEY *EVP_PKEY_new_raw_private_key(int type, ENGINE *e,
const unsigned char *key, size_t keylen);
- EVP_PKEY *EVP_PKEY_new_raw_public_key_with_libctx(OPENSSL_CTX *libctx,
- const char *keytype,
- const char *propq,
- const unsigned char *key,
- size_t keylen);
+ EVP_PKEY *EVP_PKEY_new_raw_public_key_ex(OPENSSL_CTX *libctx,
+ const char *keytype,
+ const char *propq,
+ const unsigned char *key,
+ size_t keylen);
EVP_PKEY *EVP_PKEY_new_raw_public_key(int type, ENGINE *e,
const unsigned char *key, size_t keylen);
- EVP_PKEY *EVP_PKEY_new_CMAC_key_with_libctx(const unsigned char *priv,
- size_t len,
- const char *cipher_name,
- OPENSSL_CTX *libctx,
- const char *propq);
+ EVP_PKEY *EVP_PKEY_new_CMAC_key_ex(const unsigned char *priv, size_t len,
+ const char *cipher_name,
+ OPENSSL_CTX *libctx, const char *propq);
EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv,
size_t len, const EVP_CIPHER *cipher);
EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e, const unsigned char *key,
EVP_PKEY_free() decrements the reference count of I<key> and, if the reference
count is zero, frees it up. If I<key> is NULL, nothing is done.
-EVP_PKEY_new_raw_private_key_with_libctx() allocates a new B<EVP_PKEY>. Unless
+EVP_PKEY_new_raw_private_key_ex() allocates a new B<EVP_PKEY>. Unless
an engine should be used for the key type, a provider for the key is found using
the library context I<libctx> and the property query string I<propq>. The
I<keytype> argument indicates what kind of key this is. The value should be a
derived from the given private key data (if appropriate for the algorithm type).
EVP_PKEY_new_raw_private_key() does the same as
-EVP_PKEY_new_raw_private_key_with_libctx() except that the default library
+EVP_PKEY_new_raw_private_key_ex() except that the default library
context and default property query are used instead. If I<e> is non-NULL then
the new B<EVP_PKEY> structure is associated with the engine I<e>. The I<type>
argument indicates what kind of key this is. The value should be a NID for a
public key algorithm that supports raw private keys, i.e. one of
B<EVP_PKEY_POLY1305>, B<EVP_PKEY_SIPHASH>, B<EVP_PKEY_X25519>,
B<EVP_PKEY_ED25519>, B<EVP_PKEY_X448> or B<EVP_PKEY_ED448>. As for
-EVP_PKEY_new_raw_private_key_with_libctx() you may also use B<EVP_PKEY_HMAC>.
+EVP_PKEY_new_raw_private_key_ex() you may also use B<EVP_PKEY_HMAC>.
-EVP_PKEY_new_raw_public_key_with_libctx() works in the same way as
-EVP_PKEY_new_raw_private_key_with_libctx() except that I<key> points to the raw
+EVP_PKEY_new_raw_public_key_ex() works in the same way as
+EVP_PKEY_new_raw_private_key_ex() except that I<key> points to the raw
public key data. The B<EVP_PKEY> structure will be initialised without any
private key information. Algorithm types that support raw public keys are
"X25519", "ED25519", "X448" or "ED448".
information. Algorithm types that support raw public keys are
B<EVP_PKEY_X25519>, B<EVP_PKEY_ED25519>, B<EVP_PKEY_X448> or B<EVP_PKEY_ED448>.
-EVP_PKEY_new_CMAC_key_with_libctx() works in the same way as
+EVP_PKEY_new_CMAC_key_ex() works in the same way as
EVP_PKEY_new_raw_private_key() except it is only for the B<EVP_PKEY_CMAC>
algorithm type. In addition to the raw private key data, it also takes a cipher
algorithm to be used during creation of a CMAC in the I<cipher> argument. The
and property query I<propq> which are used when fetching any cryptographic
algorithms which may be NULL to use the default values.
-EVP_PKEY_new_CMAC_key() is the same as EVP_PKEY_new_CMAC_key_with_libctx()
+EVP_PKEY_new_CMAC_key() is the same as EVP_PKEY_new_CMAC_key_ex()
except that the default values are used for I<libctx> and I<propq>.
EVP_PKEY_new_mac_key() works in the same way as EVP_PKEY_new_raw_private_key().
EVP_PKEY_new_CMAC_key(), EVP_PKEY_new_raw_private_key() and
EVP_PKEY_get_raw_public_key() functions were added in OpenSSL 1.1.1.
-The EVP_PKEY_new_raw_private_key_with_libctx(),
-EVP_PKEY_new_raw_public_key_with_libctx() and
-EVP_PKEY_new_CMAC_key_with_libctx() functions were added in OpenSSL 3.0.
+The EVP_PKEY_new_raw_private_key_ex(),
+EVP_PKEY_new_raw_public_key_ex() and
+EVP_PKEY_new_CMAC_key_ex() functions were added in OpenSSL 3.0.
=head1 COPYRIGHT
=head1 NAME
EVP_SignInit, EVP_SignInit_ex, EVP_SignUpdate,
-EVP_SignFinal_with_libctx, EVP_SignFinal
+EVP_SignFinal_ex, EVP_SignFinal
- EVP signing functions
=head1 SYNOPSIS
int EVP_SignInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
int EVP_SignUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
- int EVP_SignFinal_with_libctx(EVP_MD_CTX *ctx, unsigned char *md,
- unsigned int *s, EVP_PKEY *pkey,
- OPENSSL_CTX *libctx, const char *propq);
+ int EVP_SignFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s,
+ EVP_PKEY *pkey, OPENSSL_CTX *libctx, const char *propq);
int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sig, unsigned int *s,
EVP_PKEY *pkey);
signature context I<ctx>. This function can be called several times on the
same I<ctx> to include additional data.
-EVP_SignFinal_with_libctx() signs the data in I<ctx> using the private key
+EVP_SignFinal_ex() signs the data in I<ctx> using the private key
I<pkey> and places the signature in I<sig>. The library context I<libctx> and
property query I<propq> are used when creating a context to use with the key
I<pkey>. I<sig> must be at least C<EVP_PKEY_size(pkey)> bytes in size. I<s> is
will be written to the integer at I<s>, at most C<EVP_PKEY_size(pkey)> bytes
will be written.
-EVP_SignFinal() is similar to EVP_SignFinal_with_libctx() but uses default
+EVP_SignFinal() is similar to EVP_SignFinal_ex() but uses default
values of NULL for the library context I<libctx> and the property query I<propq>.
EVP_SignInit() initializes a signing context I<ctx> to use the default
=head1 RETURN VALUES
-EVP_SignInit_ex(), EVP_SignUpdate(), EVP_SignFinal_with_libctx() and
+EVP_SignInit_ex(), EVP_SignUpdate(), EVP_SignFinal_ex() and
EVP_SignFinal() return 1 for success and 0 for failure.
The error codes can be obtained by L<ERR_get_error(3)>.
=head1 HISTORY
-The function EVP_SignFinal_with_libctx() was added in OpenSSL 3.0.
+The function EVP_SignFinal_ex() was added in OpenSSL 3.0.
=head1 COPYRIGHT
=head1 NAME
EVP_VerifyInit_ex,
-EVP_VerifyInit, EVP_VerifyUpdate, EVP_VerifyFinal_with_libctx, EVP_VerifyFinal
+EVP_VerifyInit, EVP_VerifyUpdate, EVP_VerifyFinal_ex, EVP_VerifyFinal
- EVP signature verification functions
=head1 SYNOPSIS
int EVP_VerifyInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
int EVP_VerifyUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
- int EVP_VerifyFinal_with_libctx(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
- unsigned int siglen, EVP_PKEY *pkey,
- OPENSSL_CTX *libctx, const char *propq);
+ int EVP_VerifyFinal_ex(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
+ unsigned int siglen, EVP_PKEY *pkey,
+ OPENSSL_CTX *libctx, const char *propq);
int EVP_VerifyFinal(EVP_MD_CTX *ctx, unsigned char *sigbuf, unsigned int siglen,
EVP_PKEY *pkey);
verification context I<ctx>. This function can be called several times on the
same I<ctx> to include additional data.
-EVP_VerifyFinal_with_libctx() verifies the data in I<ctx> using the public key
+EVP_VerifyFinal_ex() verifies the data in I<ctx> using the public key
I<pkey> and I<siglen> bytes in I<sigbuf>.
The library context I<libctx> and property query I<propq> are used when creating
a context to use with the key I<pkey>.
-EVP_VerifyFinal() is similar to EVP_VerifyFinal_with_libctx() but uses default
+EVP_VerifyFinal() is similar to EVP_VerifyFinal_ex() but uses default
values of NULL for the library context I<libctx> and the property query I<propq>.
EVP_VerifyInit() initializes verification context I<ctx> to use the default
EVP_VerifyInit_ex() and EVP_VerifyUpdate() return 1 for success and 0 for
failure.
-EVP_VerifyFinal()_with_libctx() and EVP_VerifyFinal() return 1 for a correct
+EVP_VerifyFinal()_ex() and EVP_VerifyFinal() return 1 for a correct
signature, 0 for failure and -1 if some other error occurred.
The error codes can be obtained by L<ERR_get_error(3)>.
head1 HISTORY
-The function EVP_VerifyFinal_with_libctx() was added in OpenSSL 3.0.
+The function EVP_VerifyFinal_ex() was added in OpenSSL 3.0.
=head1 COPYRIGHT
=head1 NAME
-NCONF_new_with_libctx, NCONF_new, NCONF_free, NCONF_default, NCONF_load
+NCONF_new_ex, NCONF_new, NCONF_free, NCONF_default, NCONF_load
- functionality to Load and parse configuration files manually
=head1 SYNOPSIS
#include <openssl/conf.h>
- CONF *NCONF_new_with_libctx(OPENSSL_CTX *libctx, CONF_METHOD *meth);
+ CONF *NCONF_new_ex(OPENSSL_CTX *libctx, CONF_METHOD *meth);
CONF *NCONF_new(CONF_METHOD *meth);
void NCONF_free(CONF *conf);
CONF_METHOD *NCONF_default(void);
=head1 DESCRIPTION
-NCONF_new_with_libctx() creates a new CONF object in heap memory and assigns to
+NCONF_new_ex() creates a new CONF object in heap memory and assigns to
it a context I<libctx> that can be used during loading. If the method table
I<meth> is set to NULL then the default value of NCONF_default() is used.
-NCONF_new() is similar to NCONF_new_with_libctx() but sets the I<libctx> to NULL.
+NCONF_new() is similar to NCONF_new_ex() but sets the I<libctx> to NULL.
NCONF_free() frees the data associated with I<conf> and then frees the I<conf>
object.
NCONF_load() returns 1 on success or 0 on error.
-NCONF_new_with_libctx() and NCONF_new() return a newly created I<CONF> object
+NCONF_new_ex() and NCONF_new() return a newly created I<CONF> object
or NULL if an error occurs.
=head1 SEE ALSO
=head1 HISTORY
-NCONF_new_with_libctx() was added in OpenSSL 3.0.
+NCONF_new_ex() was added in OpenSSL 3.0.
=head1 COPYRIGHT
OSSL_STORE_LOADER_names_do_all,
OSSL_STORE_LOADER_CTX, OSSL_STORE_LOADER_new,
OSSL_STORE_LOADER_get0_engine, OSSL_STORE_LOADER_get0_scheme,
-OSSL_STORE_LOADER_set_open, OSSL_STORE_LOADER_set_open_with_libctx,
+OSSL_STORE_LOADER_set_open, OSSL_STORE_LOADER_set_open_ex,
OSSL_STORE_LOADER_set_attach, OSSL_STORE_LOADER_set_ctrl,
OSSL_STORE_LOADER_set_expect, OSSL_STORE_LOADER_set_find,
OSSL_STORE_LOADER_set_load, OSSL_STORE_LOADER_set_eof,
OSSL_STORE_LOADER_set_error, OSSL_STORE_LOADER_set_close,
OSSL_STORE_register_loader, OSSL_STORE_unregister_loader,
-OSSL_STORE_open_fn, OSSL_STORE_open_with_libctx_fn,
+OSSL_STORE_open_fn, OSSL_STORE_open_ex_fn,
OSSL_STORE_attach_fn, OSSL_STORE_ctrl_fn,
OSSL_STORE_expect_fn, OSSL_STORE_find_fn,
OSSL_STORE_load_fn, OSSL_STORE_eof_fn, OSSL_STORE_error_fn,
const char *uri, const UI_METHOD *ui_method, void *ui_data);
int OSSL_STORE_LOADER_set_open(OSSL_STORE_LOADER *store_loader,
OSSL_STORE_open_fn store_open_function);
- typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_with_libctx_fn)(
+ typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_ex_fn)(
const char *uri, const UI_METHOD *ui_method, void *ui_data);
- int OSSL_STORE_LOADER_set_open_with_libctx
+ int OSSL_STORE_LOADER_set_open_ex
(OSSL_STORE_LOADER *store_loader,
- OSSL_STORE_open_with_libctx_fn store_open_with_libctx_function);
+ OSSL_STORE_open_ex_fn store_open_ex_function);
typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_attach_fn)
(const OSSL_STORE_LOADER *loader, BIO *bio,
OPENSSL_CTX *libctx, const char *propq,
=head1 DESCRIPTION
B<OSSL_STORE_LOADER> is a method for OSSL_STORE loaders, which implement
-OSSL_STORE_open(), OSSL_STORE_open_with_libctx(), OSSL_STORE_load(),
+OSSL_STORE_open(), OSSL_STORE_open_ex(), OSSL_STORE_load(),
OSSL_STORE_eof(), OSSL_STORE_error() and OSSL_STORE_close() for specific
storage schemes.
B<OSSL_STORE_LOADER_CTX> is a type template, to be defined by each loader
using C<struct ossl_store_loader_ctx_st { ... }>.
-B<OSSL_STORE_open_fn>, B<OSSL_STORE_open_with_libctx_fn>,
+B<OSSL_STORE_open_fn>, B<OSSL_STORE_open_ex_fn>,
B<OSSL_STORE_ctrl_fn>, B<OSSL_STORE_expect_fn>, B<OSSL_STORE_find_fn>,
B<OSSL_STORE_load_fn>, B<OSSL_STORE_eof_fn>, and B<OSSL_STORE_close_fn>
are the function pointer types used within a STORE loader.
=over 4
-=item B<OSSL_STORE_open_fn> and B<OSSL_STORE_open_with_libctx_fn>
+=item B<OSSL_STORE_open_fn> and B<OSSL_STORE_open_ex_fn>
-B<OSSL_STORE_open_with_libctx_fn> takes a URI and is expected to
+B<OSSL_STORE_open_ex_fn> takes a URI and is expected to
interpret it in the best manner possible according to the scheme the
loader implements. It also takes a B<UI_METHOD> and associated data,
to be used any time something needs to be prompted for, as well as a
If something goes wrong, this function is expected to return NULL.
B<OSSL_STORE_open_fn> does the same thing as
-B<OSSL_STORE_open_with_libctx_fn> but uses NULL for the library
+B<OSSL_STORE_open_ex_fn> but uses NULL for the library
context I<libctx> and property query I<propq>.
=item B<OSSL_STORE_attach_fn>
This function takes a B<BIO>, otherwise works like
-B<OSSL_STORE_open_with_libctx_fn>.
+B<OSSL_STORE_open_ex_fn>.
=item B<OSSL_STORE_ctrl_fn>
OSSL_STORE_LOADER_set_open() sets the opener function for the
I<store_loader>.
-OSSL_STORE_LOADER_set_open_with_libctx() sets the opener with library context
+OSSL_STORE_LOADER_set_open_ex() sets the opener with library context
function for the I<store_loader>.
OSSL_STORE_LOADER_set_attach() sets the attacher function for the
OSSL_STORE_register_loader() register the given I<store_loader> and
thereby makes it available for use with OSSL_STORE_open(),
-OSSL_STORE_open_with_libctx(), OSSL_STORE_load(), OSSL_STORE_eof()
+OSSL_STORE_open_ex(), OSSL_STORE_load(), OSSL_STORE_eof()
and OSSL_STORE_close().
OSSL_STORE_unregister_loader() unregister the store loader for the given
OSSL_STORE_LOADER_number() returns an integer.
The functions with the types B<OSSL_STORE_open_fn>,
-B<OSSL_STORE_open_with_libctx_fn>, B<OSSL_STORE_ctrl_fn>,
+B<OSSL_STORE_open_ex_fn>, B<OSSL_STORE_ctrl_fn>,
B<OSSL_STORE_expect_fn>, B<OSSL_STORE_load_fn>, B<OSSL_STORE_eof_fn>
and B<OSSL_STORE_close_fn> have the same return values as OSSL_STORE_open(),
-OSSL_STORE_open_with_libctx(), OSSL_STORE_ctrl(), OSSL_STORE_expect(),
+OSSL_STORE_open_ex(), OSSL_STORE_ctrl(), OSSL_STORE_expect(),
OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close(), respectively.
OSSL_STORE_LOADER_new() returns a pointer to a B<OSSL_STORE_LOADER> on success,
or NULL on failure.
-OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_open_with_libctx(),
+OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_open_ex(),
OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(),
OSSL_STORE_LOADER_set_eof() and OSSL_STORE_LOADER_set_close() return 1
on success, or 0 on failure.
OSSL_STORE_LOADER_number(), OSSL_STORE_LOADER_do_all_provided() and
OSSL_STORE_LOADER_names_do_all() were added in OpenSSL 3.0.
-OSSL_STORE_open_with_libctx_fn() was added in OpenSSL 3.0.
+OSSL_STORE_open_ex_fn() was added in OpenSSL 3.0.
B<OSSL_STORE_LOADER>, B<OSSL_STORE_LOADER_CTX>, OSSL_STORE_LOADER_new(),
OSSL_STORE_LOADER_set0_scheme(), OSSL_STORE_LOADER_set_open(),
=head1 NAME
OSSL_STORE_CTX, OSSL_STORE_post_process_info_fn,
-OSSL_STORE_open, OSSL_STORE_open_with_libctx,
+OSSL_STORE_open, OSSL_STORE_open_ex,
OSSL_STORE_ctrl, OSSL_STORE_load, OSSL_STORE_eof,
OSSL_STORE_error, OSSL_STORE_close
- Types and functions to read objects from a URI
OSSL_STORE_post_process_info_fn post_process,
void *post_process_data);
OSSL_STORE_CTX *
- OSSL_STORE_open_with_libctx(const char *uri,
- OPENSSL_CTX *libctx, const char *propq,
- const UI_METHOD *ui_method, void *ui_data,
- OSSL_STORE_post_process_info_fn post_process,
- void *post_process_data);
+ OSSL_STORE_open_ex(const char *uri, OPENSSL_CTX *libctx, const char *propq,
+ const UI_METHOD *ui_method, void *ui_data,
+ OSSL_STORE_post_process_info_fn post_process,
+ void *post_process_data);
OSSL_STORE_INFO *OSSL_STORE_load(OSSL_STORE_CTX *ctx);
int OSSL_STORE_eof(OSSL_STORE_CTX *ctx);
=head2 Types
B<OSSL_STORE_CTX> is a context variable that holds all the internal
-information for OSSL_STORE_open(), OSSL_STORE_open_with_libctx(),
+information for OSSL_STORE_open(), OSSL_STORE_open_ex(),
OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close() to work
together.
=head2 Functions
-OSSL_STORE_open_with_libctx() takes a uri or path I<uri>, password UI method
+OSSL_STORE_open_ex() takes a uri or path I<uri>, password UI method
I<ui_method> with associated data I<ui_data>, and post processing
callback I<post_process> with associated data I<post_process_data>,
a library context I<libctx> with an associated property query I<propq>,
the next object, until I<post_process> returns something other than
NULL, or the end of data is reached as indicated by OSSL_STORE_eof().
-OSSL_STORE_open() is similar to OSSL_STORE_open_with_libctx() but uses NULL for
+OSSL_STORE_open() is similar to OSSL_STORE_open_ex() but uses NULL for
the library context I<libctx> and property query I<propq>.
OSSL_STORE_ctrl() takes a B<OSSL_STORE_CTX>, and command number I<cmd> and
=head1 HISTORY
-OSSL_STORE_open_with_libctx() was added in OpenSSL 3.0.
+OSSL_STORE_open_ex() was added in OpenSSL 3.0.
B<OSSL_STORE_CTX>, OSSL_STORE_post_process_info_fn(), OSSL_STORE_open(),
OSSL_STORE_ctrl(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close()
Handling of NULL I<ctx> argument for OSSL_STORE_close()
was introduced in OpenSSL 1.1.1h.
-OSSL_STORE_open_with_libctx() was added in OpenSSL 3.0.
+OSSL_STORE_open_ex() was added in OpenSSL 3.0.
OSSL_STORE_ctrl() and OSSL_STORE_vctrl() were deprecated in OpenSSL 3.0.
=head1 NAME
-PEM_X509_INFO_read_bio_with_libctx, PEM_X509_INFO_read_with_libctx
+PEM_X509_INFO_read_bio_ex, PEM_X509_INFO_read_ex
- read a PEM-encoded data structure from a bio into one or more B<X509_INFO>
object's
#include <openssl/pem.h>
- STACK_OF(X509_INFO) *PEM_X509_INFO_read_with_libctx(FILE *fp,
- STACK_OF(X509_INFO) *sk,
- pem_password_cb *cb,
- void *u,
- OPENSSL_CTX *libctx,
- const char *propq);
+ STACK_OF(X509_INFO) *PEM_X509_INFO_read_ex(FILE *fp, STACK_OF(X509_INFO) *sk,
+ pem_password_cb *cb, void *u,
+ OPENSSL_CTX *libctx,
+ const char *propq);
- STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio_with_libctx(BIO *bio,
- STACK_OF(X509_INFO) *sk,
- pem_password_cb *cb,
- void *u,
- OPENSSL_CTX *libctx,
- const char *propq);
+ STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio_ex(BIO *bio,
+ STACK_OF(X509_INFO) *sk,
+ pem_password_cb *cb, void *u,
+ OPENSSL_CTX *libctx,
+ const char *propq);
=head1 DESCRIPTION
The loaded B<X509_INFO> object's can contain a CRL, a certificate and a
corresponding private key.
-PEM_X509_INFO_read_with_libctx() loads the B<X509_INFO> objects from a file I<fp>.
+PEM_X509_INFO_read_ex() loads the B<X509_INFO> objects from a file I<fp>.
The library context I<libctx> and property query <propq> are used for fetching
algorithms from providers.
-PEM_X509_INFO_read_bio_with_libctx loads the B<X509_INFO> objects using a bio
+PEM_X509_INFO_read_bio_ex loads the B<X509_INFO> objects using a bio
I<bp>. The library context I<libctx> and property query <propq> are used for
fetching algorithms from providers.
=head1 RETURN VALUES
-PEM_X509_INFO_read_with_libctx() and PEM_X509_INFO_read_bio_with_libctx() return
+PEM_X509_INFO_read_with_libctx() and PEM_X509_INFO_read_bio_ex() return
a stack of B<X509_INFO> objects or NULL on failure.
=head1 SEE ALSO
=head1 HISTORY
-The functions PEM_X509_INFO_read_with_libctx() and
-PEM_X509_INFO_read_bio_with_libctx() were added in OpenSSL 3.0.
+The functions PEM_X509_INFO_read_ex() and
+PEM_X509_INFO_read_bio_ex() were added in OpenSSL 3.0.
=head1 COPYRIGHT
To read a certificate with a library context in PEM format from a BIO:
- X509 *x = X509_new_with_libctx(libctx, NULL);
+ X509 *x = X509_new_ex(libctx, NULL);
if (x == NULL)
/* Error */
=head1 NAME
-PKCS7_encrypt_with_libctx, PKCS7_encrypt
+PKCS7_encrypt_ex, PKCS7_encrypt
- create a PKCS#7 envelopedData structure
=head1 SYNOPSIS
#include <openssl/pkcs7.h>
- PKCS7 *PKCS7_encrypt_with_libctx(STACK_OF(X509) *certs, BIO *in,
- const EVP_CIPHER *cipher, int flags,
- OPENSSL_CTX *libctx, const char *propq);
+ PKCS7 *PKCS7_encrypt_ex(STACK_OF(X509) *certs, BIO *in,
+ const EVP_CIPHER *cipher, int flags,
+ OPENSSL_CTX *libctx, const char *propq);
PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher,
int flags);
=head1 DESCRIPTION
-PKCS7_encrypt_with_libctx() creates and returns a PKCS#7 envelopedData structure.
+PKCS7_encrypt_ex() creates and returns a PKCS#7 envelopedData structure.
I<certs> is a list of recipient certificates. I<in> is the content to be
encrypted. I<cipher> is the symmetric cipher to use. I<flags> is an optional set
of flags. The library context I<libctx> and the property query I<propq> are used
can be performed by obtaining the streaming ASN1 B<BIO> directly using
BIO_new_PKCS7().
-PKCS7_encrypt() is similar to PKCS7_encrypt_with_libctx() but uses default
+PKCS7_encrypt() is similar to PKCS7_encrypt_ex() but uses default
values of NULL for the library context I<libctx> and the property query I<propq>.
=head1 RETURN VALUES
-PKCS7_encrypt_with_libctx() and PKCS7_encrypt() return either a PKCS7 structure
+PKCS7_encrypt_ex() and PKCS7_encrypt() return either a PKCS7 structure
or NULL if an error occurred. The error can be obtained from ERR_get_error(3).
=head1 SEE ALSO
=head1 HISTORY
-The function PKCS7_encrypt_with_libctx() was added in OpenSSL 3.0.
+The function PKCS7_encrypt_ex() was added in OpenSSL 3.0.
The B<PKCS7_STREAM> flag was added in OpenSSL 1.0.0.
=head1 NAME
-PKCS7_sign_with_libctx, PKCS7_sign
+PKCS7_sign_ex, PKCS7_sign
- create a PKCS#7 signedData structure
=head1 SYNOPSIS
#include <openssl/pkcs7.h>
- PKCS7 *PKCS7_sign_with_libctx(X509 *signcert, EVP_PKEY *pkey,
- STACK_OF(X509) *certs, BIO *data, int flags,
- OPENSSL_CTX *libctx, const char *propq);
+ PKCS7 *PKCS7_sign_ex(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
+ BIO *data, int flags, OPENSSL_CTX *libctx,
+ const char *propq);
PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
BIO *data, int flags);
=head1 DESCRIPTION
-PKCS7_sign_with_libctx() creates and returns a PKCS#7 signedData structure.
+PKCS7_sign_ex() creates and returns a PKCS#7 signedData structure.
I<igncert> is the certificate to sign with, Ipkey> is the corresponding
private key. I<certs> is an optional additional set of certificates to include
in the PKCS#7 structure (for example any intermediate CAs in the chain). The
In versions of OpenSSL before 1.0.0 the B<signcert> and B<pkey> parameters must
B<NOT> be NULL.
-PKCS7_sign() is similar to PKCS7_sign_with_libctx() but uses default values of
+PKCS7_sign() is similar to PKCS7_sign_ex() but uses default values of
NULL for the library context I<libctx> and the property query I<propq>.
=head1 BUGS
=head1 RETURN VALUES
-PKCS7_sign_with_libctx() and PKCS7_sign() return either a valid PKCS7 structure
+PKCS7_sign_ex() and PKCS7_sign() return either a valid PKCS7 structure
or NULL if an error occurred. The error can be obtained from ERR_get_error(3).
=head1 SEE ALSO
=head1 HISTORY
-The function PKCS7_sign_with_libctx() was added in OpenSSL 3.0.
+The function PKCS7_sign_ex() was added in OpenSSL 3.0.
The B<PKCS7_PARTIAL> flag, and the ability for B<certs>, B<signcert>,
and B<pkey> parameters to be B<NULL> were added in OpenSSL 1.0.0.
L<SMIME_read_CMS_ex(3)>,
L<SMIME_read_PKCS7_ex(3)>,
L<SMIME_write_ASN1(3)>,
-L<SMIME_write_ASN1_with_libctx(3)>
+L<SMIME_write_ASN1_ex(3)>
=head1 HISTORY
SMIME_read_CMS_ex() is similar to SMIME_read_CMS() but can optionally supply a
previously created I<cms> CMS_ContentInfo object. If I<cms> is NULL then it is
identical to SMIME_read_CMS().
-To create a I<cms> object use L<CMS_ContentInfo_new_with_libctx(3)>.
+To create a I<cms> object use L<CMS_ContentInfo_new_ex(3)>.
=head1 NOTES
SMIME_read_PKCS7_ex() is similar to SMIME_read_PKCS7() but can optionally supply
a previously created I<p7> PKCS#7 object. If I<p7> is NULL then it is identical
to SMIME_read_PKCS7().
-To create a I<p7> object use L<PKCS7_new_with_libctx(3)>.
+To create a I<p7> object use L<PKCS7_new_ex(3)>.
=head1 NOTES
=head1 NAME
-SMIME_write_ASN1_with_libctx, SMIME_write_ASN1
+SMIME_write_ASN1_ex, SMIME_write_ASN1
- convert structure to S/MIME format
=head1 SYNOPSIS
#include <openssl/asn1.h>
- int SMIME_write_ASN1_with_libctx(BIO *out,
- ASN1_VALUE *val, BIO *data, int flags, int ctype_nid, int econt_nid,
- STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it,
- OPENSSL_CTX *libctx, const char *propq);
+ int SMIME_write_ASN1_ex(BIO *out, ASN1_VALUE *val, BIO *data, int flags,
+ int ctype_nid, int econt_nid,
+ STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it,
+ OPENSSL_CTX *libctx, const char *propq);
int SMIME_write_ASN1(BIO *out,
ASN1_VALUE *val, BIO *data, int flags, int ctype_nid, int econt_nid,
=head1 DESCRIPTION
-SMIME_write_ASN1_with_libctx() adds the appropriate MIME headers to an object
+SMIME_write_ASN1_ex() adds the appropriate MIME headers to an object
structure to produce an S/MIME message.
I<out> is the BIO to write the data to. I<value> is the appropriate ASN1_VALUE
=head1 RETURN VALUES
-SMIME_write_ASN1_with_libctx() and SMIME_write_ASN1() return 1 for success or
+SMIME_write_ASN1_ex() and SMIME_write_ASN1() return 1 for success or
0 for failure.
=head1 SEE ALSO
=head1 NAME
TLSv1_2_method, TLSv1_2_server_method, TLSv1_2_client_method,
-SSL_CTX_new, SSL_CTX_new_with_libctx, SSL_CTX_up_ref, SSLv3_method,
+SSL_CTX_new, SSL_CTX_new_ex, SSL_CTX_up_ref, SSLv3_method,
SSLv3_server_method, SSLv3_client_method, TLSv1_method, TLSv1_server_method,
TLSv1_client_method, TLSv1_1_method, TLSv1_1_server_method,
TLSv1_1_client_method, TLS_method, TLS_server_method, TLS_client_method,
#include <openssl/ssl.h>
- SSL_CTX *SSL_CTX_new_with_libctx(OPENSSL_CTX *libctx, const char *propq,
- const SSL_METHOD *method);
+ SSL_CTX *SSL_CTX_new_ex(OPENSSL_CTX *libctx, const char *propq,
+ const SSL_METHOD *method);
SSL_CTX *SSL_CTX_new(const SSL_METHOD *method);
int SSL_CTX_up_ref(SSL_CTX *ctx);
=head1 DESCRIPTION
-SSL_CTX_new_with_libctx() creates a new B<SSL_CTX> object as a framework to
+SSL_CTX_new_ex() creates a new B<SSL_CTX> object as a framework to
establish TLS/SSL or DTLS enabled connections using the library context
I<libctx> (see L<OPENSSL_CTX(3)>). Any cryptographic algorithms that are used
by any B<SSL> objects created from this B<SSL_CTX> will be fetched from the
L<provider(7)/Fetching algorithms>. Either or both the I<libctx> or I<propq>
parameters may be NULL.
-SSL_CTX_new() does the same as SSL_CTX_new_with_libctx() except that the default
+SSL_CTX_new() does the same as SSL_CTX_new_ex() except that the default
library context is used and no property query string is specified.
An B<SSL_CTX> object is reference counted. Creating an B<SSL_CTX> object for the
All version-specific methods were deprecated in OpenSSL 1.1.0.
-SSL_CTX_new_with_libctx() was added in OpenSSL 3.0.
+SSL_CTX_new_ex() was added in OpenSSL 3.0.
=head1 COPYRIGHT
=head1 NAME
-SSL_load_client_CA_file_with_libctx, SSL_load_client_CA_file,
+SSL_load_client_CA_file_ex, SSL_load_client_CA_file,
SSL_add_file_cert_subjects_to_stack,
SSL_add_dir_cert_subjects_to_stack,
SSL_add_store_cert_subjects_to_stack
#include <openssl/ssl.h>
- STACK_OF(X509_NAME) *SSL_load_client_CA_file_with_libctx(const char *file,
- OPENSSL_CTX *libctx,
- const char *propq);
+ STACK_OF(X509_NAME) *SSL_load_client_CA_file_ex(const char *file,
+ OPENSSL_CTX *libctx,
+ const char *propq);
STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file);
int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
=head1 DESCRIPTION
-SSL_load_client_CA_file_with_libctx() reads certificates from I<file> and returns
+SSL_load_client_CA_file_ex() reads certificates from I<file> and returns
a STACK_OF(X509_NAME) with the subject names found. The library context I<libctx>
and property query <propq> are used when fetching algorithms from providers.
-SSL_load_client_CA_file() is similar to SSL_load_client_CA_file_with_libctx()
+SSL_load_client_CA_file() is similar to SSL_load_client_CA_file_ex()
but uses NULL for the library context I<libctx> and property query <propq>.
SSL_add_file_cert_subjects_to_stack() reads certificates from I<file>,
=head1 HISTORY
-SSL_load_client_CA_file_with_libctx() and SSL_add_store_cert_subjects_to_stack()
+SSL_load_client_CA_file_ex() and SSL_add_store_cert_subjects_to_stack()
were added in OpenSSL 3.0.
=head1 COPYRIGHT
X509_LOOKUP_new, X509_LOOKUP_free, X509_LOOKUP_init,
X509_LOOKUP_shutdown,
X509_LOOKUP_set_method_data, X509_LOOKUP_get_method_data,
-X509_LOOKUP_ctrl_with_libctx, X509_LOOKUP_ctrl,
-X509_LOOKUP_load_file_with_libctx, X509_LOOKUP_load_file,
+X509_LOOKUP_ctrl_ex, X509_LOOKUP_ctrl,
+X509_LOOKUP_load_file_ex, X509_LOOKUP_load_file,
X509_LOOKUP_add_dir,
-X509_LOOKUP_add_store_with_libctx, X509_LOOKUP_add_store,
-X509_LOOKUP_load_store_with_libctx, X509_LOOKUP_load_store,
+X509_LOOKUP_add_store_ex, X509_LOOKUP_add_store,
+X509_LOOKUP_load_store_ex, X509_LOOKUP_load_store,
X509_LOOKUP_get_store,
-X509_LOOKUP_by_subject_with_libctx, X509_LOOKUP_by_subject,
+X509_LOOKUP_by_subject_ex, X509_LOOKUP_by_subject,
X509_LOOKUP_by_issuer_serial, X509_LOOKUP_by_fingerprint,
X509_LOOKUP_by_alias
- OpenSSL certificate lookup mechanisms
int X509_LOOKUP_set_method_data(X509_LOOKUP *ctx, void *data);
void *X509_LOOKUP_get_method_data(const X509_LOOKUP *ctx);
- int X509_LOOKUP_ctrl_with_libctx(X509_LOOKUP *ctx, int cmd, const char *argc,
- long argl, char **ret, OPENSSL_CTX *libctx,
- const char *propq);
+ int X509_LOOKUP_ctrl_ex(X509_LOOKUP *ctx, int cmd, const char *argc, long argl,
+ char **ret, OPENSSL_CTX *libctx, const char *propq);
int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc,
long argl, char **ret);
- int X509_LOOKUP_load_file_with_libctx(X509_LOOKUP *ctx, char *name, long type,
- OPENSSL_CTX *libctx, const char *propq);
+ int X509_LOOKUP_load_file_ex(X509_LOOKUP *ctx, char *name, long type,
+ OPENSSL_CTX *libctx, const char *propq);
int X509_LOOKUP_load_file(X509_LOOKUP *ctx, char *name, long type);
- int X509_LOOKUP_load_file_with_libctx(X509_LOOKUP *ctx, char *name, long type,
- OPENSSL_CTX *libctx, const char *propq);
+ int X509_LOOKUP_load_file_ex(X509_LOOKUP *ctx, char *name, long type,
+ OPENSSL_CTX *libctx, const char *propq);
int X509_LOOKUP_add_dir(X509_LOOKUP *ctx, char *name, long type);
- int X509_LOOKUP_add_store_with_libctx(X509_LOOKUP *ctx, char *uri,
- OPENSSL_CTX *libctx, const char *propq);
+ int X509_LOOKUP_add_store_ex(X509_LOOKUP *ctx, char *uri, OPENSSL_CTX *libctx,
+ const char *propq);
int X509_LOOKUP_add_store(X509_LOOKUP *ctx, char *uri);
- int X509_LOOKUP_load_store_with_libctx(X509_LOOKUP *ctx, char *uri,
- OPENSSL_CTX *libctx, const char *propq);
+ int X509_LOOKUP_load_store_ex(X509_LOOKUP *ctx, char *uri, OPENSSL_CTX *libctx,
+ const char *propq);
int X509_LOOKUP_load_store(X509_LOOKUP *ctx, char *uri);
X509_STORE *X509_LOOKUP_get_store(const X509_LOOKUP *ctx);
- int X509_LOOKUP_by_subject_with_libctx(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
- const X509_NAME *name, X509_OBJECT *ret,
- OPENSSL_CTX *libctx, const char *propq);
+ int X509_LOOKUP_by_subject_ex(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
+ const X509_NAME *name, X509_OBJECT *ret,
+ OPENSSL_CTX *libctx, const char *propq);
int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
const X509_NAME *name, X509_OBJECT *ret);
int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
associates and retrieves a pointer to application data to and from the
given B<X509_LOOKUP>, respectively.
-X509_LOOKUP_ctrl_with_libctx() is used to set or get additional data to or from
+X509_LOOKUP_ctrl_ex() is used to set or get additional data to or from
a B<X509_LOOKUP> structure or its associated L<X509_LOOKUP_METHOD(3)>.
The arguments of the control command are passed via I<argc> and I<argl>,
its return value via I<*ret>. The library context I<libctx> and property
The control I<cmd>s known to OpenSSL are discussed in more depth
in L</Control Commands>.
-X509_LOOKUP_ctrl() is similar to X509_LOOKUP_ctrl_with_libctx() but
+X509_LOOKUP_ctrl() is similar to X509_LOOKUP_ctrl_ex() but
uses NULL for the library context I<libctx> and property query <propq>.
-X509_LOOKUP_load_file_with_libctx() passes a filename to be loaded immediately
+X509_LOOKUP_load_file_ex() passes a filename to be loaded immediately
into the associated B<X509_STORE>. The library context I<libctx> and property
query <propq> are used when fetching algorithms from providers.
I<type> indicates what type of object is expected.
This can only be used with a lookup using the implementation
L<X509_LOOKUP_file(3)>.
-X509_LOOKUP_load_file() is similar to X509_LOOKUP_load_file_with_libctx() but
+X509_LOOKUP_load_file() is similar to X509_LOOKUP_load_file_ex() but
uses NULL for the library context I<libctx> and property query <propq>.
X509_LOOKUP_add_dir() passes a directory specification from which
This can only be used with a lookup using the implementation
L<X509_LOOKUP_hash_dir(3)>.
-X509_LOOKUP_add_store_with_libctx() passes a URI for a directory-like structure
+X509_LOOKUP_add_store_ex() passes a URI for a directory-like structure
from which containers with certificates and CRLs are loaded on demand
into the associated B<X509_STORE>. The library context I<libctx> and property
query <propq> are used when fetching algorithms from providers.
-X509_LOOKUP_add_store() is similar to X509_LOOKUP_add_store_with_libctx() but
+X509_LOOKUP_add_store() is similar to X509_LOOKUP_add_store_ex() but
uses NULL for the library context I<libctx> and property query <propq>.
-X509_LOOKUP_load_store_with_libctx() passes a URI for a single container from
+X509_LOOKUP_load_store_ex() passes a URI for a single container from
which certificates and CRLs are immediately loaded into the associated
B<X509_STORE>. The library context I<libctx> and property query <propq> are used
when fetching algorithms from providers.
These functions can only be used with a lookup using the
implementation L<X509_LOOKUP_store(3)>.
-X509_LOOKUP_load_store() is similar to X509_LOOKUP_load_store_with_libctx() but
+X509_LOOKUP_load_store() is similar to X509_LOOKUP_load_store_ex() but
uses NULL for the library context I<libctx> and property query <propq>.
-X509_LOOKUP_load_file_with_libctx(), X509_LOOKUP_load_file(),
+X509_LOOKUP_load_file_ex(), X509_LOOKUP_load_file(),
X509_LOOKUP_add_dir(),
-X509_LOOKUP_add_store_with_libctx() X509_LOOKUP_add_store(),
-X509_LOOKUP_load_store_with_libctx() and X509_LOOKUP_load_store() are
+X509_LOOKUP_add_store_ex() X509_LOOKUP_add_store(),
+X509_LOOKUP_load_store_ex() and X509_LOOKUP_load_store() are
implemented as macros that use X509_LOOKUP_ctrl().
-X509_LOOKUP_by_subject_with_libctx(), X509_LOOKUP_by_subject(),
+X509_LOOKUP_by_subject_ex(), X509_LOOKUP_by_subject(),
X509_LOOKUP_by_issuer_serial(), X509_LOOKUP_by_fingerprint(), and
X509_LOOKUP_by_alias() look up certificates and CRLs in the L<X509_STORE(3)>
associated with the B<X509_LOOKUP> using different criteria, where the looked up
=item B<X509_L_FILE_LOAD>
-This is the command that X509_LOOKUP_load_file_with_libctx() and
+This is the command that X509_LOOKUP_load_file_ex() and
X509_LOOKUP_load_file() use.
The filename is passed in I<argc>, and the type in I<argl>.
=item B<X509_L_ADD_STORE>
-This is the command that X509_LOOKUP_add_store_with_libctx() and
+This is the command that X509_LOOKUP_add_store_ex() and
X509_LOOKUP_add_store() use.
The URI is passed in I<argc>.
=item B<X509_L_LOAD_STORE>
-This is the command that X509_LOOKUP_load_store_with_libctx() and
+This is the command that X509_LOOKUP_load_store_ex() and
X509_LOOKUP_load_store() use.
The URI is passed in I<argc>.
X509_LOOKUP_get_store() returns a B<X509_STORE> pointer if there is
one, otherwise NULL.
-X509_LOOKUP_by_subject_with_libctx(), X509_LOOKUP_by_subject(),
+X509_LOOKUP_by_subject_ex(), X509_LOOKUP_by_subject(),
X509_LOOKUP_by_issuer_serial(), X509_LOOKUP_by_fingerprint(), and
X509_LOOKUP_by_alias() all return 0 if there is no B<X509_LOOKUP_METHOD> or that
method doesn't implement the corresponding function.
=head1 HISTORY
-The functions X509_LOOKUP_by_subject_with_libctx() and
-X509_LOOKUP_ctrl_with_libctx() were added in OpenSSL 3.0.
+The functions X509_LOOKUP_by_subject_ex() and
+X509_LOOKUP_ctrl_ex() were added in OpenSSL 3.0.
-The macros X509_LOOKUP_load_file_with_libctx(),
-X509_LOOKUP_load_store_with_libctx() and 509_LOOKUP_add_store_with_libctx() were
+The macros X509_LOOKUP_load_file_ex(),
+X509_LOOKUP_load_store_with_libctx() and 509_LOOKUP_add_store_ex() were
added in OpenSSL 3.0.
=head1 COPYRIGHT
=head1 NAME
X509_LOOKUP_hash_dir, X509_LOOKUP_file, X509_LOOKUP_store,
-X509_load_cert_file_with_libctx, X509_load_cert_file,
+X509_load_cert_file_ex, X509_load_cert_file,
X509_load_crl_file,
-X509_load_cert_crl_file_with_libctx, X509_load_cert_crl_file
+X509_load_cert_crl_file_ex, X509_load_cert_crl_file
- Default OpenSSL certificate lookup methods
=head1 SYNOPSIS
X509_LOOKUP_METHOD *X509_LOOKUP_file(void);
X509_LOOKUP_METHOD *X509_LOOKUP_store(void);
- int X509_load_cert_file_with_libctx(X509_LOOKUP *ctx, const char *file,
- int type, OPENSSL_CTX *libctx,
- const char *propq);
+ int X509_load_cert_file_ex(X509_LOOKUP *ctx, const char *file, int type,
+ OPENSSL_CTX *libctx, const char *propq);
int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type);
int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type);
- int X509_load_cert_crl_file_with_libctx(X509_LOOKUP *ctx, const char *file,
- int type, OPENSSL_CTX *libctx,
- const char *propq);
+ int X509_load_cert_crl_file_ex(X509_LOOKUP *ctx, const char *file, int type,
+ OPENSSL_CTX *libctx, const char *propq);
int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type);
=head1 DESCRIPTION
=head1 HISTORY
-The functions X509_load_cert_file_with_libctx(),
-X509_load_cert_crl_file_with_libctx() and X509_LOOKUP_store() were added in
+The functions X509_load_cert_file_ex(),
+X509_load_cert_crl_file_ex() and X509_LOOKUP_store() were added in
OpenSSL 3.0.
=head1 COPYRIGHT
=head1 NAME
-X509_STORE_CTX_new_with_libctx, X509_STORE_CTX_new, X509_STORE_CTX_cleanup,
+X509_STORE_CTX_new_ex, X509_STORE_CTX_new, X509_STORE_CTX_cleanup,
X509_STORE_CTX_free, X509_STORE_CTX_init, X509_STORE_CTX_set0_trusted_stack,
X509_STORE_CTX_set_cert, X509_STORE_CTX_set0_crls,
X509_STORE_CTX_get0_chain, X509_STORE_CTX_set0_verified_chain,
#include <openssl/x509_vfy.h>
- X509_STORE_CTX *X509_STORE_CTX_new_with_libctx(OPENSSL_CTX *libctx,
- const char *propq);
+ X509_STORE_CTX *X509_STORE_CTX_new_ex(OPENSSL_CTX *libctx, const char *propq);
X509_STORE_CTX *X509_STORE_CTX_new(void);
void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
void X509_STORE_CTX_free(X509_STORE_CTX *ctx);
These functions initialise an B<X509_STORE_CTX> structure for subsequent use
by X509_verify_cert().
-X509_STORE_CTX_new_with_libctx() returns a newly initialised B<X509_STORE_CTX>
+X509_STORE_CTX_new_ex() returns a newly initialised B<X509_STORE_CTX>
structure associated with the specified library context I<libctx> and property
query string I<propq>. Any cryptographic algorithms fetched while performing
processing with the X509_STORE_CTX will use that library context and property
query string.
-X509_STORE_CTX_new() is the same as X509_STORE_CTX_new_with_libctx() except that
+X509_STORE_CTX_new() is the same as X509_STORE_CTX_new_ex() except that
the default library context and a NULL property query string are used.
X509_STORE_CTX_cleanup() internally cleans up an B<X509_STORE_CTX> structure.
The X509_STORE_CTX_set0_crls() function was added in OpenSSL 1.0.0.
The X509_STORE_CTX_get_num_untrusted() function was added in OpenSSL 1.1.0.
-The X509_STORE_CTX_new_with_libctx() function was added in OpenSSL 3.0.
+The X509_STORE_CTX_new_ex() function was added in OpenSSL 3.0.
=head1 COPYRIGHT
X509_STORE_add_cert, X509_STORE_add_crl, X509_STORE_set_depth,
X509_STORE_set_flags, X509_STORE_set_purpose, X509_STORE_set_trust,
X509_STORE_add_lookup,
-X509_STORE_load_file_with_libctx, X509_STORE_load_file, X509_STORE_load_path,
-X509_STORE_load_store_with_libctx, X509_STORE_load_store,
-X509_STORE_set_default_paths_with_libctx, X509_STORE_set_default_paths,
-X509_STORE_load_locations_with_libctx, X509_STORE_load_locations
+X509_STORE_load_file_ex, X509_STORE_load_file, X509_STORE_load_path,
+X509_STORE_load_store_ex, X509_STORE_load_store,
+X509_STORE_set_default_paths_ex, X509_STORE_set_default_paths,
+X509_STORE_load_locations_ex, X509_STORE_load_locations
- X509_STORE manipulation
=head1 SYNOPSIS
X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *store,
X509_LOOKUP_METHOD *meth);
- int X509_STORE_set_default_paths_with_libctx(X509_STORE *ctx,
- OPENSSL_CTX *libctx,
- const char *propq);
+ int X509_STORE_set_default_paths_ex(X509_STORE *ctx, OPENSSL_CTX *libctx,
+ const char *propq);
int X509_STORE_set_default_paths(X509_STORE *ctx);
- int X509_STORE_load_file_with_libctx(X509_STORE *ctx, const char *file,
- OPENSSL_CTX *libctx, const char *propq);
+ int X509_STORE_load_file_ex(X509_STORE *ctx, const char *file,
+ OPENSSL_CTX *libctx, const char *propq);
int X509_STORE_load_file(X509_STORE *ctx, const char *file);
int X509_STORE_load_path(X509_STORE *ctx, const char *dir);
- int X509_STORE_load_store_with_libctx(X509_STORE *ctx, const char *uri,
- OPENSSL_CTX *libctx, const char *propq);
+ int X509_STORE_load_store_ex(X509_STORE *ctx, const char *uri,
+ OPENSSL_CTX *libctx, const char *propq);
int X509_STORE_load_store(X509_STORE *ctx, const char *uri);
- int X509_STORE_load_locations_with_libctx(X509_STORE *ctx,
- const char *file, const char *dir,
- OPENSSL_CTX *libctx,
- const char *propq);
+ int X509_STORE_load_locations_ex(X509_STORE *ctx, const char *file,
+ const char *dir, OPENSSL_CTX *libctx,
+ const char *propq);
int X509_STORE_load_locations(X509_STORE *ctx,
const char *file, const char *dir);
I<store>. This also associates the B<X509_STORE> with the lookup, so
B<X509_LOOKUP> functions can look up objects in that store.
-X509_STORE_load_file_with_libctx() loads trusted certificate(s) into an
+X509_STORE_load_file_ex() loads trusted certificate(s) into an
B<X509_STORE> from a given file. The library context I<libctx> and property
query <propq> are used when fetching algorithms from providers.
-X509_STORE_load_file() is similar to X509_STORE_load_file_with_libctx() but
+X509_STORE_load_file() is similar to X509_STORE_load_file_ex() but
uses NULL for the library context I<libctx> and property query <propq>.
X509_STORE_load_path() loads trusted certificate(s) into an
The certificates in the directory must be in hashed form, as
documented in L<X509_LOOKUP_hash_dir(3)>.
-X509_STORE_load_store_with_libctx() loads trusted certificate(s) into an
+X509_STORE_load_store_ex() loads trusted certificate(s) into an
B<X509_STORE> from a store at a given URI. The library context I<libctx> and
property query <propq> are used when fetching algorithms from providers.
-X509_STORE_load_store() is similar to X509_STORE_load_store_with_libctx() but
+X509_STORE_load_store() is similar to X509_STORE_load_store_ex() but
uses NULL for the library context I<libctx> and property query <propq>.
-X509_STORE_load_locations_with_libctx() combines
-X509_STORE_load_file_with_libctx() and X509_STORE_load_dir() for a given file
+X509_STORE_load_locations_ex() combines
+X509_STORE_load_file_ex() and X509_STORE_load_dir() for a given file
and/or directory path.
It is permitted to specify just a file, just a directory, or both
paths.
-X509_STORE_load_locations() is similar to X509_STORE_load_locations_with_libctx()
+X509_STORE_load_locations() is similar to X509_STORE_load_locations_ex()
but uses NULL for the library context I<libctx> and property query <propq>.
-X509_STORE_set_default_paths_with_libctx() is somewhat misnamed, in that it does
+X509_STORE_set_default_paths_ex() is somewhat misnamed, in that it does
not set what default paths should be used for loading certificates. Instead,
it loads certificates into the B<X509_STORE> from the hardcoded default
paths. The library context I<libctx> and property query <propq> are used when
fetching algorithms from providers.
X509_STORE_set_default_paths() is similar to
-X509_STORE_set_default_paths_with_libctx() but uses NULL for the library
+X509_STORE_set_default_paths_ex() but uses NULL for the library
context I<libctx> and property query <propq>.
=head1 RETURN VALUES
X509_STORE_add_cert(), X509_STORE_add_crl(), X509_STORE_set_depth(),
X509_STORE_set_flags(), X509_STORE_set_purpose(), X509_STORE_set_trust(),
-X509_STORE_load_file_with_libctx(), X509_STORE_load_file(),
+X509_STORE_load_file_ex(), X509_STORE_load_file(),
X509_STORE_load_path(),
-X509_STORE_load_store_with_libctx(), X509_STORE_load_store(),
-X509_STORE_load_locations_with_libctx(), X509_STORE_load_locations(),
-X509_STORE_set_default_paths_with_libctx() and X509_STORE_set_default_paths()
+X509_STORE_load_store_ex(), X509_STORE_load_store(),
+X509_STORE_load_locations_ex(), X509_STORE_load_locations(),
+X509_STORE_set_default_paths_ex() and X509_STORE_set_default_paths()
return 1 on success or 0 on failure.
X509_STORE_add_lookup() returns the found or created
=head1 HISTORY
-The functions X509_STORE_set_default_paths_with_libctx(),
-X509_STORE_load_file_with_libctx(), X509_STORE_load_store_with_libctx() and
-X509_STORE_load_locations_with_libctx() were added in OpenSSL 3.0.
+The functions X509_STORE_set_default_paths_ex(),
+X509_STORE_load_file_with_libctx(), X509_STORE_load_store_ex() and
+X509_STORE_load_locations_ex() were added in OpenSSL 3.0.
=head1 COPYRIGHT
CERTIFICATEPOLICIES_new,
CMS_ContentInfo_free,
CMS_ContentInfo_new,
-CMS_ContentInfo_new_with_libctx,
+CMS_ContentInfo_new_ex,
CMS_ContentInfo_print_ctx,
CMS_ReceiptRequest_free,
CMS_ReceiptRequest_new,
PKCS7_SIGN_ENVELOPE_new,
PKCS7_dup,
PKCS7_free,
-PKCS7_new_with_libctx,
+PKCS7_new_ex,
PKCS7_new,
PKCS7_print_ctx,
PKCS8_PRIV_KEY_INFO_free,
B<I<TYPE>_new>() allocates an empty object of the indicated type.
The object returned must be released by calling B<I<TYPE>_free>().
-B<I<TYPE>_new_with_libctx>() is similiar to B<I<TYPE>_new>() but also passes the
+B<I<TYPE>_new_ex>() is similiar to B<I<TYPE>_new>() but also passes the
library context I<libctx> and the property query I<propq> to use when retrieving
algorithms from providers.
=head1 HISTORY
-The functions PKCS7_new_with_libctx() and CMS_ContentInfo_new_with_libctx() were
+The functions PKCS7_new_with_libctx() and CMS_ContentInfo_new_ex() were
added in OpenSSL 3.0.
=head1 COPYRIGHT
=head1 NAME
X509_chain_up_ref,
-X509_new, X509_new_with_libctx,
+X509_new, X509_new_ex,
X509_free, X509_up_ref - X509 certificate ASN1 allocation functions
=head1 SYNOPSIS
#include <openssl/x509.h>
X509 *X509_new(void);
- X509 *X509_new_with_libctx(OPENSSL_CTX *libctx, const char *propq);
+ X509 *X509_new_ex(OPENSSL_CTX *libctx, const char *propq);
void X509_free(X509 *a);
int X509_up_ref(X509 *a);
STACK_OF(X509) *X509_chain_up_ref(STACK_OF(X509) *x);
The X509 ASN1 allocation routines, allocate and free an
X509 structure, which represents an X509 certificate.
-X509_new_with_libctx() allocates and initializes a X509 structure with a
+X509_new_ex() allocates and initializes a X509 structure with a
library context of I<libctx>, property query of <propq> and a reference
count of B<1>. Many X509 functions such as X509_check_purpose(), and
X509_verify() use this library context to select which providers supply the
fetched algorithms (SHA1 is used internally).
-X509_new() is similar to X509_new_with_libctx() but sets the library context
+X509_new() is similar to X509_new_ex() but sets the library context
and property query to NULL. This results in the default (NULL) library context
being used for any X509 operations requiring algorithm fetches.
=head1 HISTORY
-The function X509_new_with_libctx() was added in OpenSSL 3.0.
+The function X509_new_ex() was added in OpenSSL 3.0.
=head1 COPYRIGHT
L<X509_new(3)>,
L<X509_verify_cert(3)>,
L<X509_verify(3)>,
-L<X509_REQ_verify_with_libctx(3)>, L<X509_REQ_verify(3)>,
+L<X509_REQ_verify_ex(3)>, L<X509_REQ_verify(3)>,
L<X509_CRL_verify(3)>
=head1 HISTORY
=head1 NAME
X509_verify, X509_self_signed,
-X509_REQ_verify_with_libctx, X509_REQ_verify,
+X509_REQ_verify_ex, X509_REQ_verify,
X509_CRL_verify -
verify certificate, certificate request, or CRL signature
int X509_verify(X509 *x, EVP_PKEY *pkey);
int X509_self_signed(X509 *cert, int verify_signature);
- int X509_REQ_verify_with_libctx(X509_REQ *a, EVP_PKEY *pkey,
- OPENSSL_CTX *libctx, const char *propq);
+ int X509_REQ_verify_ex(X509_REQ *a, EVP_PKEY *pkey, OPENSSL_CTX *libctx,
+ const char *propq);
int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r);
int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r);
The signature itself is actually verified only if B<verify_signature> is 1, as
for explicitly trusted certificates this verification is not worth the effort.
-X509_REQ_verify_with_libctx(), X509_REQ_verify() and X509_CRL_verify()
+X509_REQ_verify_ex(), X509_REQ_verify() and X509_CRL_verify()
verify the signatures of certificate requests and CRLs, respectively.
=head1 RETURN VALUES
X509_verify(),
-X509_REQ_verify_with_libctx(), X509_REQ_verify() and X509_CRL_verify()
+X509_REQ_verify_ex(), X509_REQ_verify() and X509_CRL_verify()
return 1 if the signature is valid and 0 if the signature check fails.
If the signature could not be checked at all because it was ill-formed
or some other error occurred then -1 is returned.
The X509_verify(), X509_REQ_verify(), and X509_CRL_verify()
functions are available in all versions of OpenSSL.
-X509_REQ_verify_with_libctx(), and X509_self_signed() were added in OpenSSL 3.0.
+X509_REQ_verify_ex(), and X509_self_signed() were added in OpenSSL 3.0.
=head1 COPYRIGHT
*matchcount = 1;
if (p8inf != NULL)
- pkey = EVP_PKCS82PKEY_with_libctx(p8inf, libctx, propq);
+ pkey = EVP_PKCS82PKEY_ex(p8inf, libctx, propq);
PKCS8_PRIV_KEY_INFO_free(p8inf);
} else {
int slen;
*matchcount = 1;
}
- cert = X509_new_with_libctx(libctx, propq);
+ cert = X509_new_ex(libctx, propq);
if (cert == NULL)
return NULL;
return 1;
}
-static OSSL_STORE_LOADER_CTX *file_open_with_libctx
+static OSSL_STORE_LOADER_CTX *file_open_ex
(const OSSL_STORE_LOADER *loader, const char *uri,
OPENSSL_CTX *libctx, const char *propq,
const UI_METHOD *ui_method, void *ui_data)
(const OSSL_STORE_LOADER *loader, const char *uri,
const UI_METHOD *ui_method, void *ui_data)
{
- return file_open_with_libctx(loader, uri, NULL, NULL, ui_method, ui_data);
+ return file_open_ex(loader, uri, NULL, NULL, ui_method, ui_data);
}
static OSSL_STORE_LOADER_CTX *file_attach
if (/* Create the OSSL_STORE_LOADER */
(loader_attic = OSSL_STORE_LOADER_new(e, "file")) == NULL
- || !OSSL_STORE_LOADER_set_open_with_libctx(loader_attic,
- file_open_with_libctx)
+ || !OSSL_STORE_LOADER_set_open_ex(loader_attic, file_open_with_libctx)
|| !OSSL_STORE_LOADER_set_open(loader_attic, file_open)
|| !OSSL_STORE_LOADER_set_attach(loader_attic, file_attach)
|| !OSSL_STORE_LOADER_set_ctrl(loader_attic, file_ctrl)
const char *propq);
OSSL_CALLBACK *import_from;
- int (*priv_decode_with_libctx) (EVP_PKEY *pk,
+ int (*priv_decode_ex) (EVP_PKEY *pk,
const PKCS8_PRIV_KEY_INFO *p8inf,
OPENSSL_CTX *libctx,
const char *propq);
#include <openssl/dh.h>
#include "internal/ffc.h"
-DH *dh_new_by_nid_with_libctx(OPENSSL_CTX *libctx, int nid);
-DH *dh_new_with_libctx(OPENSSL_CTX *libctx);
+DH *dh_new_by_nid_ex(OPENSSL_CTX *libctx, int nid);
+DH *dh_new_ex(OPENSSL_CTX *libctx);
int dh_generate_ffc_parameters(DH *dh, int type, int pbits, int qbits,
BN_GENCB *cb);
const EVP_CIPHER *evp_get_cipherbyname_ex(OPENSSL_CTX *libctx, const char *name);
const EVP_MD *evp_get_digestbyname_ex(OPENSSL_CTX *libctx, const char *name);
-int pkcs5_pbkdf2_hmac_with_libctx(const char *pass, int passlen,
- const unsigned char *salt, int saltlen,
- int iter, const EVP_MD *digest, int keylen,
- unsigned char *out,
- OPENSSL_CTX *libctx, const char *propq);
+int pkcs5_pbkdf2_hmac_ex(const char *pass, int passlen,
+ const unsigned char *salt, int saltlen, int iter,
+ const EVP_MD *digest, int keylen, unsigned char *out,
+ OPENSSL_CTX *libctx, const char *propq);
#ifndef FIPS_MODULE
/*
int evp_pkey_ctx_set_params_strict(EVP_PKEY_CTX *ctx, OSSL_PARAM *params);
int evp_pkey_ctx_get_params_strict(EVP_PKEY_CTX *ctx, OSSL_PARAM *params);
-EVP_MD_CTX *evp_md_ctx_new_with_libctx(EVP_PKEY *pkey,
- const ASN1_OCTET_STRING *id,
- OPENSSL_CTX *libctx, const char *propq);
+EVP_MD_CTX *evp_md_ctx_new_ex(EVP_PKEY *pkey, const ASN1_OCTET_STRING *id,
+ OPENSSL_CTX *libctx, const char *propq);
int evp_pkey_name2type(const char *name);
int evp_pkey_ctx_set1_id_prov(EVP_PKEY_CTX *ctx, const void *id, int len);
size_t tlen, const unsigned char *from,
size_t flen, int client_version,
int alt_version);
-int rsa_padding_add_PKCS1_OAEP_mgf1_with_libctx(OPENSSL_CTX *libctx,
- unsigned char *to, int tlen,
- const unsigned char *from,
- int flen,
- const unsigned char *param,
- int plen, const EVP_MD *md,
- const EVP_MD *mgf1md);
+int rsa_padding_add_PKCS1_OAEP_mgf1_ex(OPENSSL_CTX *libctx, unsigned char *to,
+ int tlen, const unsigned char *from,
+ int flen, const unsigned char *param,
+ int plen, const EVP_MD *md,
+ const EVP_MD *mgf1md);
int rsa_validate_public(const RSA *key);
int rsa_validate_private(const RSA *key);
int x509_set0_libctx(X509 *x, OPENSSL_CTX *libctx, const char *propq);
int x509_crl_set0_libctx(X509_CRL *x, OPENSSL_CTX *libctx, const char *propq);
int x509_init_sig_info(X509 *x);
-int asn1_item_digest_with_libctx(const ASN1_ITEM *it, const EVP_MD *type,
- void *data, unsigned char *md,
- unsigned int *len, OPENSSL_CTX *libctx,
- const char *propq);
+int asn1_item_digest_ex(const ASN1_ITEM *it, const EVP_MD *type, void *data,
+ unsigned char *md, unsigned int *len,
+ OPENSSL_CTX *libctx, const char *propq);
int X509_add_cert_new(STACK_OF(X509) **sk, X509 *cert, int flags);
int X509_PUBKEY_get0_libctx(OPENSSL_CTX **plibctx, const char **ppropq,
CHECKED_PTR_OF(const type, x)))
void *ASN1_item_dup(const ASN1_ITEM *it, const void *x);
-int ASN1_item_sign_with_libctx(const ASN1_ITEM *it, X509_ALGOR *algor1,
- X509_ALGOR *algor2, ASN1_BIT_STRING *signature,
- const void *data, const ASN1_OCTET_STRING *id,
- EVP_PKEY *pkey, const EVP_MD *md,
- OPENSSL_CTX *libctx, const char *propq);
-int ASN1_item_verify_with_libctx(const ASN1_ITEM *it, const X509_ALGOR *alg,
- const ASN1_BIT_STRING *signature,
- const void *data,
- const ASN1_OCTET_STRING *id, EVP_PKEY *pkey,
- OPENSSL_CTX *libctx, const char *propq);
+int ASN1_item_sign_ex(const ASN1_ITEM *it, X509_ALGOR *algor1,
+ X509_ALGOR *algor2, ASN1_BIT_STRING *signature,
+ const void *data, const ASN1_OCTET_STRING *id,
+ EVP_PKEY *pkey, const EVP_MD *md, OPENSSL_CTX *libctx,
+ const char *propq);
+int ASN1_item_verify_ex(const ASN1_ITEM *it, const X509_ALGOR *alg,
+ const ASN1_BIT_STRING *signature, const void *data,
+ const ASN1_OCTET_STRING *id, EVP_PKEY *pkey,
+ OPENSSL_CTX *libctx, const char *propq);
/* ASN1 alloc/free macros for when a type is only used internally */
int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
int ctype_nid, int econt_nid,
STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it);
-int SMIME_write_ASN1_with_libctx(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
- int ctype_nid, int econt_nid,
- STACK_OF(X509_ALGOR) *mdalgs,
- const ASN1_ITEM *it,
- OPENSSL_CTX *libctx, const char *propq);
+int SMIME_write_ASN1_ex(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
+ int ctype_nid, int econt_nid,
+ STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it,
+ OPENSSL_CTX *libctx, const char *propq);
ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it);
ASN1_VALUE *SMIME_read_ASN1_ex(BIO *bio, BIO **bcont, const ASN1_ITEM *it,
ASN1_VALUE **x);
DECLARE_ASN1_FUNCTIONS(CMS_ReceiptRequest)
DECLARE_ASN1_PRINT_FUNCTION(CMS_ContentInfo)
-CMS_ContentInfo *CMS_ContentInfo_new_with_libctx(OPENSSL_CTX *libctx,
- const char *propq);
+CMS_ContentInfo *CMS_ContentInfo_new_ex(OPENSSL_CTX *libctx, const char *propq);
# define CMS_SIGNERINFO_ISSUER_SERIAL 0
# define CMS_SIGNERINFO_KEYIDENTIFIER 1
CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey,
STACK_OF(X509) *certs, BIO *data,
unsigned int flags);
-CMS_ContentInfo *CMS_sign_with_libctx(X509 *signcert, EVP_PKEY *pkey,
- STACK_OF(X509) *certs, BIO *data,
- unsigned int flags,
- OPENSSL_CTX *ctx, const char *propq);
+CMS_ContentInfo *CMS_sign_ex(X509 *signcert, EVP_PKEY *pkey,
+ STACK_OF(X509) *certs, BIO *data,
+ unsigned int flags, OPENSSL_CTX *ctx,
+ const char *propq);
CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
X509 *signcert, EVP_PKEY *pkey,
int CMS_data(CMS_ContentInfo *cms, BIO *out, unsigned int flags);
CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags);
-CMS_ContentInfo *CMS_data_create_with_libctx(BIO *in, unsigned int flags,
- OPENSSL_CTX *ctx,
- const char *propq);
+CMS_ContentInfo *CMS_data_create_ex(BIO *in, unsigned int flags,
+ OPENSSL_CTX *ctx, const char *propq);
int CMS_digest_verify(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
unsigned int flags);
CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md,
unsigned int flags);
-CMS_ContentInfo *CMS_digest_create_with_libctx(BIO *in, const EVP_MD *md,
- unsigned int flags,
- OPENSSL_CTX *ctx,
- const char *propq);
+CMS_ContentInfo *CMS_digest_create_ex(BIO *in, const EVP_MD *md,
+ unsigned int flags, OPENSSL_CTX *ctx,
+ const char *propq);
int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms,
const unsigned char *key, size_t keylen,
CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher,
const unsigned char *key,
size_t keylen, unsigned int flags);
-CMS_ContentInfo *CMS_EncryptedData_encrypt_with_libctx(BIO *in,
- const EVP_CIPHER *cipher,
- const unsigned char *key,
- size_t keylen,
- unsigned int flags,
- OPENSSL_CTX *ctx,
- const char *propq);
+CMS_ContentInfo *CMS_EncryptedData_encrypt_ex(BIO *in, const EVP_CIPHER *cipher,
+ const unsigned char *key,
+ size_t keylen, unsigned int flags,
+ OPENSSL_CTX *ctx,
+ const char *propq);
int CMS_EncryptedData_set1_key(CMS_ContentInfo *cms, const EVP_CIPHER *ciph,
const unsigned char *key, size_t keylen);
CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *in,
const EVP_CIPHER *cipher, unsigned int flags);
-CMS_ContentInfo *CMS_encrypt_with_libctx(STACK_OF(X509) *certs,
- BIO *in, const EVP_CIPHER *cipher,
- unsigned int flags,
- OPENSSL_CTX *ctx, const char *propq);
+CMS_ContentInfo *CMS_encrypt_ex(STACK_OF(X509) *certs, BIO *in,
+ const EVP_CIPHER *cipher, unsigned int flags,
+ OPENSSL_CTX *ctx, const char *propq);
int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pkey, X509 *cert,
BIO *dcont, BIO *out, unsigned int flags);
EVP_PKEY_CTX *CMS_RecipientInfo_get0_pkey_ctx(CMS_RecipientInfo *ri);
CMS_ContentInfo *CMS_AuthEnvelopedData_create(const EVP_CIPHER *cipher);
CMS_ContentInfo *
-CMS_AuthEnvelopedData_create_with_libctx(const EVP_CIPHER *cipher,
- OPENSSL_CTX *ctx,
- const char *propq);
+CMS_AuthEnvelopedData_create_ex(const EVP_CIPHER *cipher, OPENSSL_CTX *ctx,
+ const char *propq);
CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher);
-CMS_ContentInfo *CMS_EnvelopedData_create_with_libctx(const EVP_CIPHER *cipher,
- OPENSSL_CTX *ctx,
- const char *propq);
+CMS_ContentInfo *CMS_EnvelopedData_create_ex(const EVP_CIPHER *cipher,
+ OPENSSL_CTX *ctx,
+ const char *propq);
CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms,
X509 *recip, unsigned int flags);
unsigned char *id, int idlen, int allorfirst,
STACK_OF(GENERAL_NAMES) *receiptList,
STACK_OF(GENERAL_NAMES) *receiptsTo);
-CMS_ReceiptRequest *CMS_ReceiptRequest_create0_with_libctx(
+CMS_ReceiptRequest *CMS_ReceiptRequest_create0_ex(
unsigned char *id, int idlen, int allorfirst,
STACK_OF(GENERAL_NAMES) *receiptList,
STACK_OF(GENERAL_NAMES) *receiptsTo,
OPENSSL_CTX *libctx;
};
-CONF *NCONF_new_with_libctx(OPENSSL_CTX *libctx, CONF_METHOD *meth);
+CONF *NCONF_new_ex(OPENSSL_CTX *libctx, CONF_METHOD *meth);
CONF *NCONF_new(CONF_METHOD *meth);
CONF_METHOD *NCONF_default(void);
DEPRECATEDIN_3_0(CONF_METHOD *NCONF_WIN32(void))
int CONF_modules_load(const CONF *cnf, const char *appname,
unsigned long flags);
-int CONF_modules_load_file_with_libctx(OPENSSL_CTX *libctx, const char *filename,
- const char *appname, unsigned long flags);
+int CONF_modules_load_file_ex(OPENSSL_CTX *libctx, const char *filename,
+ const char *appname, unsigned long flags);
int CONF_modules_load_file(const char *filename, const char *appname,
unsigned long flags);
void CONF_modules_unload(int all);
* The caller is responsible for calling CT_POLICY_EVAL_CTX_free when finished
* with the CT_POLICY_EVAL_CTX.
*/
-CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new_with_libctx(OPENSSL_CTX *libctx,
- const char *propq);
+CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new_ex(OPENSSL_CTX *libctx,
+ const char *propq);
/*
- * The same as CT_POLICY_EVAL_CTX_new_with_libctx() but the default library
+ * The same as CT_POLICY_EVAL_CTX_new_ex() but the default library
* context and property query string is used.
*/
CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new(void);
* Returns NULL if malloc fails or if |public_key| cannot be converted to DER.
* Should be deleted by the caller using CTLOG_free when no longer needed.
*/
-CTLOG *CTLOG_new_with_libctx(EVP_PKEY *public_key, const char *name,
- OPENSSL_CTX *libctx, const char *propq);
+CTLOG *CTLOG_new_ex(EVP_PKEY *public_key, const char *name, OPENSSL_CTX *libctx,
+ const char *propq);
/*
- * The same as CTLOG_new_with_libctx except that the default library context and
+ * The same as CTLOG_new_ex except that the default library context and
* property query string are used.
*/
CTLOG *CTLOG_new(EVP_PKEY *public_key, const char *name);
* Returns 1 on success, 0 on failure.
* Should be deleted by the caller using CTLOG_free when no longer needed.
*/
-int CTLOG_new_from_base64_with_libctx(CTLOG **ct_log, const char *pkey_base64,
- const char *name, OPENSSL_CTX *libctx,
- const char *propq);
+int CTLOG_new_from_base64_ex(CTLOG **ct_log, const char *pkey_base64,
+ const char *name, OPENSSL_CTX *libctx,
+ const char *propq);
/*
- * The same as CTLOG_new_from_base64_with_libctx() except that the default
+ * The same as CTLOG_new_from_base64_ex() except that the default
* library context and property query string are used.
* Returns 1 on success, 0 on failure.
*/
* property query string.
* Should be deleted by the caller using CTLOG_STORE_free when no longer needed.
*/
-CTLOG_STORE *CTLOG_STORE_new_with_libctx(OPENSSL_CTX *libctx, const char *propq);
+CTLOG_STORE *CTLOG_STORE_new_ex(OPENSSL_CTX *libctx, const char *propq);
/*
- * Same as CTLOG_STORE_new_with_libctx except that the default libctx and
+ * Same as CTLOG_STORE_new_ex except that the default libctx and
* property query string are used.
* Should be deleted by the caller using CTLOG_STORE_free when no longer needed.
*/
* \return newly created EC_GROUP object with specified curve or NULL
* if an error occurred
*/
-EC_GROUP *EC_GROUP_new_by_curve_name_with_libctx(OPENSSL_CTX *libctx,
- const char *propq, int nid);
+EC_GROUP *EC_GROUP_new_by_curve_name_ex(OPENSSL_CTX *libctx, const char *propq,
+ int nid);
/**
* Creates a EC_GROUP object with a curve specified by a NID. Same as
- * EC_GROUP_new_by_curve_name_with_libctx but the libctx and propq are always
+ * EC_GROUP_new_by_curve_name_ex but the libctx and propq are always
* NULL.
* \param nid NID of the OID of the curve name
* \return newly created EC_GROUP object with specified curve or NULL
* which case the default library context is used.
* \return EC_KEY object or NULL if an error occurred.
*/
-EC_KEY *EC_KEY_new_with_libctx(OPENSSL_CTX *ctx, const char *propq);
+EC_KEY *EC_KEY_new_ex(OPENSSL_CTX *ctx, const char *propq);
/**
- * Creates a new EC_KEY object. Same as calling EC_KEY_new_with_libctx with a
+ * Creates a new EC_KEY object. Same as calling EC_KEY_new_ex with a
* NULL library context
* \return EC_KEY object or NULL if an error occurred.
*/
* \param nid NID of the named curve.
* \return EC_KEY object or NULL if an error occurred.
*/
-EC_KEY *EC_KEY_new_by_curve_name_with_libctx(OPENSSL_CTX *ctx, const char *propq,
- int nid);
+EC_KEY *EC_KEY_new_by_curve_name_ex(OPENSSL_CTX *ctx, const char *propq,
+ int nid);
/**
* Creates a new EC_KEY object using a named curve as underlying
__owur int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s,
EVP_PKEY *pkey);
-__owur int EVP_SignFinal_with_libctx(EVP_MD_CTX *ctx, unsigned char *md,
- unsigned int *s, EVP_PKEY *pkey,
- OPENSSL_CTX *libctx, const char *propq);
+__owur int EVP_SignFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s,
+ EVP_PKEY *pkey, OPENSSL_CTX *libctx,
+ const char *propq);
__owur int EVP_DigestSign(EVP_MD_CTX *ctx, unsigned char *sigret,
size_t *siglen, const unsigned char *tbs,
__owur int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
unsigned int siglen, EVP_PKEY *pkey);
-__owur int EVP_VerifyFinal_with_libctx(EVP_MD_CTX *ctx,
- const unsigned char *sigbuf,
- unsigned int siglen, EVP_PKEY *pkey,
- OPENSSL_CTX *libctx, const char *propq);
+__owur int EVP_VerifyFinal_ex(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
+ unsigned int siglen, EVP_PKEY *pkey,
+ OPENSSL_CTX *libctx, const char *propq);
__owur int EVP_DigestVerify(EVP_MD_CTX *ctx, const unsigned char *sigret,
size_t siglen, const unsigned char *tbs,
size_t tbslen);
-int EVP_DigestSignInit_with_libctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
- const char *mdname,
- OPENSSL_CTX *libctx, const char *props,
- EVP_PKEY *pkey);
+int EVP_DigestSignInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+ const char *mdname, OPENSSL_CTX *libctx,
+ const char *props, EVP_PKEY *pkey);
/*__owur*/ int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const EVP_MD *type, ENGINE *e,
EVP_PKEY *pkey);
__owur int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
size_t *siglen);
-int EVP_DigestVerifyInit_with_libctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
- const char *mdname,
- OPENSSL_CTX *libctx, const char *props,
- EVP_PKEY *pkey);
+int EVP_DigestVerifyInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
+ const char *mdname, OPENSSL_CTX *libctx,
+ const char *props, EVP_PKEY *pkey);
__owur int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const EVP_MD *type, ENGINE *e,
EVP_PKEY *pkey);
EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e,
const unsigned char *key, int keylen);
-EVP_PKEY *EVP_PKEY_new_raw_private_key_with_libctx(OPENSSL_CTX *libctx,
- const char *keytype,
- const char *propq,
- const unsigned char *priv,
- size_t len);
+EVP_PKEY *EVP_PKEY_new_raw_private_key_ex(OPENSSL_CTX *libctx,
+ const char *keytype,
+ const char *propq,
+ const unsigned char *priv, size_t len);
EVP_PKEY *EVP_PKEY_new_raw_private_key(int type, ENGINE *e,
const unsigned char *priv,
size_t len);
-EVP_PKEY *EVP_PKEY_new_raw_public_key_with_libctx(OPENSSL_CTX *libctx,
- const char *keytype,
- const char *propq,
- const unsigned char *pub,
- size_t len);
+EVP_PKEY *EVP_PKEY_new_raw_public_key_ex(OPENSSL_CTX *libctx,
+ const char *keytype, const char *propq,
+ const unsigned char *pub, size_t len);
EVP_PKEY *EVP_PKEY_new_raw_public_key(int type, ENGINE *e,
const unsigned char *pub,
size_t len);
int EVP_PKEY_get_raw_public_key(const EVP_PKEY *pkey, unsigned char *pub,
size_t *len);
-EVP_PKEY *EVP_PKEY_new_CMAC_key_with_libctx(const unsigned char *priv,
- size_t len,
- const char *cipher_name,
- OPENSSL_CTX *libctx,
- const char *propq);
+EVP_PKEY *EVP_PKEY_new_CMAC_key_ex(const unsigned char *priv, size_t len,
+ const char *cipher_name, OPENSSL_CTX *libctx,
+ const char *propq);
EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv,
size_t len, const EVP_CIPHER *cipher);
STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk,
pem_password_cb *cb, void *u);
STACK_OF(X509_INFO)
-*PEM_X509_INFO_read_bio_with_libctx(BIO *bp, STACK_OF(X509_INFO) *sk,
- pem_password_cb *cb, void *u,
- OPENSSL_CTX *libctx, const char *propq);
+*PEM_X509_INFO_read_bio_ex(BIO *bp, STACK_OF(X509_INFO) *sk,
+ pem_password_cb *cb, void *u, OPENSSL_CTX *libctx,
+ const char *propq);
int PEM_X509_INFO_write_bio(BIO *bp, const X509_INFO *xi, EVP_CIPHER *enc,
const unsigned char *kstr, int klen,
STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk,
pem_password_cb *cb, void *u);
STACK_OF(X509_INFO)
-*PEM_X509_INFO_read_with_libctx(FILE *fp, STACK_OF(X509_INFO) *sk,
- pem_password_cb *cb, void *u,
- OPENSSL_CTX *libctx, const char *propq);
+*PEM_X509_INFO_read_ex(FILE *fp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb,
+ void *u, OPENSSL_CTX *libctx, const char *propq);
#endif
int PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type);
DECLARE_ASN1_FUNCTIONS(PKCS7_DIGEST)
DECLARE_ASN1_FUNCTIONS(PKCS7_ENCRYPT)
DECLARE_ASN1_FUNCTIONS(PKCS7)
-PKCS7 *PKCS7_new_with_libctx(OPENSSL_CTX *libctx, const char *propq);
+PKCS7 *PKCS7_new_ex(OPENSSL_CTX *libctx, const char *propq);
DECLARE_ASN1_ITEM(PKCS7_ATTR_SIGN)
DECLARE_ASN1_ITEM(PKCS7_ATTR_VERIFY)
PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
BIO *data, int flags);
-PKCS7 *PKCS7_sign_with_libctx(X509 *signcert, EVP_PKEY *pkey,
- STACK_OF(X509) *certs, BIO *data, int flags,
- OPENSSL_CTX *libctx, const char *propq);
+PKCS7 *PKCS7_sign_ex(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
+ BIO *data, int flags, OPENSSL_CTX *libctx,
+ const char *propq);
PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *p7,
X509 *signcert, EVP_PKEY *pkey,
int flags);
PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher,
int flags);
-PKCS7 *PKCS7_encrypt_with_libctx(STACK_OF(X509) *certs, BIO *in,
- const EVP_CIPHER *cipher, int flags,
- OPENSSL_CTX *libctx, const char *propq);
+PKCS7 *PKCS7_encrypt_ex(STACK_OF(X509) *certs, BIO *in,
+ const EVP_CIPHER *cipher, int flags,
+ OPENSSL_CTX *libctx, const char *propq);
int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data,
int flags);
__owur int SSL_CTX_set_cipher_list(SSL_CTX *, const char *str);
__owur SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth);
-__owur SSL_CTX *SSL_CTX_new_with_libctx(OPENSSL_CTX *libctx, const char *propq,
- const SSL_METHOD *meth);
+__owur SSL_CTX *SSL_CTX_new_ex(OPENSSL_CTX *libctx, const char *propq,
+ const SSL_METHOD *meth);
int SSL_CTX_up_ref(SSL_CTX *ctx);
void SSL_CTX_free(SSL_CTX *);
__owur long SSL_CTX_set_timeout(SSL_CTX *ctx, long t);
__owur int SSL_use_certificate_chain_file(SSL *ssl, const char *file);
__owur STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file);
__owur STACK_OF(X509_NAME)
-*SSL_load_client_CA_file_with_libctx(const char *file,
- OPENSSL_CTX *libctx, const char *propq);
+*SSL_load_client_CA_file_ex(const char *file, OPENSSL_CTX *libctx,
+ const char *propq);
__owur int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
const char *file);
int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stackCAs,
OSSL_STORE_post_process_info_fn post_process,
void *post_process_data);
OSSL_STORE_CTX *
-OSSL_STORE_open_with_libctx(const char *uri,
- OPENSSL_CTX *libctx, const char *propq,
- const UI_METHOD *ui_method, void *ui_data,
- OSSL_STORE_post_process_info_fn post_process,
- void *post_process_data);
+OSSL_STORE_open_ex(const char *uri, OPENSSL_CTX *libctx, const char *propq,
+ const UI_METHOD *ui_method, void *ui_data,
+ OSSL_STORE_post_process_info_fn post_process,
+ void *post_process_data);
/*
* Control / fine tune the OSSL_STORE channel. |cmd| determines what is to be
typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_fn)
(const OSSL_STORE_LOADER *loader, const char *uri,
const UI_METHOD *ui_method, void *ui_data);
-typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_with_libctx_fn)
+typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_ex_fn)
(const OSSL_STORE_LOADER *loader,
const char *uri, OPENSSL_CTX *libctx, const char *propq,
const UI_METHOD *ui_method, void *ui_data);
DEPRECATEDIN_3_0(int OSSL_STORE_LOADER_set_open
(OSSL_STORE_LOADER *loader,
OSSL_STORE_open_fn open_function))
-DEPRECATEDIN_3_0(int OSSL_STORE_LOADER_set_open_with_libctx
+DEPRECATEDIN_3_0(int OSSL_STORE_LOADER_set_open_ex
(OSSL_STORE_LOADER *loader,
- OSSL_STORE_open_with_libctx_fn open_with_libctx_function))
+ OSSL_STORE_open_ex_fn open_ex_function))
DEPRECATEDIN_3_0(int OSSL_STORE_LOADER_set_attach
(OSSL_STORE_LOADER *loader,
OSSL_STORE_attach_fn attach_function))
int X509_verify(X509 *a, EVP_PKEY *r);
int X509_self_signed(X509 *cert, int verify_signature);
-int X509_REQ_verify_with_libctx(X509_REQ *a, EVP_PKEY *r, OPENSSL_CTX *libctx,
- const char *propq);
+int X509_REQ_verify_ex(X509_REQ *a, EVP_PKEY *r, OPENSSL_CTX *libctx,
+ const char *propq);
int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r);
int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r);
int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r);
DECLARE_ASN1_FUNCTIONS(X509_CINF)
DECLARE_ASN1_FUNCTIONS(X509)
-X509 *X509_new_with_libctx(OPENSSL_CTX *libctx, const char *propq);
+X509 *X509_new_ex(OPENSSL_CTX *libctx, const char *propq);
DECLARE_ASN1_FUNCTIONS(X509_CERT_AUX)
#define X509_get_ex_new_index(l, p, newf, dupf, freef) \
DECLARE_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO)
EVP_PKEY *EVP_PKCS82PKEY(const PKCS8_PRIV_KEY_INFO *p8);
-EVP_PKEY *EVP_PKCS82PKEY_with_libctx(const PKCS8_PRIV_KEY_INFO *p8,
- OPENSSL_CTX *libctx, const char *propq);
+EVP_PKEY *EVP_PKCS82PKEY_ex(const PKCS8_PRIV_KEY_INFO *p8, OPENSSL_CTX *libctx,
+ const char *propq);
PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(const EVP_PKEY *pkey);
int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj,
# define X509_LOOKUP_load_store(x,name) \
X509_LOOKUP_ctrl((x),X509_L_LOAD_STORE,(name),0,NULL)
-# define X509_LOOKUP_load_file_with_libctx(x, name, type, libctx, propq) \
-X509_LOOKUP_ctrl_with_libctx((x), X509_L_FILE_LOAD, (name), (long)(type), NULL,\
+# define X509_LOOKUP_load_file_ex(x, name, type, libctx, propq) \
+X509_LOOKUP_ctrl_ex((x), X509_L_FILE_LOAD, (name), (long)(type), NULL,\
(libctx), (propq))
-# define X509_LOOKUP_load_store_with_libctx(x, name, libctx, propq) \
-X509_LOOKUP_ctrl_with_libctx((x), X509_L_LOAD_STORE, (name), 0, NULL, \
+# define X509_LOOKUP_load_store_ex(x, name, libctx, propq) \
+X509_LOOKUP_ctrl_ex((x), X509_L_LOAD_STORE, (name), 0, NULL, \
(libctx), (propq))
-# define X509_LOOKUP_add_store_with_libctx(x, name, libctx, propq) \
-X509_LOOKUP_ctrl_with_libctx((x), X509_L_ADD_STORE, (name), 0, NULL, \
+# define X509_LOOKUP_add_store_ex(x, name, libctx, propq) \
+X509_LOOKUP_ctrl_ex((x), X509_L_ADD_STORE, (name), 0, NULL, \
(libctx), (propq))
# define X509_V_OK 0
int X509_STORE_set_ex_data(X509_STORE *ctx, int idx, void *data);
void *X509_STORE_get_ex_data(const X509_STORE *ctx, int idx);
-X509_STORE_CTX *X509_STORE_CTX_new_with_libctx(OPENSSL_CTX *libctx,
- const char *propq);
+X509_STORE_CTX *X509_STORE_CTX_new_ex(OPENSSL_CTX *libctx, const char *propq);
X509_STORE_CTX *X509_STORE_CTX_new(void);
int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x);
typedef int (*X509_LOOKUP_ctrl_fn)(X509_LOOKUP *ctx, int cmd, const char *argc,
long argl, char **ret);
-typedef int (*X509_LOOKUP_ctrl_with_libctx_fn)(
+typedef int (*X509_LOOKUP_ctrl_ex_fn)(
X509_LOOKUP *ctx, int cmd, const char *argc, long argl, char **ret,
OPENSSL_CTX *libctx, const char *propq);
X509_LOOKUP_TYPE type,
const X509_NAME *name,
X509_OBJECT *ret);
-typedef int (*X509_LOOKUP_get_by_subject_with_libctx_fn)(X509_LOOKUP *ctx,
+typedef int (*X509_LOOKUP_get_by_subject_ex_fn)(X509_LOOKUP *ctx,
X509_LOOKUP_TYPE type,
const X509_NAME *name,
X509_OBJECT *ret,
int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc,
long argl, char **ret);
-int X509_LOOKUP_ctrl_with_libctx(X509_LOOKUP *ctx, int cmd, const char *argc,
- long argl, char **ret,
- OPENSSL_CTX *libctx, const char *propq);
+int X509_LOOKUP_ctrl_ex(X509_LOOKUP *ctx, int cmd, const char *argc, long argl,
+ char **ret, OPENSSL_CTX *libctx, const char *propq);
int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type);
-int X509_load_cert_file_with_libctx(X509_LOOKUP *ctx, const char *file, int type,
- OPENSSL_CTX *libctx, const char *propq);
+int X509_load_cert_file_ex(X509_LOOKUP *ctx, const char *file, int type,
+ OPENSSL_CTX *libctx, const char *propq);
int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type);
int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type);
-int X509_load_cert_crl_file_with_libctx(X509_LOOKUP *ctx, const char *file,
- int type, OPENSSL_CTX *libctx,
- const char *propq);
+int X509_load_cert_crl_file_ex(X509_LOOKUP *ctx, const char *file, int type,
+ OPENSSL_CTX *libctx, const char *propq);
X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method);
void X509_LOOKUP_free(X509_LOOKUP *ctx);
int X509_LOOKUP_init(X509_LOOKUP *ctx);
int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
const X509_NAME *name, X509_OBJECT *ret);
-int X509_LOOKUP_by_subject_with_libctx(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
- const X509_NAME *name, X509_OBJECT *ret,
- OPENSSL_CTX *libctx, const char *propq);
+int X509_LOOKUP_by_subject_ex(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
+ const X509_NAME *name, X509_OBJECT *ret,
+ OPENSSL_CTX *libctx, const char *propq);
int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
const X509_NAME *name,
const ASN1_INTEGER *serial,
const char *dir);
int X509_STORE_set_default_paths(X509_STORE *ctx);
-int X509_STORE_load_file_with_libctx(X509_STORE *ctx, const char *file,
- OPENSSL_CTX *libctx, const char *propq);
-int X509_STORE_load_store_with_libctx(X509_STORE *ctx, const char *store,
- OPENSSL_CTX *libctx, const char *propq);
-int X509_STORE_load_locations_with_libctx(X509_STORE *ctx,
- const char *file, const char *dir,
- OPENSSL_CTX *libctx, const char *propq);
-int X509_STORE_set_default_paths_with_libctx(X509_STORE *ctx,
- OPENSSL_CTX *libctx,
- const char *propq);
+int X509_STORE_load_file_ex(X509_STORE *ctx, const char *file,
+ OPENSSL_CTX *libctx, const char *propq);
+int X509_STORE_load_store_ex(X509_STORE *ctx, const char *store,
+ OPENSSL_CTX *libctx, const char *propq);
+int X509_STORE_load_locations_ex(X509_STORE *ctx, const char *file,
+ const char *dir, OPENSSL_CTX *libctx,
+ const char *propq);
+int X509_STORE_set_default_paths_ex(X509_STORE *ctx, OPENSSL_CTX *libctx,
+ const char *propq);
#define X509_STORE_CTX_get_ex_new_index(l, p, newf, dupf, freef) \
CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509_STORE_CTX, l, p, newf, dupf, freef)
return 0;
}
ret =
- rsa_padding_add_PKCS1_OAEP_mgf1_with_libctx(prsactx->libctx, tbuf,
- rsasize, in, inlen,
- prsactx->oaep_label,
- prsactx->oaep_labellen,
- prsactx->oaep_md,
- prsactx->mgf1_md);
+ rsa_padding_add_PKCS1_OAEP_mgf1_ex(prsactx->libctx, tbuf, rsasize,
+ in, inlen, prsactx->oaep_label,
+ prsactx->oaep_labellen,
+ prsactx->oaep_md,
+ prsactx->mgf1_md);
if (!ret) {
OPENSSL_free(tbuf);
X = (uint32_t *)(B + Blen);
T = X + 32 * r;
V = T + 32 * r;
- if (pkcs5_pbkdf2_hmac_with_libctx(pass, passlen, salt, saltlen, 1, sha256,
- (int)Blen, B, libctx, propq) == 0)
+ if (pkcs5_pbkdf2_hmac_ex(pass, passlen, salt, saltlen, 1, sha256, (int)Blen,
+ B, libctx, propq) == 0)
goto err;
for (i = 0; i < p; i++)
scryptROMix(B + 128 * r * i, r, N, X, T, V);
- if (pkcs5_pbkdf2_hmac_with_libctx(pass, passlen, B, (int)Blen, 1, sha256,
- keylen, key, libctx, propq) == 0)
+ if (pkcs5_pbkdf2_hmac_ex(pass, passlen, B, (int)Blen, 1, sha256, keylen,
+ key, libctx, propq) == 0)
goto err;
rv = 1;
err:
DH *dh = NULL;
if (ossl_prov_is_running()) {
- dh = dh_new_with_libctx(PROV_LIBRARY_CONTEXT_OF(provctx));
+ dh = dh_new_ex(PROV_LIBRARY_CONTEXT_OF(provctx));
if (dh != NULL) {
DH_clear_flags(dh, DH_FLAG_TYPE_MASK);
DH_set_flags(dh, DH_FLAG_TYPE_DH);
{
DH *dh = NULL;
- dh = dh_new_with_libctx(PROV_LIBRARY_CONTEXT_OF(provctx));
+ dh = dh_new_ex(PROV_LIBRARY_CONTEXT_OF(provctx));
if (dh != NULL) {
DH_clear_flags(dh, DH_FLAG_TYPE_MASK);
DH_set_flags(dh, DH_FLAG_TYPE_DHX);
gctx->group_nid = dh_get_named_group_uid_from_size(gctx->pbits);
if (gctx->group_nid == NID_undef)
return NULL;
- dh = dh_new_by_nid_with_libctx(gctx->libctx, gctx->group_nid);
+ dh = dh_new_by_nid_ex(gctx->libctx, gctx->group_nid);
if (dh == NULL)
return NULL;
ffc = dh_get0_params(dh);
} else {
- dh = dh_new_with_libctx(gctx->libctx);
+ dh = dh_new_ex(gctx->libctx);
if (dh == NULL)
return NULL;
ffc = dh_get0_params(dh);
{
if (!ossl_prov_is_running())
return NULL;
- return EC_KEY_new_with_libctx(PROV_LIBRARY_CONTEXT_OF(provctx), NULL);
+ return EC_KEY_new_ex(PROV_LIBRARY_CONTEXT_OF(provctx), NULL);
}
static
if (!ossl_prov_is_running()
|| gctx == NULL
- || (ec = EC_KEY_new_with_libctx(gctx->libctx, NULL)) == NULL)
+ || (ec = EC_KEY_new_ex(gctx->libctx, NULL)) == NULL)
return NULL;
if (gctx->gen_group == NULL) {
else
verify_store = s->ctx->cert_store;
- ctx = X509_STORE_CTX_new_with_libctx(s->ctx->libctx, s->ctx->propq);
+ ctx = X509_STORE_CTX_new_ex(s->ctx->libctx, s->ctx->propq);
if (ctx == NULL) {
SSLerr(SSL_F_SSL_VERIFY_CERT_CHAIN, ERR_R_MALLOC_FAILURE);
return 0;
return X509_NAME_hash((X509_NAME *)a);
}
-STACK_OF(X509_NAME) *SSL_load_client_CA_file_with_libctx(const char *file,
- OPENSSL_CTX *libctx,
- const char *propq)
+STACK_OF(X509_NAME) *SSL_load_client_CA_file_ex(const char *file,
+ OPENSSL_CTX *libctx,
+ const char *propq)
{
BIO *in = BIO_new(BIO_s_file());
X509 *x = NULL;
goto err;
}
- x = X509_new_with_libctx(libctx, propq);
+ x = X509_new_ex(libctx, propq);
if (x == NULL) {
SSLerr(0, ERR_R_MALLOC_FAILURE);
goto err;
STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file)
{
- return SSL_load_client_CA_file_with_libctx(file, NULL, NULL);
+ return SSL_load_client_CA_file_ex(file, NULL, NULL);
}
int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
untrusted = cpk->chain;
}
- xs_ctx = X509_STORE_CTX_new_with_libctx(real_ctx->libctx, ctx->propq);
+ xs_ctx = X509_STORE_CTX_new_ex(real_ctx->libctx, ctx->propq);
if (xs_ctx == NULL) {
SSLerr(SSL_F_SSL_BUILD_CERT_CHAIN, ERR_R_MALLOC_FAILURE);
goto err;
return 0;
}
- if (CAfile != NULL && !X509_STORE_load_file_with_libctx(*st, CAfile,
- libctx, propq))
+ if (CAfile != NULL && !X509_STORE_load_file_ex(*st, CAfile, libctx, propq))
return 0;
if (CApath != NULL && !X509_STORE_load_path(*st, CApath))
return 0;
- if (CAstore != NULL && !X509_STORE_load_store_with_libctx(*st, CAstore,
- libctx, propq))
+ if (CAstore != NULL && !X509_STORE_load_store_ex(*st, CAstore, libctx,
+ propq))
return 0;
return 1;
}
* via ssl.h.
*/
-SSL_CTX *SSL_CTX_new_with_libctx(OPENSSL_CTX *libctx, const char *propq,
- const SSL_METHOD *meth)
+SSL_CTX *SSL_CTX_new_ex(OPENSSL_CTX *libctx, const char *propq,
+ const SSL_METHOD *meth)
{
SSL_CTX *ret = NULL;
if (ret->cert_store == NULL)
goto err;
#ifndef OPENSSL_NO_CT
- ret->ctlog_store = CTLOG_STORE_new_with_libctx(libctx, propq);
+ ret->ctlog_store = CTLOG_STORE_new_ex(libctx, propq);
if (ret->ctlog_store == NULL)
goto err;
#endif
SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth)
{
- return SSL_CTX_new_with_libctx(NULL, NULL, meth);
+ return SSL_CTX_new_ex(NULL, NULL, meth);
}
int SSL_CTX_up_ref(SSL_CTX *ctx)
int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx)
{
- return X509_STORE_set_default_paths_with_libctx(ctx->cert_store,
- ctx->libctx, ctx->propq);
+ return X509_STORE_set_default_paths_ex(ctx->cert_store, ctx->libctx,
+ ctx->propq);
}
int SSL_CTX_set_default_verify_dir(SSL_CTX *ctx)
/* We ignore errors, in case the directory doesn't exist */
ERR_set_mark();
- X509_LOOKUP_load_file_with_libctx(lookup, NULL, X509_FILETYPE_DEFAULT,
- ctx->libctx, ctx->propq);
+ X509_LOOKUP_load_file_ex(lookup, NULL, X509_FILETYPE_DEFAULT, ctx->libctx,
+ ctx->propq);
ERR_pop_to_mark();
/* We ignore errors, in case the directory doesn't exist */
ERR_set_mark();
- X509_LOOKUP_add_store_with_libctx(lookup, NULL, ctx->libctx, ctx->propq);
+ X509_LOOKUP_add_store_ex(lookup, NULL, ctx->libctx, ctx->propq);
ERR_pop_to_mark();
int SSL_CTX_load_verify_file(SSL_CTX *ctx, const char *CAfile)
{
- return X509_STORE_load_file_with_libctx(ctx->cert_store, CAfile,
- ctx->libctx, ctx->propq);
+ return X509_STORE_load_file_ex(ctx->cert_store, CAfile, ctx->libctx,
+ ctx->propq);
}
int SSL_CTX_load_verify_dir(SSL_CTX *ctx, const char *CApath)
int SSL_CTX_load_verify_store(SSL_CTX *ctx, const char *CAstore)
{
- return X509_STORE_load_store_with_libctx(ctx->cert_store, CAstore,
- ctx->libctx, ctx->propq);
+ return X509_STORE_load_store_ex(ctx->cert_store, CAstore, ctx->libctx,
+ ctx->propq);
}
int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
}
}
- ctx = CT_POLICY_EVAL_CTX_new_with_libctx(s->ctx->libctx, s->ctx->propq);
+ ctx = CT_POLICY_EVAL_CTX_new_ex(s->ctx->libctx, s->ctx->propq);
if (ctx == NULL) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_VALIDATE_CT,
ERR_R_MALLOC_FAILURE);
SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE, SSL_R_BAD_SSL_FILETYPE);
goto end;
}
- x = X509_new_with_libctx(ssl->ctx->libctx, ssl->ctx->propq);
+ x = X509_new_ex(ssl->ctx->libctx, ssl->ctx->propq);
if (x == NULL) {
SSLerr(0, ERR_R_MALLOC_FAILURE);
goto end;
X509 *x;
int ret;
- x = X509_new_with_libctx(ssl->ctx->libctx, ssl->ctx->propq);
+ x = X509_new_ex(ssl->ctx->libctx, ssl->ctx->propq);
if (x == NULL) {
SSLerr(0, ERR_R_MALLOC_FAILURE);
return 0;
SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, SSL_R_BAD_SSL_FILETYPE);
goto end;
}
- x = X509_new_with_libctx(ctx->libctx, ctx->propq);
+ x = X509_new_ex(ctx->libctx, ctx->propq);
if (x == NULL) {
SSLerr(0, ERR_R_MALLOC_FAILURE);
goto end;
X509 *x;
int ret;
- x = X509_new_with_libctx(ctx->libctx, ctx->propq);
+ x = X509_new_ex(ctx->libctx, ctx->propq);
if (x == NULL) {
SSLerr(0, ERR_R_MALLOC_FAILURE);
return 0;
goto end;
}
- x = X509_new_with_libctx(real_ctx->libctx, real_ctx->propq);
+ x = X509_new_ex(real_ctx->libctx, real_ctx->propq);
if (x == NULL) {
SSLerr(SSL_F_USE_CERTIFICATE_CHAIN_FILE, ERR_R_MALLOC_FAILURE);
goto end;
}
while (1) {
- ca = X509_new_with_libctx(real_ctx->libctx, real_ctx->propq);
+ ca = X509_new_ex(real_ctx->libctx, real_ctx->propq);
if (ca == NULL) {
SSLerr(SSL_F_USE_CERTIFICATE_CHAIN_FILE, ERR_R_MALLOC_FAILURE);
goto end;
goto err;
}
- mackey = EVP_PKEY_new_raw_private_key_with_libctx(s->ctx->libctx, "HMAC",
- s->ctx->propq,
- finishedkey,
- hashsize);
+ mackey = EVP_PKEY_new_raw_private_key_ex(s->ctx->libctx, "HMAC",
+ s->ctx->propq, finishedkey,
+ hashsize);
if (mackey == NULL) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PSK_DO_BINDER,
ERR_R_INTERNAL_ERROR);
binderout = tmpbinder;
bindersize = hashsize;
- if (EVP_DigestSignInit_with_libctx(mctx, NULL, EVP_MD_name(md),
- s->ctx->libctx, s->ctx->propq,
- mackey) <= 0
+ if (EVP_DigestSignInit_ex(mctx, NULL, EVP_MD_name(md), s->ctx->libctx,
+ s->ctx->propq, mackey) <= 0
|| EVP_DigestSignUpdate(mctx, hash, hashsize) <= 0
|| EVP_DigestSignFinal(mctx, binderout, &bindersize) <= 0
|| bindersize != hashsize) {
/* Verify the HMAC of the cookie */
hctx = EVP_MD_CTX_create();
- pkey = EVP_PKEY_new_raw_private_key_with_libctx(s->ctx->libctx, "HMAC",
- s->ctx->propq,
- s->session_ctx->ext.cookie_hmac_key,
- sizeof(s->session_ctx->ext
- .cookie_hmac_key));
+ pkey = EVP_PKEY_new_raw_private_key_ex(s->ctx->libctx, "HMAC",
+ s->ctx->propq,
+ s->session_ctx->ext.cookie_hmac_key,
+ sizeof(s->session_ctx->ext.cookie_hmac_key));
if (hctx == NULL || pkey == NULL) {
EVP_MD_CTX_free(hctx);
EVP_PKEY_free(pkey);
}
hmaclen = SHA256_DIGEST_LENGTH;
- if (EVP_DigestSignInit_with_libctx(hctx, NULL, "SHA2-256",
- s->ctx->libctx, s->ctx->propq, pkey) <= 0
+ if (EVP_DigestSignInit_ex(hctx, NULL, "SHA2-256", s->ctx->libctx,
+ s->ctx->propq, pkey) <= 0
|| EVP_DigestSign(hctx, hmac, &hmaclen, data,
rawlen - SHA256_DIGEST_LENGTH) <= 0
|| hmaclen != SHA256_DIGEST_LENGTH) {
/* HMAC the cookie */
hctx = EVP_MD_CTX_create();
- pkey = EVP_PKEY_new_raw_private_key_with_libctx(s->ctx->libctx, "HMAC",
- s->ctx->propq,
- s->session_ctx->ext.cookie_hmac_key,
- sizeof(s->session_ctx->ext
- .cookie_hmac_key));
+ pkey = EVP_PKEY_new_raw_private_key_ex(s->ctx->libctx, "HMAC",
+ s->ctx->propq,
+ s->session_ctx->ext.cookie_hmac_key,
+ sizeof(s->session_ctx->ext.cookie_hmac_key));
if (hctx == NULL || pkey == NULL) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_STOC_COOKIE,
ERR_R_MALLOC_FAILURE);
goto err;
}
- if (EVP_DigestSignInit_with_libctx(hctx, NULL, "SHA2-256",
- s->ctx->libctx, s->ctx->propq,
- pkey) <= 0
+ if (EVP_DigestSignInit_ex(hctx, NULL, "SHA2-256", s->ctx->libctx,
+ s->ctx->propq, pkey) <= 0
|| EVP_DigestSign(hctx, hmac, &hmaclen, cookie,
totcookielen) <= 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_STOC_COOKIE,
}
certstart = certbytes;
- x = X509_new_with_libctx(s->ctx->libctx, s->ctx->propq);
+ x = X509_new_ex(s->ctx->libctx, s->ctx->propq);
if (x == NULL) {
SSLfatal(s, SSL_AD_DECODE_ERROR,
SSL_F_TLS_PROCESS_SERVER_CERTIFICATE, ERR_R_MALLOC_FAILURE);
goto err;
}
- if (EVP_DigestVerifyInit_with_libctx(md_ctx, &pctx,
- md == NULL ? NULL : EVP_MD_name(md),
- s->ctx->libctx, s->ctx->propq,
- pkey) <= 0) {
+ if (EVP_DigestVerifyInit_ex(md_ctx, &pctx,
+ md == NULL ? NULL : EVP_MD_name(md),
+ s->ctx->libctx, s->ctx->propq, pkey) <= 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_KEY_EXCHANGE,
ERR_R_EVP_LIB);
goto err;
goto err;
}
- if (EVP_DigestSignInit_with_libctx(mctx, &pctx,
- md == NULL ? NULL : EVP_MD_name(md),
- s->ctx->libctx, s->ctx->propq,
- pkey) <= 0) {
+ if (EVP_DigestSignInit_ex(mctx, &pctx, md == NULL ? NULL : EVP_MD_name(md),
+ s->ctx->libctx, s->ctx->propq, pkey) <= 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_CONSTRUCT_CERT_VERIFY,
ERR_R_EVP_LIB);
goto err;
OSSL_TRACE1(TLS, "Using client verify alg %s\n",
md == NULL ? "n/a" : EVP_MD_name(md));
- if (EVP_DigestVerifyInit_with_libctx(mctx, &pctx,
- md == NULL ? NULL : EVP_MD_name(md),
- s->ctx->libctx, s->ctx->propq,
- pkey) <= 0) {
+ if (EVP_DigestVerifyInit_ex(mctx, &pctx,
+ md == NULL ? NULL : EVP_MD_name(md),
+ s->ctx->libctx, s->ctx->propq, pkey) <= 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS_PROCESS_CERT_VERIFY,
ERR_R_EVP_LIB);
goto err;
chain_store = s->ctx->cert_store;
if (chain_store != NULL) {
- X509_STORE_CTX *xs_ctx = X509_STORE_CTX_new_with_libctx(s->ctx->libctx,
- s->ctx->propq);
+ X509_STORE_CTX *xs_ctx = X509_STORE_CTX_new_ex(s->ctx->libctx,
+ s->ctx->propq);
if (xs_ctx == NULL) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_SSL_ADD_CERT_CHAIN,
goto err;
}
- if (EVP_DigestSignInit_with_libctx(md_ctx, &pctx,
- md == NULL ? NULL : EVP_MD_name(md),
- s->ctx->libctx, s->ctx->propq,
- pkey) <= 0) {
+ if (EVP_DigestSignInit_ex(md_ctx, &pctx,
+ md == NULL ? NULL : EVP_MD_name(md),
+ s->ctx->libctx, s->ctx->propq, pkey) <= 0) {
SSLfatal(s, SSL_AD_INTERNAL_ERROR,
SSL_F_TLS_CONSTRUCT_SERVER_KEY_EXCHANGE,
ERR_R_INTERNAL_ERROR);
}
certstart = certbytes;
- x = X509_new_with_libctx(s->ctx->libctx, s->ctx->propq);
+ x = X509_new_ex(s->ctx->libctx, s->ctx->propq);
if (x == NULL) {
SSLfatal(s, SSL_AD_DECODE_ERROR,
SSL_F_TLS_PROCESS_CLIENT_CERTIFICATE, ERR_R_MALLOC_FAILURE);
if (!(EVP_CIPHER_flags(c) & EVP_CIPH_FLAG_AEAD_CIPHER)) {
if (mac_type == EVP_PKEY_HMAC) {
- mac_key = EVP_PKEY_new_raw_private_key_with_libctx(s->ctx->libctx,
- "HMAC",
- s->ctx->propq,
- mac_secret,
- *mac_secret_size);
+ mac_key = EVP_PKEY_new_raw_private_key_ex(s->ctx->libctx, "HMAC",
+ s->ctx->propq, mac_secret,
+ *mac_secret_size);
} else {
/*
* If its not HMAC then the only other types of MAC we support are
(int)*mac_secret_size);
}
if (mac_key == NULL
- || EVP_DigestSignInit_with_libctx(mac_ctx, NULL, EVP_MD_name(m),
- s->ctx->libctx, s->ctx->propq,
- mac_key) <= 0) {
+ || EVP_DigestSignInit_ex(mac_ctx, NULL, EVP_MD_name(m),
+ s->ctx->libctx, s->ctx->propq, mac_key) <= 0) {
EVP_PKEY_free(mac_key);
SSLfatal(s, SSL_AD_INTERNAL_ERROR, SSL_F_TLS1_CHANGE_CIPHER_STATE,
ERR_R_INTERNAL_ERROR);
if (!TEST_ptr(sig = OPENSSL_malloc(sz))
|| !TEST_ptr(md_ctx = EVP_MD_CTX_new())
- || !TEST_int_eq(EVP_DigestSignInit_with_libctx(md_ctx, NULL,
- digest_name, libctx, NULL,
- pkey), 1)
+ || !TEST_int_eq(EVP_DigestSignInit_ex(md_ctx, NULL, digest_name, libctx,
+ NULL, pkey), 1)
|| !TEST_int_gt(EVP_DigestSign(md_ctx, sig, &sig_len, msg, msg_len), 0))
goto err;
*sig_out = sig;
ret = TEST_int_gt((sig_len = i2d_ECDSA_SIG(sign, &sig)), 0)
&& TEST_ptr(md_ctx = EVP_MD_CTX_new())
- && TEST_true(EVP_DigestVerifyInit_with_libctx(md_ctx, NULL,
- tst->digest_alg,
- libctx, NULL, pkey)
+ && TEST_true(EVP_DigestVerifyInit_ex(md_ctx, NULL, tst->digest_alg,
+ libctx, NULL, pkey)
&& TEST_int_eq(EVP_DigestVerify(md_ctx, sig, sig_len,
tst->msg, tst->msg_len), tst->pass));
err:
|| !TEST_true(rsa_create_pkey(&pkey, tst->n, tst->n_len,
tst->e, tst->e_len, NULL, 0, bn_ctx))
|| !TEST_ptr(md_ctx = EVP_MD_CTX_new())
- || !TEST_true(EVP_DigestVerifyInit_with_libctx(md_ctx, &pkey_ctx,
- tst->digest_alg,
- libctx, NULL, pkey)
+ || !TEST_true(EVP_DigestVerifyInit_ex(md_ctx, &pkey_ctx,
+ tst->digest_alg, libctx, NULL,
+ pkey)
|| !TEST_true(EVP_PKEY_CTX_set_params(pkey_ctx, params))
|| !TEST_int_eq(EVP_DigestVerify(md_ctx, tst->sig, tst->sig_len,
tst->msg, tst->msg_len), tst->pass)))
return 1;
}
-static int test_ASYNC_start_job_with_libctx(void)
+static int test_ASYNC_start_job_ex(void)
{
ASYNC_JOB *job = NULL;
int funcret;
if (libctx == NULL) {
fprintf(stderr,
- "test_ASYNC_start_job_with_libctx() failed to create libctx\n");
+ "test_ASYNC_start_job_ex() failed to create libctx\n");
goto err;
}
NULL, 0)
!= ASYNC_PAUSE) {
fprintf(stderr,
- "test_ASYNC_start_job_with_libctx() failed to start job\n");
+ "test_ASYNC_start_job_ex() failed to start job\n");
goto err;
}
oldctx = OPENSSL_CTX_set0_default(tmpctx);
if (tmpctx != libctx) {
fprintf(stderr,
- "test_ASYNC_start_job_with_libctx() failed - unexpected libctx\n");
+ "test_ASYNC_start_job_ex() failed - unexpected libctx\n");
goto err;
}
if (ASYNC_start_job(&job, waitctx, &funcret, change_deflt_libctx, NULL, 0)
!= ASYNC_PAUSE) {
fprintf(stderr,
- "test_ASYNC_start_job_with_libctx() - restarting job failed\n");
+ "test_ASYNC_start_job_ex() - restarting job failed\n");
goto err;
}
tmpctx = OPENSSL_CTX_set0_default(oldctx);
if (tmpctx != libctx) {
fprintf(stderr,
- "test_ASYNC_start_job_with_libctx() failed - unexpected libctx\n");
+ "test_ASYNC_start_job_ex() failed - unexpected libctx\n");
goto err;
}
!= ASYNC_FINISH
|| funcret != 1) {
fprintf(stderr,
- "test_ASYNC_start_job_with_libctx() - finishing job failed\n");
+ "test_ASYNC_start_job_ex() - finishing job failed\n");
goto err;
}
OPENSSL_CTX_set0_default(tmpctx);
if (tmpctx != globalctx) {
fprintf(stderr,
- "test_ASYNC_start_job_with_libctx() failed - global libctx check failed\n");
+ "test_ASYNC_start_job_ex() failed - global libctx check failed\n");
goto err;
}
|| !test_ASYNC_get_current_job()
|| !test_ASYNC_WAIT_CTX_get_all_fds()
|| !test_ASYNC_block_pause()
- || !test_ASYNC_start_job_with_libctx()) {
+ || !test_ASYNC_start_job_ex()) {
return 1;
}
}
static OSSL_PROVIDER *default_null_provider = NULL, *provider = NULL;
/* TODO(3.0) Clean this up - See issue #12680 */
-static X509 *X509_dup_with_libctx(const X509 *cert)
+static X509 *X509_dup_ex(const X509 *cert)
{
X509 *dup = X509_dup(cert);
fixture->fail_info = 0;
fixture->expected = 1;
if (!TEST_true(ossl_cmp_ctx_set0_newCert(fixture->cmp_ctx,
- X509_dup_with_libctx(cert)))) {
+ X509_dup_ex(cert)))) {
tear_down(fixture);
fixture = NULL;
}
fixture->fail_info = 1 << OSSL_CMP_PKIFAILUREINFO_badAlg;
fixture->expected = 1;
if (!TEST_true(ossl_cmp_ctx_set0_newCert(fixture->cmp_ctx,
- X509_dup_with_libctx(cert)))) {
+ X509_dup_ex(cert)))) {
tear_down(fixture);
fixture = NULL;
}
fixture->fail_info = 1 << OSSL_CMP_PKIFAILUREINFO_MAX;
fixture->expected = 1;
if (!TEST_true(ossl_cmp_ctx_set0_newCert(fixture->cmp_ctx,
- X509_dup_with_libctx(cert)))) {
+ X509_dup_ex(cert)))) {
tear_down(fixture);
fixture = NULL;
}
cresp->certifiedKeyPair->certOrEncCert->type =
OSSL_CMP_CERTORENCCERT_CERTIFICATE;
if ((cresp->certifiedKeyPair->certOrEncCert->value.certificate =
- X509_dup_with_libctx(cert)) == NULL
+ X509_dup_ex(cert)) == NULL
|| !sk_OSSL_CMP_CERTRESPONSE_push(crepmsg->response, cresp))
goto err;
cresp = NULL;
if (!TEST_ptr(bio = BIO_new(BIO_s_file())))
return NULL;
if (TEST_int_gt(BIO_read_filename(bio, file), 0)
- && TEST_ptr(cert = X509_new_with_libctx(libctx, NULL)))
+ && TEST_ptr(cert = X509_new_ex(libctx, NULL)))
(void)TEST_ptr(cert = PEM_read_bio_X509(bio, &cert, NULL, NULL));
BIO_free(bio);
# include <openssl/cmp.h>
# include <openssl/pem.h>
# include <openssl/rand.h>
-# include "crypto/x509.h" /* for x509_set0_libctx() and x509_dup_with_libctx() */
+# include "crypto/x509.h" /* for x509_set0_libctx() and x509_dup_ex() */
# include "../crypto/cmp/cmp_local.h"
inlen = strlen(keys[tst].pub);
in = (unsigned char *)keys[tst].pub;
if (uselibctx) {
- pkey = EVP_PKEY_new_raw_public_key_with_libctx(
+ pkey = EVP_PKEY_new_raw_public_key_ex(
testctx,
OBJ_nid2sn(keys[tst].type),
NULL,
inlen = strlen(keys[tst].priv);
in = (unsigned char *)keys[tst].priv;
if (uselibctx) {
- pkey = EVP_PKEY_new_raw_private_key_with_libctx(
+ pkey = EVP_PKEY_new_raw_private_key_ex(
testctx, OBJ_nid2sn(keys[tst].type),
NULL,
in,
*/
mdctx = EVP_MD_CTX_new();
if (!TEST_ptr(mdctx)
- || !TEST_true(EVP_DigestSignInit_with_libctx(mdctx, NULL,
- "SHA1", NULL, NULL,
- pkey)))
+ || !TEST_true(EVP_DigestSignInit_ex(mdctx, NULL, "SHA1", NULL, NULL,
+ pkey)))
goto err;
/*
};
if (!TEST_ptr(bio = BIO_new_mem_buf(dhx_cert, sizeof(dhx_cert)))
- || !TEST_ptr(cert = X509_new_with_libctx(libctx, NULL))
+ || !TEST_ptr(cert = X509_new_ex(libctx, NULL))
|| !TEST_ptr(d2i_X509_bio(bio, &cert)))
goto err;
ret = 1;
t->err = "MAC_KEY_CREATE_ERROR";
goto err;
}
- key = EVP_PKEY_new_CMAC_key_with_libctx(expected->key,
- expected->key_len,
- EVP_CIPHER_name(cipher),
- libctx, NULL);
+ key = EVP_PKEY_new_CMAC_key_ex(expected->key, expected->key_len,
+ EVP_CIPHER_name(cipher), libctx, NULL);
} else {
- key = EVP_PKEY_new_raw_private_key_with_libctx(libctx,
- OBJ_nid2sn(expected->type),
- NULL, expected->key,
- expected->key_len);
+ key = EVP_PKEY_new_raw_private_key_ex(libctx,
+ OBJ_nid2sn(expected->type), NULL,
+ expected->key, expected->key_len);
}
if (key == NULL) {
t->err = "MAC_KEY_CREATE_ERROR";
t->err = "INTERNAL_ERROR";
goto err;
}
- if (!EVP_DigestSignInit_with_libctx(mctx, &pctx, mdname, libctx, NULL, key)) {
+ if (!EVP_DigestSignInit_ex(mctx, &pctx, mdname, libctx, NULL, key)) {
t->err = "DIGESTSIGNINIT_ERROR";
goto err;
}
return 1;
}
if (mdata->is_verify) {
- if (!EVP_DigestVerifyInit_with_libctx(mdata->ctx, &mdata->pctx,
- name, libctx, NULL, pkey))
+ if (!EVP_DigestVerifyInit_ex(mdata->ctx, &mdata->pctx, name, libctx,
+ NULL, pkey))
t->err = "DIGESTVERIFYINIT_ERROR";
return 1;
}
- if (!EVP_DigestSignInit_with_libctx(mdata->ctx, &mdata->pctx,
- name, libctx, NULL, pkey))
+ if (!EVP_DigestSignInit_ex(mdata->ctx, &mdata->pctx, name, libctx, NULL,
+ pkey))
t->err = "DIGESTSIGNINIT_ERROR";
return 1;
}
return 0;
}
if (klist == &private_keys)
- pkey = EVP_PKEY_new_raw_private_key_with_libctx(libctx, strnid, NULL,
- keybin, keylen);
+ pkey = EVP_PKEY_new_raw_private_key_ex(libctx, strnid, NULL, keybin,
+ keylen);
else
- pkey = EVP_PKEY_new_raw_public_key_with_libctx(libctx, strnid, NULL,
- keybin, keylen);
+ pkey = EVP_PKEY_new_raw_public_key_ex(libctx, strnid, NULL, keybin,
+ keylen);
if (pkey == NULL && !key_unsupported()) {
TEST_info("Can't read %s data", pp->key);
OPENSSL_free(keybin);
ret = TEST_ptr(search = OSSL_STORE_SEARCH_by_alias("nothing"))
&& TEST_ptr(ui_method= UI_create_method("DummyUI"))
- && TEST_ptr(sctx = OSSL_STORE_open_with_libctx(infile, NULL, NULL,
- ui_method, NULL,
- NULL, NULL))
+ && TEST_ptr(sctx = OSSL_STORE_open_ex(infile, NULL, NULL, ui_method,
+ NULL, NULL, NULL))
&& TEST_false(OSSL_STORE_find(sctx, NULL))
&& TEST_true(OSSL_STORE_find(sctx, search));
UI_destroy_method(ui_method);
#ifndef OPENSSL_NO_DTLS
if (test_ctx->method == SSL_TEST_METHOD_DTLS) {
- server_ctx = SSL_CTX_new_with_libctx(libctx, NULL, DTLS_server_method());
+ server_ctx = SSL_CTX_new_ex(libctx, NULL, DTLS_server_method());
if (!TEST_true(SSL_CTX_set_max_proto_version(server_ctx, 0)))
goto err;
if (test_ctx->extra.server.servername_callback !=
SSL_TEST_SERVERNAME_CB_NONE) {
if (!TEST_ptr(server2_ctx =
- SSL_CTX_new_with_libctx(libctx, NULL,
- DTLS_server_method())))
+ SSL_CTX_new_ex(libctx, NULL, DTLS_server_method())))
goto err;
}
- client_ctx = SSL_CTX_new_with_libctx(libctx, NULL, DTLS_client_method());
+ client_ctx = SSL_CTX_new_ex(libctx, NULL, DTLS_client_method());
if (!TEST_true(SSL_CTX_set_max_proto_version(client_ctx, 0)))
goto err;
if (test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_RESUME) {
- resume_server_ctx = SSL_CTX_new_with_libctx(libctx, NULL,
- DTLS_server_method());
+ resume_server_ctx = SSL_CTX_new_ex(libctx, NULL,
+ DTLS_server_method());
if (!TEST_true(SSL_CTX_set_max_proto_version(resume_server_ctx, 0)))
goto err;
- resume_client_ctx = SSL_CTX_new_with_libctx(libctx, NULL,
- DTLS_client_method());
+ resume_client_ctx = SSL_CTX_new_ex(libctx, NULL,
+ DTLS_client_method());
if (!TEST_true(SSL_CTX_set_max_proto_version(resume_client_ctx, 0)))
goto err;
if (!TEST_ptr(resume_server_ctx)
}
#endif
if (test_ctx->method == SSL_TEST_METHOD_TLS) {
- server_ctx = SSL_CTX_new_with_libctx(libctx, NULL, TLS_server_method());
+ server_ctx = SSL_CTX_new_ex(libctx, NULL, TLS_server_method());
if (!TEST_true(SSL_CTX_set_max_proto_version(server_ctx, 0)))
goto err;
/* SNI on resumption isn't supported/tested yet. */
if (test_ctx->extra.server.servername_callback !=
SSL_TEST_SERVERNAME_CB_NONE) {
if (!TEST_ptr(server2_ctx =
- SSL_CTX_new_with_libctx(libctx, NULL,
- TLS_server_method())))
+ SSL_CTX_new_ex(libctx, NULL, TLS_server_method())))
goto err;
if (!TEST_true(SSL_CTX_set_max_proto_version(server2_ctx, 0)))
goto err;
}
- client_ctx = SSL_CTX_new_with_libctx(libctx, NULL, TLS_client_method());
+ client_ctx = SSL_CTX_new_ex(libctx, NULL, TLS_client_method());
if (!TEST_true(SSL_CTX_set_max_proto_version(client_ctx, 0)))
goto err;
if (test_ctx->handshake_mode == SSL_TEST_HANDSHAKE_RESUME) {
- resume_server_ctx = SSL_CTX_new_with_libctx(libctx, NULL,
- TLS_server_method());
+ resume_server_ctx = SSL_CTX_new_ex(libctx, NULL,
+ TLS_server_method());
if (!TEST_true(SSL_CTX_set_max_proto_version(resume_server_ctx, 0)))
goto err;
- resume_client_ctx = SSL_CTX_new_with_libctx(libctx, NULL,
- TLS_client_method());
+ resume_client_ctx = SSL_CTX_new_ex(libctx, NULL,
+ TLS_client_method());
if (!TEST_true(SSL_CTX_set_max_proto_version(resume_client_ctx, 0)))
goto err;
if (!TEST_ptr(resume_server_ctx)
if (!strcmp(value, "empty"))
*pnames = sk_X509_NAME_new_null();
else
- *pnames = SSL_load_client_CA_file_with_libctx(value, libctx, NULL);
+ *pnames = SSL_load_client_CA_file_ex(value, libctx, NULL);
return *pnames != NULL;
}
__owur static int parse_expected_server_ca_names(SSL_TEST_CTX *test_ctx,
if (!TEST_ptr(certbio = BIO_new_file(cert, "r")))
goto end;
- if (!TEST_ptr(chaincert = X509_new_with_libctx(libctx, NULL)))
+ if (!TEST_ptr(chaincert = X509_new_ex(libctx, NULL)))
goto end;
if (PEM_read_bio_X509(certbio, &chaincert, NULL, NULL) == NULL)
if (!TEST_ptr(certbio = BIO_new_file(cert, "r"))
|| !TEST_ptr(id = OCSP_RESPID_new())
|| !TEST_ptr(ids = sk_OCSP_RESPID_new_null())
- || !TEST_ptr(ocspcert = X509_new_with_libctx(libctx, NULL))
+ || !TEST_ptr(ocspcert = X509_new_ex(libctx, NULL))
|| !TEST_ptr(PEM_read_bio_X509(certbio, &ocspcert, NULL, NULL))
|| !TEST_true(OCSP_RESPID_set_by_key_ex(id, ocspcert, libctx, NULL))
|| !TEST_true(sk_OCSP_RESPID_push(ids, id)))
SSL *ssl = NULL;
int testresult = 0;
- if (!TEST_ptr(ctx = SSL_CTX_new_with_libctx(libctx, NULL, TLS_method()))
+ if (!TEST_ptr(ctx = SSL_CTX_new_ex(libctx, NULL, TLS_method()))
|| !TEST_ptr(ssl = SSL_new(ctx))
|| !TEST_ptr(sslbio = BIO_new(BIO_f_ssl()))
|| !TEST_ptr(membio1 = BIO_new(BIO_s_mem())))
int ret, expected, testresult = 0;
SSL_CTX *ctx;
- ctx = SSL_CTX_new_with_libctx(libctx, NULL, TLS_method());
+ ctx = SSL_CTX_new_ex(libctx, NULL, TLS_method());
if (!TEST_ptr(ctx))
goto end;
int testresult = 0, MFL_mode = 0;
BIO *rbio, *wbio;
- ctx = SSL_CTX_new_with_libctx(libctx, NULL, TLS_method());
+ ctx = SSL_CTX_new_ex(libctx, NULL, TLS_method());
if (!TEST_ptr(ctx))
goto end;
* having the full set of ciphersuites and once with the server side.
*/
if (clnt) {
- cctx = SSL_CTX_new_with_libctx(tmplibctx, NULL, TLS_client_method());
+ cctx = SSL_CTX_new_ex(tmplibctx, NULL, TLS_client_method());
if (!TEST_ptr(cctx))
goto end;
} else {
- sctx = SSL_CTX_new_with_libctx(tmplibctx, NULL, TLS_server_method());
+ sctx = SSL_CTX_new_ex(tmplibctx, NULL, TLS_server_method());
if (!TEST_ptr(sctx))
goto end;
}
goto out;
if (!TEST_ptr(in = BIO_new(BIO_s_file()))
|| !TEST_int_ge(BIO_read_filename(in, rootfile), 0)
- || !TEST_ptr(rootx = X509_new_with_libctx(libctx, NULL))
+ || !TEST_ptr(rootx = X509_new_ex(libctx, NULL))
|| !TEST_ptr(PEM_read_bio_X509(in, &rootx, NULL, NULL))
|| !TEST_true(sk_X509_push(chain, rootx)))
goto out;
BIO_free(in);
if (!TEST_ptr(in = BIO_new(BIO_s_file()))
|| !TEST_int_ge(BIO_read_filename(in, ecdsacert), 0)
- || !TEST_ptr(x509 = X509_new_with_libctx(libctx, NULL))
+ || !TEST_ptr(x509 = X509_new_ex(libctx, NULL))
|| !TEST_ptr(PEM_read_bio_X509(in, &x509, NULL, NULL)))
goto out;
BIO_free(in);
if (!TEST_ptr(in))
return 0;
- if (!TEST_ptr(xcert = X509_new_with_libctx(libctx, NULL))
+ if (!TEST_ptr(xcert = X509_new_ex(libctx, NULL))
|| !TEST_ptr(PEM_read_bio_X509(in, &xcert, NULL, NULL))
|| !TEST_ptr(priv_in = BIO_new_file(privkey, "r"))
|| !TEST_ptr(privpkey = PEM_read_bio_PrivateKey_ex(priv_in, NULL,
serverctx = tmpctx;
}
- cctx = SSL_CTX_new_with_libctx(clientctx, NULL, TLS_client_method());
- sctx = SSL_CTX_new_with_libctx(serverctx, NULL, TLS_server_method());
+ cctx = SSL_CTX_new_ex(clientctx, NULL, TLS_client_method());
+ sctx = SSL_CTX_new_ex(serverctx, NULL, TLS_server_method());
if (!TEST_ptr(cctx) || !TEST_ptr(sctx))
goto end;
goto end;
}
- c_ctx = SSL_CTX_new_with_libctx(libctx, NULL, meth);
- s_ctx = SSL_CTX_new_with_libctx(libctx, NULL, meth);
- s_ctx2 = SSL_CTX_new_with_libctx(libctx, NULL, meth); /* no SSL_CTX_dup! */
+ c_ctx = SSL_CTX_new_ex(libctx, NULL, meth);
+ s_ctx = SSL_CTX_new_ex(libctx, NULL, meth);
+ s_ctx2 = SSL_CTX_new_ex(libctx, NULL, meth); /* no SSL_CTX_dup! */
if ((c_ctx == NULL) || (s_ctx == NULL) || (s_ctx2 == NULL)) {
ERR_print_errors(bio_err);
goto end;
if (*sctx != NULL)
serverctx = *sctx;
- else if (!TEST_ptr(serverctx = SSL_CTX_new_with_libctx(libctx, NULL, sm)))
+ else if (!TEST_ptr(serverctx = SSL_CTX_new_ex(libctx, NULL, sm)))
goto err;
if (cctx != NULL) {
if (*cctx != NULL)
clientctx = *cctx;
- else if (!TEST_ptr(clientctx = SSL_CTX_new_with_libctx(libctx, NULL, cm)))
+ else if (!TEST_ptr(clientctx = SSL_CTX_new_ex(libctx, NULL, cm)))
goto err;
}