From 23b2fc0b501d6635dd821014aec8ff16689cbb6a Mon Sep 17 00:00:00 2001 From: Pauli Date: Wed, 30 Sep 2020 14:20:14 +1000 Subject: [PATCH] rsa: add ossl_ prefix to internal rsa_ calls. The functions being: rsa_check_crt_components, rsa_check_key, rsa_check_pminusq_diff, rsa_check_prime_factor, rsa_check_prime_factor_range, rsa_check_private_exponent, rsa_check_public_exponent, rsa_digestinfo_encoding, rsa_fips186_4_gen_prob_primes, rsa_fromdata, rsa_get0_all_params, rsa_get0_libctx, rsa_get0_pss_params_30, rsa_get_lcm, rsa_mgf_nid2name, rsa_mp_coeff_names, rsa_mp_exp_names, rsa_mp_factor_names, rsa_new_with_ctx, rsa_oaeppss_md2nid, rsa_oaeppss_nid2name, rsa_padding_add_PKCS1_OAEP_mgf1_with_libctx, rsa_padding_add_PKCS1_type_2_with_libctx, rsa_padding_add_SSLv23_with_libctx, rsa_padding_check_PKCS1_type_2_TLS, rsa_pkey_method, rsa_pss_params_30_copy, rsa_pss_params_30_fromdata, rsa_pss_params_30_hashalg, rsa_pss_params_30_is_unrestricted, rsa_pss_params_30_maskgenalg, rsa_pss_params_30_maskgenhashalg, rsa_pss_params_30_saltlen, rsa_pss_params_30_set_defaults, rsa_pss_params_30_set_hashalg, rsa_pss_params_30_set_maskgenalg, rsa_pss_params_30_set_maskgenhashalg, rsa_pss_params_30_set_saltlen, rsa_pss_params_30_set_trailerfield, rsa_pss_params_30_todata, rsa_pss_params_30_trailerfield, rsa_pss_pkey_method, rsa_set0_all_params, rsa_sp800_56b_check_keypair, rsa_sp800_56b_check_private, rsa_sp800_56b_check_public, rsa_sp800_56b_derive_params_from_pq, rsa_sp800_56b_generate_key, rsa_sp800_56b_pairwise_test, rsa_sp800_56b_validate_strength, rsa_todata, rsa_validate_pairwise, rsa_validate_private and rsa_validate_public. Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/13040) --- crypto/err/openssl.txt | 5 - crypto/evp/pmeth_lib.c | 4 +- crypto/rsa/rsa_ameth.c | 47 ++++--- crypto/rsa/rsa_backend.c | 70 +++++----- crypto/rsa/rsa_chk.c | 18 +-- crypto/rsa/rsa_gen.c | 4 +- crypto/rsa/rsa_lib.c | 18 +-- crypto/rsa/rsa_local.h | 65 ++++----- crypto/rsa/rsa_mp_names.c | 6 +- crypto/rsa/rsa_oaep.c | 19 +-- crypto/rsa/rsa_ossl.c | 10 +- crypto/rsa/rsa_pk1.c | 19 +-- crypto/rsa/rsa_pmeth.c | 4 +- crypto/rsa/rsa_pss.c | 38 ++--- crypto/rsa/rsa_schemes.c | 6 +- crypto/rsa/rsa_sign.c | 4 +- crypto/rsa/rsa_sp800_56b_check.c | 73 +++++----- crypto/rsa/rsa_sp800_56b_gen.c | 45 +++--- crypto/rsa/rsa_ssl.c | 7 +- ...arams.pod => ossl_rsa_get0_all_params.pod} | 22 +-- include/crypto/evp.h | 4 +- include/crypto/rsa.h | 121 ++++++++-------- include/openssl/rsaerr.h | 5 - providers/common/der/der_rsa_key.c | 23 +-- providers/common/include/prov/securitycheck.h | 2 +- providers/common/securitycheck.c | 2 +- .../implementations/asymciphers/rsa_enc.c | 21 ++- .../encode_decode/encode_key2any.c | 4 +- .../encode_decode/encode_key2text.c | 26 ++-- providers/implementations/kem/rsa_kem.c | 4 +- providers/implementations/keymgmt/rsa_kmgmt.c | 48 +++---- providers/implementations/signature/rsa.c | 16 +-- test/rsa_mp_test.c | 2 +- test/rsa_sp800_56b_test.c | 131 +++++++++--------- 34 files changed, 449 insertions(+), 444 deletions(-) rename doc/internal/man3/{rsa_get0_all_params.pod => ossl_rsa_get0_all_params.pod} (69%) diff --git a/crypto/err/openssl.txt b/crypto/err/openssl.txt index 45f315c383..1724982709 100644 --- a/crypto/err/openssl.txt +++ b/crypto/err/openssl.txt @@ -1168,7 +1168,6 @@ RSA_F_RSA_CHECK_KEY:123:RSA_check_key RSA_F_RSA_CHECK_KEY_EX:160:RSA_check_key_ex RSA_F_RSA_CMS_DECRYPT:159:rsa_cms_decrypt RSA_F_RSA_CMS_VERIFY:158:rsa_cms_verify -RSA_F_RSA_FIPS186_4_GEN_PROB_PRIMES:168:rsa_fips186_4_gen_prob_primes RSA_F_RSA_ITEM_VERIFY:148:rsa_item_verify RSA_F_RSA_METH_DUP:161:RSA_meth_dup RSA_F_RSA_METH_NEW:162:RSA_meth_new @@ -1212,10 +1211,6 @@ RSA_F_RSA_PUB_DECODE:139:rsa_pub_decode RSA_F_RSA_SETUP_BLINDING:136:RSA_setup_blinding RSA_F_RSA_SIGN:117:RSA_sign RSA_F_RSA_SIGN_ASN1_OCTET_STRING:118:RSA_sign_ASN1_OCTET_STRING -RSA_F_RSA_SP800_56B_CHECK_KEYPAIR:169:rsa_sp800_56b_check_keypair -RSA_F_RSA_SP800_56B_CHECK_PUBLIC:170:rsa_sp800_56b_check_public -RSA_F_RSA_SP800_56B_PAIRWISE_TEST:171:rsa_sp800_56b_pairwise_test -RSA_F_RSA_SP800_56B_VALIDATE_STRENGTH:172:rsa_sp800_56b_validate_strength RSA_F_RSA_VERIFY:119:RSA_verify RSA_F_RSA_VERIFY_ASN1_OCTET_STRING:120:RSA_verify_ASN1_OCTET_STRING RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1:126:RSA_verify_PKCS1_PSS_mgf1 diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c index 8f84230dcf..fc06a101c8 100644 --- a/crypto/evp/pmeth_lib.c +++ b/crypto/evp/pmeth_lib.c @@ -50,7 +50,7 @@ static STACK_OF(EVP_PKEY_METHOD) *app_pkey_methods = NULL; /* This array needs to be in order of NIDs */ static pmeth_fn standard_methods[] = { # ifndef OPENSSL_NO_RSA - rsa_pkey_method, + ossl_rsa_pkey_method, # endif # ifndef OPENSSL_NO_DH dh_pkey_method, @@ -62,7 +62,7 @@ static pmeth_fn standard_methods[] = { ec_pkey_method, # endif # ifndef OPENSSL_NO_RSA - rsa_pss_pkey_method, + ossl_rsa_pss_pkey_method, # endif # ifndef OPENSSL_NO_DH dhx_pkey_method, diff --git a/crypto/rsa/rsa_ameth.c b/crypto/rsa/rsa_ameth.c index aab237aecd..6105b7849a 100644 --- a/crypto/rsa/rsa_ameth.c +++ b/crypto/rsa/rsa_ameth.c @@ -777,7 +777,7 @@ static int rsa_pss_get_param_unverified(const RSA_PSS_PARAMS *pss, RSA_PSS_PARAMS_30 pss_params; /* Get the defaults from the ONE place */ - (void)rsa_pss_params_30_set_defaults(&pss_params); + (void)ossl_rsa_pss_params_30_set_defaults(&pss_params); if (pss == NULL) return 0; @@ -790,11 +790,11 @@ static int rsa_pss_get_param_unverified(const RSA_PSS_PARAMS *pss, if (pss->saltLength) *psaltlen = ASN1_INTEGER_get(pss->saltLength); else - *psaltlen = rsa_pss_params_30_saltlen(&pss_params); + *psaltlen = ossl_rsa_pss_params_30_saltlen(&pss_params); if (pss->trailerField) *ptrailerField = ASN1_INTEGER_get(pss->trailerField); else - *ptrailerField = rsa_pss_params_30_trailerfield(&pss_params);; + *ptrailerField = ossl_rsa_pss_params_30_trailerfield(&pss_params);; return 1; } @@ -838,11 +838,13 @@ static int rsa_sync_to_pss_params_30(RSA *rsa) return 0; md_nid = EVP_MD_type(md); mgf1md_nid = EVP_MD_type(mgf1md); - if (!rsa_pss_params_30_set_defaults(&pss_params) - || !rsa_pss_params_30_set_hashalg(&pss_params, md_nid) - || !rsa_pss_params_30_set_maskgenhashalg(&pss_params, mgf1md_nid) - || !rsa_pss_params_30_set_saltlen(&pss_params, saltlen) - || !rsa_pss_params_30_set_trailerfield(&pss_params, trailerField)) + if (!ossl_rsa_pss_params_30_set_defaults(&pss_params) + || !ossl_rsa_pss_params_30_set_hashalg(&pss_params, md_nid) + || !ossl_rsa_pss_params_30_set_maskgenhashalg(&pss_params, + mgf1md_nid) + || !ossl_rsa_pss_params_30_set_saltlen(&pss_params, saltlen) + || !ossl_rsa_pss_params_30_set_trailerfield(&pss_params, + trailerField)) return 0; rsa->pss_params = pss_params; } @@ -1214,7 +1216,7 @@ static int rsa_int_export_to(const EVP_PKEY *from, int rsa_type, if (RSA_get0_n(rsa) == NULL || RSA_get0_e(rsa) == NULL) goto err; - if (!rsa_todata(rsa, tmpl, NULL)) + if (!ossl_rsa_todata(rsa, tmpl, NULL)) goto err; selection |= OSSL_KEYMGMT_SELECT_PUBLIC_KEY; @@ -1231,11 +1233,12 @@ static int rsa_int_export_to(const EVP_PKEY *from, int rsa_type, goto err; md_nid = EVP_MD_type(md); mgf1md_nid = EVP_MD_type(mgf1md); - if (!rsa_pss_params_30_set_defaults(&pss_params) - || !rsa_pss_params_30_set_hashalg(&pss_params, md_nid) - || !rsa_pss_params_30_set_maskgenhashalg(&pss_params, mgf1md_nid) - || !rsa_pss_params_30_set_saltlen(&pss_params, saltlen) - || !rsa_pss_params_30_todata(&pss_params, tmpl, NULL)) + if (!ossl_rsa_pss_params_30_set_defaults(&pss_params) + || !ossl_rsa_pss_params_30_set_hashalg(&pss_params, md_nid) + || !ossl_rsa_pss_params_30_set_maskgenhashalg(&pss_params, + mgf1md_nid) + || !ossl_rsa_pss_params_30_set_saltlen(&pss_params, saltlen) + || !ossl_rsa_pss_params_30_todata(&pss_params, tmpl, NULL)) goto err; selection |= OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS; } @@ -1257,7 +1260,7 @@ static int rsa_int_import_from(const OSSL_PARAM params[], void *vpctx, { EVP_PKEY_CTX *pctx = vpctx; EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(pctx); - RSA *rsa = rsa_new_with_ctx(pctx->libctx); + RSA *rsa = ossl_rsa_new_with_ctx(pctx->libctx); RSA_PSS_PARAMS_30 rsa_pss_params = { 0, }; int ok = 0; @@ -1269,7 +1272,7 @@ static int rsa_int_import_from(const OSSL_PARAM params[], void *vpctx, RSA_clear_flags(rsa, RSA_FLAG_TYPE_MASK); RSA_set_flags(rsa, rsa_type); - if (!rsa_pss_params_30_fromdata(&rsa_pss_params, params, pctx->libctx)) + if (!ossl_rsa_pss_params_30_fromdata(&rsa_pss_params, params, pctx->libctx)) goto err; switch (rsa_type) { @@ -1278,7 +1281,7 @@ static int rsa_int_import_from(const OSSL_PARAM params[], void *vpctx, * Were PSS parameters filled in? * In that case, something's wrong */ - if (!rsa_pss_params_30_is_unrestricted(&rsa_pss_params)) + if (!ossl_rsa_pss_params_30_is_unrestricted(&rsa_pss_params)) goto err; break; case RSA_FLAG_TYPE_RSASSAPSS: @@ -1286,11 +1289,11 @@ static int rsa_int_import_from(const OSSL_PARAM params[], void *vpctx, * Were PSS parameters filled in? In that case, create the old * RSA_PSS_PARAMS structure. Otherwise, this is an unrestricted key. */ - if (!rsa_pss_params_30_is_unrestricted(&rsa_pss_params)) { + if (!ossl_rsa_pss_params_30_is_unrestricted(&rsa_pss_params)) { /* Create the older RSA_PSS_PARAMS from RSA_PSS_PARAMS_30 data */ - int mdnid = rsa_pss_params_30_hashalg(&rsa_pss_params); - int mgf1mdnid = rsa_pss_params_30_maskgenhashalg(&rsa_pss_params); - int saltlen = rsa_pss_params_30_saltlen(&rsa_pss_params); + int mdnid = ossl_rsa_pss_params_30_hashalg(&rsa_pss_params); + int mgf1mdnid = ossl_rsa_pss_params_30_maskgenhashalg(&rsa_pss_params); + int saltlen = ossl_rsa_pss_params_30_saltlen(&rsa_pss_params); const EVP_MD *md = EVP_get_digestbynid(mdnid); const EVP_MD *mgf1md = EVP_get_digestbynid(mgf1mdnid); @@ -1303,7 +1306,7 @@ static int rsa_int_import_from(const OSSL_PARAM params[], void *vpctx, goto err; } - if (!rsa_fromdata(rsa, params)) + if (!ossl_rsa_fromdata(rsa, params)) goto err; switch (rsa_type) { diff --git a/crypto/rsa/rsa_backend.c b/crypto/rsa/rsa_backend.c index fae09d7067..9279e71857 100644 --- a/crypto/rsa/rsa_backend.c +++ b/crypto/rsa/rsa_backend.c @@ -48,7 +48,7 @@ static int collect_numbers(STACK_OF(BIGNUM) *numbers, return 1; } -int rsa_fromdata(RSA *rsa, const OSSL_PARAM params[]) +int ossl_rsa_fromdata(RSA *rsa, const OSSL_PARAM params[]) { const OSSL_PARAM *param_n, *param_e, *param_d; BIGNUM *n = NULL, *e = NULL, *d = NULL; @@ -75,16 +75,16 @@ int rsa_fromdata(RSA *rsa, const OSSL_PARAM params[]) if (is_private) { if (!collect_numbers(factors = sk_BIGNUM_new_null(), params, - rsa_mp_factor_names) + ossl_rsa_mp_factor_names) || !collect_numbers(exps = sk_BIGNUM_new_null(), params, - rsa_mp_exp_names) + ossl_rsa_mp_exp_names) || !collect_numbers(coeffs = sk_BIGNUM_new_null(), params, - rsa_mp_coeff_names)) + ossl_rsa_mp_coeff_names)) goto err; /* It's ok if this private key just has n, e and d */ if (sk_BIGNUM_num(factors) != 0 - && !rsa_set0_all_params(rsa, factors, exps, coeffs)) + && !ossl_rsa_set0_all_params(rsa, factors, exps, coeffs)) goto err; } @@ -106,7 +106,7 @@ int rsa_fromdata(RSA *rsa, const OSSL_PARAM params[]) DEFINE_SPECIAL_STACK_OF_CONST(BIGNUM_const, BIGNUM) -int rsa_todata(RSA *rsa, OSSL_PARAM_BLD *bld, OSSL_PARAM params[]) +int ossl_rsa_todata(RSA *rsa, OSSL_PARAM_BLD *bld, OSSL_PARAM params[]) { int ret = 0; const BIGNUM *rsa_d = NULL, *rsa_n = NULL, *rsa_e = NULL; @@ -118,7 +118,7 @@ int rsa_todata(RSA *rsa, OSSL_PARAM_BLD *bld, OSSL_PARAM params[]) goto err; RSA_get0_key(rsa, &rsa_n, &rsa_e, &rsa_d); - rsa_get0_all_params(rsa, factors, exps, coeffs); + ossl_rsa_get0_all_params(rsa, factors, exps, coeffs); if (!ossl_param_build_set_bn(bld, params, OSSL_PKEY_PARAM_RSA_N, rsa_n) || !ossl_param_build_set_bn(bld, params, OSSL_PKEY_PARAM_RSA_E, rsa_e)) @@ -142,11 +142,13 @@ int rsa_todata(RSA *rsa, OSSL_PARAM_BLD *bld, OSSL_PARAM params[]) if (!ossl_param_build_set_bn(bld, params, OSSL_PKEY_PARAM_RSA_D, rsa_d) || !ossl_param_build_set_multi_key_bn(bld, params, - rsa_mp_factor_names, factors) + ossl_rsa_mp_factor_names, + factors) || !ossl_param_build_set_multi_key_bn(bld, params, - rsa_mp_exp_names, exps) + ossl_rsa_mp_exp_names, exps) || !ossl_param_build_set_multi_key_bn(bld, params, - rsa_mp_coeff_names, coeffs)) + ossl_rsa_mp_coeff_names, + coeffs)) goto err; } @@ -163,26 +165,27 @@ int rsa_todata(RSA *rsa, OSSL_PARAM_BLD *bld, OSSL_PARAM params[]) return ret; } -int rsa_pss_params_30_todata(const RSA_PSS_PARAMS_30 *pss, - OSSL_PARAM_BLD *bld, OSSL_PARAM params[]) +int ossl_rsa_pss_params_30_todata(const RSA_PSS_PARAMS_30 *pss, + OSSL_PARAM_BLD *bld, OSSL_PARAM params[]) { - if (!rsa_pss_params_30_is_unrestricted(pss)) { - int hashalg_nid = rsa_pss_params_30_hashalg(pss); - int maskgenalg_nid = rsa_pss_params_30_maskgenalg(pss); - int maskgenhashalg_nid = rsa_pss_params_30_maskgenhashalg(pss); - int saltlen = rsa_pss_params_30_saltlen(pss); - int default_hashalg_nid = rsa_pss_params_30_hashalg(NULL); - int default_maskgenalg_nid = rsa_pss_params_30_maskgenalg(NULL); - int default_maskgenhashalg_nid = rsa_pss_params_30_maskgenhashalg(NULL); + if (!ossl_rsa_pss_params_30_is_unrestricted(pss)) { + int hashalg_nid = ossl_rsa_pss_params_30_hashalg(pss); + int maskgenalg_nid = ossl_rsa_pss_params_30_maskgenalg(pss); + int maskgenhashalg_nid = ossl_rsa_pss_params_30_maskgenhashalg(pss); + int saltlen = ossl_rsa_pss_params_30_saltlen(pss); + int default_hashalg_nid = ossl_rsa_pss_params_30_hashalg(NULL); + int default_maskgenalg_nid = ossl_rsa_pss_params_30_maskgenalg(NULL); + int default_maskgenhashalg_nid = + ossl_rsa_pss_params_30_maskgenhashalg(NULL); const char *mdname = (hashalg_nid == default_hashalg_nid - ? NULL : rsa_oaeppss_nid2name(hashalg_nid)); + ? NULL : ossl_rsa_oaeppss_nid2name(hashalg_nid)); const char *mgfname = (maskgenalg_nid == default_maskgenalg_nid - ? NULL : rsa_oaeppss_nid2name(maskgenalg_nid)); + ? NULL : ossl_rsa_oaeppss_nid2name(maskgenalg_nid)); const char *mgf1mdname = (maskgenhashalg_nid == default_maskgenhashalg_nid - ? NULL : rsa_oaeppss_nid2name(maskgenhashalg_nid)); + ? NULL : ossl_rsa_oaeppss_nid2name(maskgenhashalg_nid)); const char *key_md = OSSL_PKEY_PARAM_RSA_DIGEST; const char *key_mgf = OSSL_PKEY_PARAM_RSA_MASKGENFUNC; const char *key_mgf1_md = OSSL_PKEY_PARAM_RSA_MGF1_DIGEST; @@ -207,8 +210,9 @@ int rsa_pss_params_30_todata(const RSA_PSS_PARAMS_30 *pss, return 1; } -int rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params, - const OSSL_PARAM params[], OPENSSL_CTX *libctx) +int ossl_rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params, + const OSSL_PARAM params[], + OPENSSL_CTX *libctx) { const OSSL_PARAM *param_md, *param_mgf, *param_mgf1md, *param_saltlen; const OSSL_PARAM *param_propq; @@ -241,11 +245,11 @@ int rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params, */ if (param_md != NULL || param_mgf != NULL || param_mgf1md != NULL || param_saltlen != NULL) - if (!rsa_pss_params_30_set_defaults(pss_params)) + if (!ossl_rsa_pss_params_30_set_defaults(pss_params)) return 0; if (param_mgf != NULL) { - int default_maskgenalg_nid = rsa_pss_params_30_maskgenalg(NULL); + int default_maskgenalg_nid = ossl_rsa_pss_params_30_maskgenalg(NULL); const char *mgfname = NULL; if (param_mgf->data_type == OSSL_PARAM_UTF8_STRING) @@ -255,7 +259,7 @@ int rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params, /* TODO Revisit this if / when a new MGF algorithm appears */ if (strcasecmp(param_mgf->data, - rsa_mgf_nid2name(default_maskgenalg_nid)) != 0) + ossl_rsa_mgf_nid2name(default_maskgenalg_nid)) != 0) return 0; } @@ -273,8 +277,8 @@ int rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params, goto err; if ((md = EVP_MD_fetch(libctx, mdname, propq)) == NULL - || !rsa_pss_params_30_set_hashalg(pss_params, - rsa_oaeppss_md2nid(md))) + || !ossl_rsa_pss_params_30_set_hashalg(pss_params, + ossl_rsa_oaeppss_md2nid(md))) goto err; } @@ -287,14 +291,14 @@ int rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params, goto err; if ((mgf1md = EVP_MD_fetch(libctx, mgf1mdname, propq)) == NULL - || !rsa_pss_params_30_set_maskgenhashalg(pss_params, - rsa_oaeppss_md2nid(mgf1md))) + || !ossl_rsa_pss_params_30_set_maskgenhashalg( + pss_params, ossl_rsa_oaeppss_md2nid(mgf1md))) goto err; } if (param_saltlen != NULL) { if (!OSSL_PARAM_get_int(param_saltlen, &saltlen) - || !rsa_pss_params_30_set_saltlen(pss_params, saltlen)) + || !ossl_rsa_pss_params_30_set_saltlen(pss_params, saltlen)) goto err; } diff --git a/crypto/rsa/rsa_chk.c b/crypto/rsa/rsa_chk.c index 0bbb6dac03..5a0ef7679b 100644 --- a/crypto/rsa/rsa_chk.c +++ b/crypto/rsa/rsa_chk.c @@ -230,20 +230,20 @@ static int rsa_validate_keypair_multiprime(const RSA *key, BN_GENCB *cb) } #endif /* FIPS_MODULE */ -int rsa_validate_public(const RSA *key) +int ossl_rsa_validate_public(const RSA *key) { - return rsa_sp800_56b_check_public(key); + return ossl_rsa_sp800_56b_check_public(key); } -int rsa_validate_private(const RSA *key) +int ossl_rsa_validate_private(const RSA *key) { - return rsa_sp800_56b_check_private(key); + return ossl_rsa_sp800_56b_check_private(key); } -int rsa_validate_pairwise(const RSA *key) +int ossl_rsa_validate_pairwise(const RSA *key) { #ifdef FIPS_MODULE - return rsa_sp800_56b_check_keypair(key, NULL, -1, RSA_bits(key)); + return ossl_rsa_sp800_56b_check_keypair(key, NULL, -1, RSA_bits(key)); #else return rsa_validate_keypair_multiprime(key, NULL); #endif @@ -257,9 +257,9 @@ int RSA_check_key(const RSA *key) int RSA_check_key_ex(const RSA *key, BN_GENCB *cb) { #ifdef FIPS_MODULE - return rsa_validate_public(key) - && rsa_validate_private(key) - && rsa_validate_pairwise(key); + return ossl_rsa_validate_public(key) + && ossl_rsa_validate_private(key) + && ossl_rsa_validate_pairwise(key); #else return rsa_validate_keypair_multiprime(key, cb); #endif /* FIPS_MODULE */ diff --git a/crypto/rsa/rsa_gen.c b/crypto/rsa/rsa_gen.c index dc4ec0a8d3..58c7806ffd 100644 --- a/crypto/rsa/rsa_gen.c +++ b/crypto/rsa/rsa_gen.c @@ -92,7 +92,7 @@ static int rsa_multiprime_keygen(RSA *rsa, int bits, int primes, } /* A bad value for e can cause infinite loops */ - if (e_value != NULL && !rsa_check_public_exponent(e_value)) { + if (e_value != NULL && !ossl_rsa_check_public_exponent(e_value)) { RSAerr(0, RSA_R_PUB_EXPONENT_OUT_OF_RANGE); return 0; } @@ -429,7 +429,7 @@ static int rsa_keygen(OPENSSL_CTX *libctx, RSA *rsa, int bits, int primes, * the older rsa_multiprime_keygen(). */ if (primes == 2 && bits >= 2048) - ok = rsa_sp800_56b_generate_key(rsa, bits, e_value, cb); + ok = ossl_rsa_sp800_56b_generate_key(rsa, bits, e_value, cb); #ifndef FIPS_MODULE else ok = rsa_multiprime_keygen(rsa, bits, primes, e_value, cb); diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c index 475fca0f89..a73df12dc6 100644 --- a/crypto/rsa/rsa_lib.c +++ b/crypto/rsa/rsa_lib.c @@ -66,7 +66,7 @@ RSA *RSA_new_method(ENGINE *engine) } #endif -RSA *rsa_new_with_ctx(OPENSSL_CTX *libctx) +RSA *ossl_rsa_new_with_ctx(OPENSSL_CTX *libctx) { return rsa_new_intern(NULL, libctx); } @@ -189,7 +189,7 @@ int RSA_up_ref(RSA *r) return i > 1 ? 1 : 0; } -OPENSSL_CTX *rsa_get0_libctx(RSA *r) +OPENSSL_CTX *ossl_rsa_get0_libctx(RSA *r) { return r->libctx; } @@ -654,7 +654,7 @@ const RSA_PSS_PARAMS *RSA_get0_pss_params(const RSA *r) } /* Internal */ -RSA_PSS_PARAMS_30 *rsa_get0_pss_params_30(RSA *r) +RSA_PSS_PARAMS_30 *ossl_rsa_get0_pss_params_30(RSA *r) { return &r->pss_params; } @@ -699,9 +699,9 @@ int RSA_pkey_ctx_ctrl(EVP_PKEY_CTX *ctx, int optype, int cmd, int p1, void *p2) DEFINE_STACK_OF(BIGNUM) -int rsa_set0_all_params(RSA *r, const STACK_OF(BIGNUM) *primes, - const STACK_OF(BIGNUM) *exps, - const STACK_OF(BIGNUM) *coeffs) +int ossl_rsa_set0_all_params(RSA *r, const STACK_OF(BIGNUM) *primes, + const STACK_OF(BIGNUM) *exps, + const STACK_OF(BIGNUM) *coeffs) { #ifndef FIPS_MODULE STACK_OF(RSA_PRIME_INFO) *prime_infos, *old_infos = NULL; @@ -797,9 +797,9 @@ int rsa_set0_all_params(RSA *r, const STACK_OF(BIGNUM) *primes, DEFINE_SPECIAL_STACK_OF_CONST(BIGNUM_const, BIGNUM) -int rsa_get0_all_params(RSA *r, STACK_OF(BIGNUM_const) *primes, - STACK_OF(BIGNUM_const) *exps, - STACK_OF(BIGNUM_const) *coeffs) +int ossl_rsa_get0_all_params(RSA *r, STACK_OF(BIGNUM_const) *primes, + STACK_OF(BIGNUM_const) *exps, + STACK_OF(BIGNUM_const) *coeffs) { #ifndef FIPS_MODULE RSA_PRIME_INFO *pinfo; diff --git a/crypto/rsa/rsa_local.h b/crypto/rsa/rsa_local.h index cc03132d17..f5c6be31a9 100644 --- a/crypto/rsa/rsa_local.h +++ b/crypto/rsa/rsa_local.h @@ -169,37 +169,38 @@ RSA_PRIME_INFO *rsa_multip_info_new(void); int rsa_multip_calc_product(RSA *rsa); int rsa_multip_cap(int bits); -int rsa_sp800_56b_validate_strength(int nbits, int strength); -int rsa_check_pminusq_diff(BIGNUM *diff, const BIGNUM *p, const BIGNUM *q, - int nbits); -int rsa_get_lcm(BN_CTX *ctx, const BIGNUM *p, const BIGNUM *q, - BIGNUM *lcm, BIGNUM *gcd, BIGNUM *p1, BIGNUM *q1, - BIGNUM *p1q1); - -int rsa_check_public_exponent(const BIGNUM *e); -int rsa_check_private_exponent(const RSA *rsa, int nbits, BN_CTX *ctx); -int rsa_check_prime_factor(BIGNUM *p, BIGNUM *e, int nbits, BN_CTX *ctx); -int rsa_check_prime_factor_range(const BIGNUM *p, int nbits, BN_CTX *ctx); -int rsa_check_crt_components(const RSA *rsa, BN_CTX *ctx); - -int rsa_sp800_56b_pairwise_test(RSA *rsa, BN_CTX *ctx); -int rsa_sp800_56b_check_public(const RSA *rsa); -int rsa_sp800_56b_check_private(const RSA *rsa); -int rsa_sp800_56b_check_keypair(const RSA *rsa, const BIGNUM *efixed, - int strength, int nbits); -int rsa_sp800_56b_generate_key(RSA *rsa, int nbits, const BIGNUM *efixed, - BN_GENCB *cb); - -int rsa_sp800_56b_derive_params_from_pq(RSA *rsa, int nbits, - const BIGNUM *e, BN_CTX *ctx); -int rsa_fips186_4_gen_prob_primes(RSA *rsa, RSA_ACVP_TEST *test, - int nbits, const BIGNUM *e, BN_CTX *ctx, - BN_GENCB *cb); - -int rsa_padding_add_SSLv23_ex(OPENSSL_CTX *libctx, unsigned char *to, int tlen, - const unsigned char *from, int flen); -int rsa_padding_add_PKCS1_type_2_ex(OPENSSL_CTX *libctx, unsigned char *to, - int tlen, const unsigned char *from, - int flen); +int ossl_rsa_sp800_56b_validate_strength(int nbits, int strength); +int ossl_rsa_check_pminusq_diff(BIGNUM *diff, const BIGNUM *p, const BIGNUM *q, + int nbits); +int ossl_rsa_get_lcm(BN_CTX *ctx, const BIGNUM *p, const BIGNUM *q, + BIGNUM *lcm, BIGNUM *gcd, BIGNUM *p1, BIGNUM *q1, + BIGNUM *p1q1); + +int ossl_rsa_check_public_exponent(const BIGNUM *e); +int ossl_rsa_check_private_exponent(const RSA *rsa, int nbits, BN_CTX *ctx); +int ossl_rsa_check_prime_factor(BIGNUM *p, BIGNUM *e, int nbits, BN_CTX *ctx); +int ossl_rsa_check_prime_factor_range(const BIGNUM *p, int nbits, BN_CTX *ctx); +int ossl_rsa_check_crt_components(const RSA *rsa, BN_CTX *ctx); + +int ossl_rsa_sp800_56b_pairwise_test(RSA *rsa, BN_CTX *ctx); +int ossl_rsa_sp800_56b_check_public(const RSA *rsa); +int ossl_rsa_sp800_56b_check_private(const RSA *rsa); +int ossl_rsa_sp800_56b_check_keypair(const RSA *rsa, const BIGNUM *efixed, + int strength, int nbits); +int ossl_rsa_sp800_56b_generate_key(RSA *rsa, int nbits, const BIGNUM *efixed, + BN_GENCB *cb); + +int ossl_rsa_sp800_56b_derive_params_from_pq(RSA *rsa, int nbits, + const BIGNUM *e, BN_CTX *ctx); +int ossl_rsa_fips186_4_gen_prob_primes(RSA *rsa, RSA_ACVP_TEST *test, + int nbits, const BIGNUM *e, BN_CTX *ctx, + BN_GENCB *cb); + +int ossl_rsa_padding_add_SSLv23_ex(OPENSSL_CTX *libctx, unsigned char *to, + int tlen, const unsigned char *from, + int flen); +int ossl_rsa_padding_add_PKCS1_type_2_ex(OPENSSL_CTX *libctx, unsigned char *to, + int tlen, const unsigned char *from, + int flen); #endif /* OSSL_CRYPTO_RSA_LOCAL_H */ diff --git a/crypto/rsa/rsa_mp_names.c b/crypto/rsa/rsa_mp_names.c index 2fb1f53c43..8291b79e7a 100644 --- a/crypto/rsa/rsa_mp_names.c +++ b/crypto/rsa/rsa_mp_names.c @@ -20,7 +20,7 @@ * A fixed table of names for the RSA prime factors starting with * P,Q and up to 8 additional primes. */ -const char *rsa_mp_factor_names[] = { +const char *ossl_rsa_mp_factor_names[] = { OSSL_PKEY_PARAM_RSA_FACTOR1, OSSL_PKEY_PARAM_RSA_FACTOR2, #ifndef FIPS_MODULE @@ -40,7 +40,7 @@ const char *rsa_mp_factor_names[] = { * A fixed table of names for the RSA exponents starting with * DP,DQ and up to 8 additional exponents. */ -const char *rsa_mp_exp_names[] = { +const char *ossl_rsa_mp_exp_names[] = { OSSL_PKEY_PARAM_RSA_EXPONENT1, OSSL_PKEY_PARAM_RSA_EXPONENT2, #ifndef FIPS_MODULE @@ -60,7 +60,7 @@ const char *rsa_mp_exp_names[] = { * A fixed table of names for the RSA coefficients starting with * QINV and up to 8 additional exponents. */ -const char *rsa_mp_coeff_names[] = { +const char *ossl_rsa_mp_coeff_names[] = { OSSL_PKEY_PARAM_RSA_COEFFICIENT1, #ifndef FIPS_MODULE OSSL_PKEY_PARAM_RSA_COEFFICIENT2, diff --git a/crypto/rsa/rsa_oaep.c b/crypto/rsa/rsa_oaep.c index ea9ce0dee4..17200e787a 100644 --- a/crypto/rsa/rsa_oaep.c +++ b/crypto/rsa/rsa_oaep.c @@ -40,8 +40,8 @@ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, const unsigned char *from, int flen, const unsigned char *param, int plen) { - return rsa_padding_add_PKCS1_OAEP_mgf1_ex(NULL, to, tlen, from, flen, param, - plen, NULL, NULL); + return ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex(NULL, to, tlen, from, flen, + param, plen, NULL, NULL); } /* @@ -51,11 +51,12 @@ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen, * Step numbers are included here but not in the constant time inverse below * to avoid complicating an already difficult enough function. */ -int rsa_padding_add_PKCS1_OAEP_mgf1_ex(OPENSSL_CTX *libctx, unsigned char *to, - int tlen, const unsigned char *from, - int flen, const unsigned char *param, - int plen, const EVP_MD *md, - const EVP_MD *mgf1md) +int ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex(OPENSSL_CTX *libctx, + unsigned char *to, int tlen, + const unsigned char *from, int flen, + const unsigned char *param, + int plen, const EVP_MD *md, + const EVP_MD *mgf1md) { int rv = 0; int i, emlen = tlen - 1; @@ -138,8 +139,8 @@ int RSA_padding_add_PKCS1_OAEP_mgf1(unsigned char *to, int tlen, const unsigned char *param, int plen, const EVP_MD *md, const EVP_MD *mgf1md) { - return rsa_padding_add_PKCS1_OAEP_mgf1_ex(NULL, to, tlen, from, flen, param, - plen, md, mgf1md); + return ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex(NULL, to, tlen, from, flen, + param, plen, md, mgf1md); } int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen, diff --git a/crypto/rsa/rsa_ossl.c b/crypto/rsa/rsa_ossl.c index d1e8535226..139fb16268 100644 --- a/crypto/rsa/rsa_ossl.c +++ b/crypto/rsa/rsa_ossl.c @@ -111,15 +111,17 @@ static int rsa_ossl_public_encrypt(int flen, const unsigned char *from, switch (padding) { case RSA_PKCS1_PADDING: - i = rsa_padding_add_PKCS1_type_2_ex(rsa->libctx, buf, num, from, flen); + i = ossl_rsa_padding_add_PKCS1_type_2_ex(rsa->libctx, buf, num, + from, flen); break; case RSA_PKCS1_OAEP_PADDING: - i = rsa_padding_add_PKCS1_OAEP_mgf1_ex(rsa->libctx, buf, num, from, - flen, NULL, 0, NULL, NULL); + i = ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex(rsa->libctx, buf, num, + from, flen, NULL, 0, + NULL, NULL); break; #ifndef FIPS_MODULE case RSA_SSLV23_PADDING: - i = rsa_padding_add_SSLv23_ex(rsa->libctx, buf, num, from, flen); + i = ossl_rsa_padding_add_SSLv23_ex(rsa->libctx, buf, num, from, flen); break; #endif case RSA_NO_PADDING: diff --git a/crypto/rsa/rsa_pk1.c b/crypto/rsa/rsa_pk1.c index 05c2933407..64f6864740 100644 --- a/crypto/rsa/rsa_pk1.c +++ b/crypto/rsa/rsa_pk1.c @@ -124,9 +124,9 @@ int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen, return j; } -int rsa_padding_add_PKCS1_type_2_ex(OPENSSL_CTX *libctx, unsigned char *to, - int tlen, const unsigned char *from, - int flen) +int ossl_rsa_padding_add_PKCS1_type_2_ex(OPENSSL_CTX *libctx, unsigned char *to, + int tlen, const unsigned char *from, + int flen) { int i, j; unsigned char *p; @@ -164,7 +164,7 @@ int rsa_padding_add_PKCS1_type_2_ex(OPENSSL_CTX *libctx, unsigned char *to, int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen, const unsigned char *from, int flen) { - return rsa_padding_add_PKCS1_type_2_ex(NULL, to, tlen, from, flen); + return ossl_rsa_padding_add_PKCS1_type_2_ex(NULL, to, tlen, from, flen); } int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen, @@ -278,7 +278,7 @@ int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen, } /* - * rsa_padding_check_PKCS1_type_2_TLS() checks and removes the PKCS1 type 2 + * ossl_rsa_padding_check_PKCS1_type_2_TLS() checks and removes the PKCS1 type 2 * padding from a decrypted RSA message in a TLS signature. The result is stored * in the buffer pointed to by |to| which should be |tlen| bytes long. |tlen| * must be at least SSL_MAX_MASTER_KEY_LENGTH. The original decrypted message @@ -298,10 +298,11 @@ int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen, * decrypted data will be randomly generated (as per * https://tools.ietf.org/html/rfc5246#section-7.4.7.1). */ -int rsa_padding_check_PKCS1_type_2_TLS(OPENSSL_CTX *libctx, unsigned char *to, - size_t tlen, const unsigned char *from, - size_t flen, int client_version, - int alt_version) +int ossl_rsa_padding_check_PKCS1_type_2_TLS(OPENSSL_CTX *libctx, + unsigned char *to, size_t tlen, + const unsigned char *from, + size_t flen, int client_version, + int alt_version) { unsigned int i, good, version_good; unsigned char rand_premaster_secret[SSL_MAX_MASTER_KEY_LENGTH]; diff --git a/crypto/rsa/rsa_pmeth.c b/crypto/rsa/rsa_pmeth.c index 261f347a2d..edaa769a6f 100644 --- a/crypto/rsa/rsa_pmeth.c +++ b/crypto/rsa/rsa_pmeth.c @@ -798,7 +798,7 @@ static const EVP_PKEY_METHOD rsa_pkey_meth = { pkey_rsa_ctrl_str }; -const EVP_PKEY_METHOD *rsa_pkey_method(void) +const EVP_PKEY_METHOD *ossl_rsa_pkey_method(void) { return &rsa_pkey_meth; } @@ -874,7 +874,7 @@ static const EVP_PKEY_METHOD rsa_pss_pkey_meth = { pkey_rsa_ctrl_str }; -const EVP_PKEY_METHOD *rsa_pss_pkey_method(void) +const EVP_PKEY_METHOD *ossl_rsa_pss_pkey_method(void) { return &rsa_pss_pkey_meth; } diff --git a/crypto/rsa/rsa_pss.c b/crypto/rsa/rsa_pss.c index a5bcdfe1ff..e3a548d2e3 100644 --- a/crypto/rsa/rsa_pss.c +++ b/crypto/rsa/rsa_pss.c @@ -288,7 +288,7 @@ static const RSA_PSS_PARAMS_30 default_RSASSA_PSS_params = { 1 /* default trailerField (0xBC) */ }; -int rsa_pss_params_30_set_defaults(RSA_PSS_PARAMS_30 *rsa_pss_params) +int ossl_rsa_pss_params_30_set_defaults(RSA_PSS_PARAMS_30 *rsa_pss_params) { if (rsa_pss_params == NULL) return 0; @@ -296,7 +296,7 @@ int rsa_pss_params_30_set_defaults(RSA_PSS_PARAMS_30 *rsa_pss_params) return 1; } -int rsa_pss_params_30_is_unrestricted(const RSA_PSS_PARAMS_30 *rsa_pss_params) +int ossl_rsa_pss_params_30_is_unrestricted(const RSA_PSS_PARAMS_30 *rsa_pss_params) { static RSA_PSS_PARAMS_30 pss_params_cmp = { 0, }; @@ -305,15 +305,15 @@ int rsa_pss_params_30_is_unrestricted(const RSA_PSS_PARAMS_30 *rsa_pss_params) sizeof(*rsa_pss_params)) == 0; } -int rsa_pss_params_30_copy(RSA_PSS_PARAMS_30 *to, - const RSA_PSS_PARAMS_30 *from) +int ossl_rsa_pss_params_30_copy(RSA_PSS_PARAMS_30 *to, + const RSA_PSS_PARAMS_30 *from) { memcpy(to, from, sizeof(*to)); return 1; } -int rsa_pss_params_30_set_hashalg(RSA_PSS_PARAMS_30 *rsa_pss_params, - int hashalg_nid) +int ossl_rsa_pss_params_30_set_hashalg(RSA_PSS_PARAMS_30 *rsa_pss_params, + int hashalg_nid) { if (rsa_pss_params == NULL) return 0; @@ -321,8 +321,8 @@ int rsa_pss_params_30_set_hashalg(RSA_PSS_PARAMS_30 *rsa_pss_params, return 1; } -int rsa_pss_params_30_set_maskgenalg(RSA_PSS_PARAMS_30 *rsa_pss_params, - int maskgenalg_nid) +int ossl_rsa_pss_params_30_set_maskgenalg(RSA_PSS_PARAMS_30 *rsa_pss_params, + int maskgenalg_nid) { if (rsa_pss_params == NULL) return 0; @@ -330,8 +330,8 @@ int rsa_pss_params_30_set_maskgenalg(RSA_PSS_PARAMS_30 *rsa_pss_params, return 1; } -int rsa_pss_params_30_set_maskgenhashalg(RSA_PSS_PARAMS_30 *rsa_pss_params, - int maskgenhashalg_nid) +int ossl_rsa_pss_params_30_set_maskgenhashalg(RSA_PSS_PARAMS_30 *rsa_pss_params, + int maskgenhashalg_nid) { if (rsa_pss_params == NULL) return 0; @@ -339,8 +339,8 @@ int rsa_pss_params_30_set_maskgenhashalg(RSA_PSS_PARAMS_30 *rsa_pss_params, return 1; } -int rsa_pss_params_30_set_saltlen(RSA_PSS_PARAMS_30 *rsa_pss_params, - int saltlen) +int ossl_rsa_pss_params_30_set_saltlen(RSA_PSS_PARAMS_30 *rsa_pss_params, + int saltlen) { if (rsa_pss_params == NULL) return 0; @@ -348,8 +348,8 @@ int rsa_pss_params_30_set_saltlen(RSA_PSS_PARAMS_30 *rsa_pss_params, return 1; } -int rsa_pss_params_30_set_trailerfield(RSA_PSS_PARAMS_30 *rsa_pss_params, - int trailerfield) +int ossl_rsa_pss_params_30_set_trailerfield(RSA_PSS_PARAMS_30 *rsa_pss_params, + int trailerfield) { if (rsa_pss_params == NULL) return 0; @@ -357,35 +357,35 @@ int rsa_pss_params_30_set_trailerfield(RSA_PSS_PARAMS_30 *rsa_pss_params, return 1; } -int rsa_pss_params_30_hashalg(const RSA_PSS_PARAMS_30 *rsa_pss_params) +int ossl_rsa_pss_params_30_hashalg(const RSA_PSS_PARAMS_30 *rsa_pss_params) { if (rsa_pss_params == NULL) return default_RSASSA_PSS_params.hash_algorithm_nid; return rsa_pss_params->hash_algorithm_nid; } -int rsa_pss_params_30_maskgenalg(const RSA_PSS_PARAMS_30 *rsa_pss_params) +int ossl_rsa_pss_params_30_maskgenalg(const RSA_PSS_PARAMS_30 *rsa_pss_params) { if (rsa_pss_params == NULL) return default_RSASSA_PSS_params.mask_gen.algorithm_nid; return rsa_pss_params->mask_gen.algorithm_nid; } -int rsa_pss_params_30_maskgenhashalg(const RSA_PSS_PARAMS_30 *rsa_pss_params) +int ossl_rsa_pss_params_30_maskgenhashalg(const RSA_PSS_PARAMS_30 *rsa_pss_params) { if (rsa_pss_params == NULL) return default_RSASSA_PSS_params.hash_algorithm_nid; return rsa_pss_params->mask_gen.hash_algorithm_nid; } -int rsa_pss_params_30_saltlen(const RSA_PSS_PARAMS_30 *rsa_pss_params) +int ossl_rsa_pss_params_30_saltlen(const RSA_PSS_PARAMS_30 *rsa_pss_params) { if (rsa_pss_params == NULL) return default_RSASSA_PSS_params.salt_len; return rsa_pss_params->salt_len; } -int rsa_pss_params_30_trailerfield(const RSA_PSS_PARAMS_30 *rsa_pss_params) +int ossl_rsa_pss_params_30_trailerfield(const RSA_PSS_PARAMS_30 *rsa_pss_params) { if (rsa_pss_params == NULL) return default_RSASSA_PSS_params.trailer_field; diff --git a/crypto/rsa/rsa_schemes.c b/crypto/rsa/rsa_schemes.c index 7a54296a59..98ab13956d 100644 --- a/crypto/rsa/rsa_schemes.c +++ b/crypto/rsa/rsa_schemes.c @@ -67,18 +67,18 @@ static int md_is_a(const void *md, const char *name) return EVP_MD_is_a(md, name); } -int rsa_oaeppss_md2nid(const EVP_MD *md) +int ossl_rsa_oaeppss_md2nid(const EVP_MD *md) { return meth2nid(md, md_is_a, oaeppss_name_nid_map, OSSL_NELEM(oaeppss_name_nid_map)); } -const char *rsa_oaeppss_nid2name(int md) +const char *ossl_rsa_oaeppss_nid2name(int md) { return nid2name(md, oaeppss_name_nid_map, OSSL_NELEM(oaeppss_name_nid_map)); } -const char *rsa_mgf_nid2name(int mgf) +const char *ossl_rsa_mgf_nid2name(int mgf) { if (mgf == NID_mgf1) return SN_mgf1; diff --git a/crypto/rsa/rsa_sign.c b/crypto/rsa/rsa_sign.c index e3425b9e36..bef062d1bd 100644 --- a/crypto/rsa/rsa_sign.c +++ b/crypto/rsa/rsa_sign.c @@ -150,7 +150,7 @@ ENCODE_DIGESTINFO_SHA(sha3_512, 0x0a, SHA512_DIGEST_LENGTH) *len = sizeof(digestinfo_##name##_der); \ return digestinfo_##name##_der; -const unsigned char *rsa_digestinfo_encoding(int md_nid, size_t *len) +const unsigned char *ossl_rsa_digestinfo_encoding(int md_nid, size_t *len) { switch (md_nid) { #ifndef FIPS_MODULE @@ -250,7 +250,7 @@ static int encode_pkcs1(unsigned char **out, size_t *out_len, int type, RSAerr(RSA_F_ENCODE_PKCS1, RSA_R_UNKNOWN_ALGORITHM_TYPE); return 0; } - di_prefix = rsa_digestinfo_encoding(type, &di_prefix_len); + di_prefix = ossl_rsa_digestinfo_encoding(type, &di_prefix_len); if (di_prefix == NULL) { RSAerr(RSA_F_ENCODE_PKCS1, RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD); diff --git a/crypto/rsa/rsa_sp800_56b_check.c b/crypto/rsa/rsa_sp800_56b_check.c index 9840d08285..2cdc2fa5e6 100644 --- a/crypto/rsa/rsa_sp800_56b_check.c +++ b/crypto/rsa/rsa_sp800_56b_check.c @@ -21,7 +21,7 @@ * 6.4.1.2.3: rsakpv1-crt Step 7 * 6.4.1.3.3: rsakpv2-crt Step 7 */ -int rsa_check_crt_components(const RSA *rsa, BN_CTX *ctx) +int ossl_rsa_check_crt_components(const RSA *rsa, BN_CTX *ctx) { int ret = 0; BIGNUM *r = NULL, *p1 = NULL, *q1 = NULL; @@ -85,7 +85,7 @@ int rsa_check_crt_components(const RSA *rsa, BN_CTX *ctx) * * (√2)(2^(nbits/2 - 1) = (√2/2)(2^(nbits/2)) */ -int rsa_check_prime_factor_range(const BIGNUM *p, int nbits, BN_CTX *ctx) +int ossl_rsa_check_prime_factor_range(const BIGNUM *p, int nbits, BN_CTX *ctx) { int ret = 0; BIGNUM *low; @@ -133,7 +133,7 @@ err: * * See SP800-56Br1 6.4.1.2.3 Step 5 (a to d) & (e to h). */ -int rsa_check_prime_factor(BIGNUM *p, BIGNUM *e, int nbits, BN_CTX *ctx) +int ossl_rsa_check_prime_factor(BIGNUM *p, BIGNUM *e, int nbits, BN_CTX *ctx) { int ret = 0; BIGNUM *p1 = NULL, *gcd = NULL; @@ -141,7 +141,7 @@ int rsa_check_prime_factor(BIGNUM *p, BIGNUM *e, int nbits, BN_CTX *ctx) /* (Steps 5 a-b) prime test */ if (BN_check_prime(p, ctx, NULL) != 1 /* (Step 5c) (√2)(2^(nbits/2 - 1) <= p <= 2^(nbits/2 - 1) */ - || rsa_check_prime_factor_range(p, nbits, ctx) != 1) + || ossl_rsa_check_prime_factor_range(p, nbits, ctx) != 1) return 0; BN_CTX_start(ctx); @@ -172,7 +172,7 @@ int rsa_check_prime_factor(BIGNUM *p, BIGNUM *e, int nbits, BN_CTX *ctx) * (Step 6a) 2^(nBit/2) < d < LCM(p–1, q–1). * (Step 6b) 1 = (d*e) mod LCM(p–1, q–1) */ -int rsa_check_private_exponent(const RSA *rsa, int nbits, BN_CTX *ctx) +int ossl_rsa_check_private_exponent(const RSA *rsa, int nbits, BN_CTX *ctx) { int ret; BIGNUM *r, *p1, *q1, *lcm, *p1q1, *gcd; @@ -201,7 +201,8 @@ int rsa_check_private_exponent(const RSA *rsa, int nbits, BN_CTX *ctx) } ret = (ret /* LCM(p - 1, q - 1) */ - && (rsa_get_lcm(ctx, rsa->p, rsa->q, lcm, gcd, p1, q1, p1q1) == 1) + && (ossl_rsa_get_lcm(ctx, rsa->p, rsa->q, lcm, gcd, p1, q1, + p1q1) == 1) /* (Step 6a) d < LCM(p - 1, q - 1) */ && (BN_cmp(rsa->d, lcm) < 0) /* (Step 6b) 1 = (e . d) mod LCM(p - 1, q - 1) */ @@ -229,7 +230,7 @@ static int bn_is_three(const BIGNUM *bn) #endif /* FIPS_MODULE */ /* Check exponent is odd, and has a bitlen ranging from [17..256] */ -int rsa_check_public_exponent(const BIGNUM *e) +int ossl_rsa_check_public_exponent(const BIGNUM *e) { int bitlen; @@ -247,7 +248,7 @@ int rsa_check_public_exponent(const BIGNUM *e) * SP800-56Br1 6.4.1.2.1 (Step 5i): |p - q| > 2^(nbits/2 - 100) * i.e- numbits(p-q-1) > (nbits/2 -100) */ -int rsa_check_pminusq_diff(BIGNUM *diff, const BIGNUM *p, const BIGNUM *q, +int ossl_rsa_check_pminusq_diff(BIGNUM *diff, const BIGNUM *p, const BIGNUM *q, int nbits) { int bitlen = (nbits >> 1) - 100; @@ -270,9 +271,9 @@ int rsa_check_pminusq_diff(BIGNUM *diff, const BIGNUM *p, const BIGNUM *q, * Caller should ensure that lcm, gcd, p1, q1, p1q1 are flagged with * BN_FLG_CONSTTIME. */ -int rsa_get_lcm(BN_CTX *ctx, const BIGNUM *p, const BIGNUM *q, - BIGNUM *lcm, BIGNUM *gcd, BIGNUM *p1, BIGNUM *q1, - BIGNUM *p1q1) +int ossl_rsa_get_lcm(BN_CTX *ctx, const BIGNUM *p, const BIGNUM *q, + BIGNUM *lcm, BIGNUM *gcd, BIGNUM *p1, BIGNUM *q1, + BIGNUM *p1q1) { return BN_sub(p1, p, BN_value_one()) /* p-1 */ && BN_sub(q1, q, BN_value_one()) /* q-1 */ @@ -286,7 +287,7 @@ int rsa_get_lcm(BN_CTX *ctx, const BIGNUM *p, const BIGNUM *q, * SP800-89 5.3.3 (Explicit) Partial Public Key Validation for RSA * caveat is that the modulus must be as specified in SP800-56Br1 */ -int rsa_sp800_56b_check_public(const RSA *rsa) +int ossl_rsa_sp800_56b_check_public(const RSA *rsa) { int ret = 0, status; #ifdef FIPS_MODULE @@ -304,19 +305,18 @@ int rsa_sp800_56b_check_public(const RSA *rsa) * NOTE: changed to allow keys >= 2048 */ nbits = BN_num_bits(rsa->n); - if (!rsa_sp800_56b_validate_strength(nbits, -1)) { - RSAerr(RSA_F_RSA_SP800_56B_CHECK_PUBLIC, RSA_R_INVALID_KEY_LENGTH); + if (!ossl_rsa_sp800_56b_validate_strength(nbits, -1)) { + RSAerr(0, RSA_R_INVALID_KEY_LENGTH); return 0; } #endif if (!BN_is_odd(rsa->n)) { - RSAerr(RSA_F_RSA_SP800_56B_CHECK_PUBLIC, RSA_R_INVALID_MODULUS); + RSAerr(0, RSA_R_INVALID_MODULUS); return 0; } /* (Steps b-c): 2^16 < e < 2^256, n and e must be odd */ - if (!rsa_check_public_exponent(rsa->e)) { - RSAerr(RSA_F_RSA_SP800_56B_CHECK_PUBLIC, - RSA_R_PUB_EXPONENT_OUT_OF_RANGE); + if (!ossl_rsa_check_public_exponent(rsa->e)) { + RSAerr(0, RSA_R_PUB_EXPONENT_OUT_OF_RANGE); return 0; } @@ -330,13 +330,13 @@ int rsa_sp800_56b_check_public(const RSA *rsa) * The modulus has no factors smaller than 752. */ if (!BN_gcd(gcd, rsa->n, bn_get0_small_factors(), ctx) || !BN_is_one(gcd)) { - RSAerr(RSA_F_RSA_SP800_56B_CHECK_PUBLIC, RSA_R_INVALID_MODULUS); + RSAerr(0, RSA_R_INVALID_MODULUS); goto err; } ret = bn_miller_rabin_is_prime(rsa->n, 0, ctx, NULL, 1, &status); if (ret != 1 || status != BN_PRIMETEST_COMPOSITE_NOT_POWER_OF_PRIME) { - RSAerr(RSA_F_RSA_SP800_56B_CHECK_PUBLIC, RSA_R_INVALID_MODULUS); + RSAerr(0, RSA_R_INVALID_MODULUS); ret = 0; goto err; } @@ -351,7 +351,7 @@ err: /* * Perform validation of the RSA private key to check that 0 < D < N. */ -int rsa_sp800_56b_check_private(const RSA *rsa) +int ossl_rsa_sp800_56b_check_private(const RSA *rsa) { if (rsa->d == NULL || rsa->n == NULL) return 0; @@ -369,8 +369,8 @@ int rsa_sp800_56b_check_private(const RSA *rsa) * 6.4.1.2.3 "rsakpv1 - crt" * 6.4.1.3.3 "rsakpv2 - crt" */ -int rsa_sp800_56b_check_keypair(const RSA *rsa, const BIGNUM *efixed, - int strength, int nbits) +int ossl_rsa_sp800_56b_check_keypair(const RSA *rsa, const BIGNUM *efixed, + int strength, int nbits) { int ret = 0; BN_CTX *ctx = NULL; @@ -381,31 +381,30 @@ int rsa_sp800_56b_check_keypair(const RSA *rsa, const BIGNUM *efixed, || rsa->e == NULL || rsa->d == NULL || rsa->n == NULL) { - RSAerr(RSA_F_RSA_SP800_56B_CHECK_KEYPAIR, RSA_R_INVALID_REQUEST); + RSAerr(0, RSA_R_INVALID_REQUEST); return 0; } /* (Step 1): Check Ranges */ - if (!rsa_sp800_56b_validate_strength(nbits, strength)) + if (!ossl_rsa_sp800_56b_validate_strength(nbits, strength)) return 0; /* If the exponent is known */ if (efixed != NULL) { /* (2): Check fixed exponent matches public exponent. */ if (BN_cmp(efixed, rsa->e) != 0) { - RSAerr(RSA_F_RSA_SP800_56B_CHECK_KEYPAIR, RSA_R_INVALID_REQUEST); + RSAerr(0, RSA_R_INVALID_REQUEST); return 0; } } /* (Step 1.c): e is odd integer 65537 <= e < 2^256 */ - if (!rsa_check_public_exponent(rsa->e)) { + if (!ossl_rsa_check_public_exponent(rsa->e)) { /* exponent out of range */ - RSAerr(RSA_F_RSA_SP800_56B_CHECK_KEYPAIR, - RSA_R_PUB_EXPONENT_OUT_OF_RANGE); + RSAerr(0, RSA_R_PUB_EXPONENT_OUT_OF_RANGE); return 0; } /* (Step 3.b): check the modulus */ if (nbits != BN_num_bits(rsa->n)) { - RSAerr(RSA_F_RSA_SP800_56B_CHECK_KEYPAIR, RSA_R_INVALID_KEYPAIR); + RSAerr(0, RSA_R_INVALID_KEYPAIR); return 0; } @@ -419,20 +418,20 @@ int rsa_sp800_56b_check_keypair(const RSA *rsa, const BIGNUM *efixed, goto err; /* (Step 4.c): Check n = pq */ if (BN_cmp(rsa->n, r) != 0) { - RSAerr(RSA_F_RSA_SP800_56B_CHECK_KEYPAIR, RSA_R_INVALID_REQUEST); + RSAerr(0, RSA_R_INVALID_REQUEST); goto err; } /* (Step 5): check prime factors p & q */ - ret = rsa_check_prime_factor(rsa->p, rsa->e, nbits, ctx) - && rsa_check_prime_factor(rsa->q, rsa->e, nbits, ctx) - && (rsa_check_pminusq_diff(r, rsa->p, rsa->q, nbits) > 0) + ret = ossl_rsa_check_prime_factor(rsa->p, rsa->e, nbits, ctx) + && ossl_rsa_check_prime_factor(rsa->q, rsa->e, nbits, ctx) + && (ossl_rsa_check_pminusq_diff(r, rsa->p, rsa->q, nbits) > 0) /* (Step 6): Check the private exponent d */ - && rsa_check_private_exponent(rsa, nbits, ctx) + && ossl_rsa_check_private_exponent(rsa, nbits, ctx) /* 6.4.1.2.3 (Step 7): Check the CRT components */ - && rsa_check_crt_components(rsa, ctx); + && ossl_rsa_check_crt_components(rsa, ctx); if (ret != 1) - RSAerr(RSA_F_RSA_SP800_56B_CHECK_KEYPAIR, RSA_R_INVALID_KEYPAIR); + RSAerr(0, RSA_R_INVALID_KEYPAIR); err: BN_clear(r); diff --git a/crypto/rsa/rsa_sp800_56b_gen.c b/crypto/rsa/rsa_sp800_56b_gen.c index df15b8ce87..e8fdcd8940 100644 --- a/crypto/rsa/rsa_sp800_56b_gen.c +++ b/crypto/rsa/rsa_sp800_56b_gen.c @@ -53,8 +53,9 @@ * Xp, Xp1, Xp2, Xq, Xq1, Xq2 are optionally passed in. * (Required for CAVS testing). */ -int rsa_fips186_4_gen_prob_primes(RSA *rsa, RSA_ACVP_TEST *test, int nbits, - const BIGNUM *e, BN_CTX *ctx, BN_GENCB *cb) +int ossl_rsa_fips186_4_gen_prob_primes(RSA *rsa, RSA_ACVP_TEST *test, + int nbits, const BIGNUM *e, BN_CTX *ctx, + BN_GENCB *cb) { int ret = 0, ok; /* Temp allocated BIGNUMS */ @@ -87,13 +88,12 @@ int rsa_fips186_4_gen_prob_primes(RSA *rsa, RSA_ACVP_TEST *test, int nbits, * Signature Generation and Key Agree/Transport. */ if (nbits < RSA_FIPS1864_MIN_KEYGEN_KEYSIZE) { - RSAerr(RSA_F_RSA_FIPS186_4_GEN_PROB_PRIMES, RSA_R_KEY_SIZE_TOO_SMALL); + RSAerr(0, RSA_R_KEY_SIZE_TOO_SMALL); return 0; } - if (!rsa_check_public_exponent(e)) { - RSAerr(RSA_F_RSA_FIPS186_4_GEN_PROB_PRIMES, - RSA_R_PUB_EXPONENT_OUT_OF_RANGE); + if (!ossl_rsa_check_public_exponent(e)) { + RSAerr(0, RSA_R_PUB_EXPONENT_OUT_OF_RANGE); return 0; } @@ -131,14 +131,14 @@ int rsa_fips186_4_gen_prob_primes(RSA *rsa, RSA_ACVP_TEST *test, int nbits, goto err; /* (Step 6) |Xp - Xq| > 2^(nbitlen/2 - 100) */ - ok = rsa_check_pminusq_diff(tmp, Xpo, Xqo, nbits); + ok = ossl_rsa_check_pminusq_diff(tmp, Xpo, Xqo, nbits); if (ok < 0) goto err; if (ok == 0) continue; /* (Step 6) |p - q| > 2^(nbitlen/2 - 100) */ - ok = rsa_check_pminusq_diff(tmp, rsa->p, rsa->q, nbits); + ok = ossl_rsa_check_pminusq_diff(tmp, rsa->p, rsa->q, nbits); if (ok < 0) goto err; if (ok == 0) @@ -169,18 +169,18 @@ err: * strength is unknown. * Returns: 1 if the key size matches the target strength, or 0 otherwise. */ -int rsa_sp800_56b_validate_strength(int nbits, int strength) +int ossl_rsa_sp800_56b_validate_strength(int nbits, int strength) { int s = (int)ifc_ffc_compute_security_bits(nbits); #ifdef FIPS_MODULE if (s < RSA_FIPS1864_MIN_KEYGEN_STRENGTH || s > RSA_FIPS1864_MAX_KEYGEN_STRENGTH) { - RSAerr(RSA_F_RSA_SP800_56B_VALIDATE_STRENGTH, RSA_R_INVALID_MODULUS); + RSAerr(0, RSA_R_INVALID_MODULUS); return 0; } #endif if (strength != -1 && s != strength) { - RSAerr(RSA_F_RSA_SP800_56B_VALIDATE_STRENGTH, RSA_R_INVALID_STRENGTH); + RSAerr(0, RSA_R_INVALID_STRENGTH); return 0; } return 1; @@ -206,8 +206,8 @@ int rsa_sp800_56b_validate_strength(int nbits, int strength) * 0 = d is too small, * 1 = success. */ -int rsa_sp800_56b_derive_params_from_pq(RSA *rsa, int nbits, - const BIGNUM *e, BN_CTX *ctx) +int ossl_rsa_sp800_56b_derive_params_from_pq(RSA *rsa, int nbits, + const BIGNUM *e, BN_CTX *ctx) { int ret = -1; BIGNUM *p1, *q1, *lcm, *p1q1, *gcd; @@ -228,7 +228,7 @@ int rsa_sp800_56b_derive_params_from_pq(RSA *rsa, int nbits, BN_set_flags(gcd, BN_FLG_CONSTTIME); /* LCM((p-1, q-1)) */ - if (rsa_get_lcm(ctx, rsa->p, rsa->q, lcm, gcd, p1, q1, p1q1) != 1) + if (ossl_rsa_get_lcm(ctx, rsa->p, rsa->q, lcm, gcd, p1, q1, p1q1) != 1) goto err; /* copy e */ @@ -330,8 +330,8 @@ err: * cb An optional BIGNUM callback. * Returns: 1 if successfully generated otherwise it returns 0. */ -int rsa_sp800_56b_generate_key(RSA *rsa, int nbits, const BIGNUM *efixed, - BN_GENCB *cb) +int ossl_rsa_sp800_56b_generate_key(RSA *rsa, int nbits, const BIGNUM *efixed, + BN_GENCB *cb) { int ret = 0; int ok; @@ -344,7 +344,7 @@ int rsa_sp800_56b_generate_key(RSA *rsa, int nbits, const BIGNUM *efixed, #endif /* (Steps 1a-1b) : Currently ignores the strength check */ - if (!rsa_sp800_56b_validate_strength(nbits, -1)) + if (!ossl_rsa_sp800_56b_validate_strength(nbits, -1)) return 0; ctx = BN_CTX_new_ex(rsa->libctx); @@ -363,11 +363,10 @@ int rsa_sp800_56b_generate_key(RSA *rsa, int nbits, const BIGNUM *efixed, for (;;) { /* (Step 2) Generate prime factors */ - if (!rsa_fips186_4_gen_prob_primes(rsa, info, nbits, e, ctx, - cb)) + if (!ossl_rsa_fips186_4_gen_prob_primes(rsa, info, nbits, e, ctx, cb)) goto err; /* (Steps 3-5) Compute params d, n, dP, dQ, qInv */ - ok = rsa_sp800_56b_derive_params_from_pq(rsa, nbits, e, ctx); + ok = ossl_rsa_sp800_56b_derive_params_from_pq(rsa, nbits, e, ctx); if (ok < 0) goto err; if (ok > 0) @@ -376,7 +375,7 @@ int rsa_sp800_56b_generate_key(RSA *rsa, int nbits, const BIGNUM *efixed, } /* (Step 6) Do pairwise test - optional validity test has been omitted */ - ret = rsa_sp800_56b_pairwise_test(rsa, ctx); + ret = ossl_rsa_sp800_56b_pairwise_test(rsa, ctx); err: if (efixed == NULL) BN_free(e); @@ -390,7 +389,7 @@ err: * * Returns 1 if the RSA key passes the pairwise test or 0 it it fails. */ -int rsa_sp800_56b_pairwise_test(RSA *rsa, BN_CTX *ctx) +int ossl_rsa_sp800_56b_pairwise_test(RSA *rsa, BN_CTX *ctx) { int ret = 0; BIGNUM *k, *tmp; @@ -407,7 +406,7 @@ int rsa_sp800_56b_pairwise_test(RSA *rsa, BN_CTX *ctx) && BN_mod_exp(tmp, tmp, rsa->d, rsa->n, ctx) && BN_cmp(k, tmp) == 0); if (ret == 0) - RSAerr(RSA_F_RSA_SP800_56B_PAIRWISE_TEST, RSA_R_PAIRWISE_TEST_FAILURE); + RSAerr(0, RSA_R_PAIRWISE_TEST_FAILURE); err: BN_CTX_end(ctx); return ret; diff --git a/crypto/rsa/rsa_ssl.c b/crypto/rsa/rsa_ssl.c index 3565b8c8d6..e2cf98d884 100644 --- a/crypto/rsa/rsa_ssl.c +++ b/crypto/rsa/rsa_ssl.c @@ -21,8 +21,9 @@ #include "internal/constant_time.h" #include "rsa_local.h" -int rsa_padding_add_SSLv23_ex(OPENSSL_CTX *libctx, unsigned char *to, int tlen, - const unsigned char *from, int flen) +int ossl_rsa_padding_add_SSLv23_ex(OPENSSL_CTX *libctx, unsigned char *to, + int tlen, const unsigned char *from, + int flen) { int i, j; unsigned char *p; @@ -62,7 +63,7 @@ int rsa_padding_add_SSLv23_ex(OPENSSL_CTX *libctx, unsigned char *to, int tlen, int RSA_padding_add_SSLv23(unsigned char *to, int tlen, const unsigned char *from, int flen) { - return rsa_padding_add_SSLv23_ex(NULL, to, tlen, from, flen); + return ossl_rsa_padding_add_SSLv23_ex(NULL, to, tlen, from, flen); } /* diff --git a/doc/internal/man3/rsa_get0_all_params.pod b/doc/internal/man3/ossl_rsa_get0_all_params.pod similarity index 69% rename from doc/internal/man3/rsa_get0_all_params.pod rename to doc/internal/man3/ossl_rsa_get0_all_params.pod index c71028c13e..7af5d77d63 100644 --- a/doc/internal/man3/rsa_get0_all_params.pod +++ b/doc/internal/man3/ossl_rsa_get0_all_params.pod @@ -2,28 +2,28 @@ =head1 NAME -rsa_set0_all_params, rsa_get0_all_params +ossl_rsa_set0_all_params, ossl_rsa_get0_all_params - Internal routines for getting and setting data in an RSA object =head1 SYNOPSIS #include "crypto/rsa.h" - int rsa_get0_all_params(RSA *r, STACK_OF(BIGNUM_const) *primes, - STACK_OF(BIGNUM_const) *exps, - STACK_OF(BIGNUM_const) *coeffs); - int rsa_set0_all_params(RSA *r, const STACK_OF(BIGNUM) *primes, - const STACK_OF(BIGNUM) *exps, - const STACK_OF(BIGNUM) *coeffs); + int ossl_rsa_get0_all_params(RSA *r, STACK_OF(BIGNUM_const) *primes, + STACK_OF(BIGNUM_const) *exps, + STACK_OF(BIGNUM_const) *coeffs); + int ossl_rsa_set0_all_params(RSA *r, const STACK_OF(BIGNUM) *primes, + const STACK_OF(BIGNUM) *exps, + const STACK_OF(BIGNUM) *coeffs); =head1 DESCRIPTION -rsa_set0_all_params() sets all primes, CRT exponents and CRT coefficients +ossl_rsa_set0_all_params() sets all primes, CRT exponents and CRT coefficients in the B object I to the contents of the stacks of BIGNUMs I, I and I. The B object takes ownership of the BIGNUMs, but not of the stacks. -rsa_get0_all_params() gets all primes, CRT exponents and CRT coefficients +ossl_rsa_get0_all_params() gets all primes, CRT exponents and CRT coefficients in the B object I and pushes them on the stacks of constant BIGNUMs I, I and I. The B object retains ownership of the BIGNUMs, but not of the stacks. @@ -56,8 +56,8 @@ the number of coefficients must be one less than the number of primes. =head1 RETURN VALUES -rsa_get0_all_params() and rsa_set0_all_params() return 1 on success, or -0 on failure. +ossl_rsa_get0_all_params() and ossl_rsa_set0_all_params() return 1 on success, +or 0 on failure. =head1 SEE ALSO diff --git a/include/crypto/evp.h b/include/crypto/evp.h index 9ca1a6062f..ac20b5b512 100644 --- a/include/crypto/evp.h +++ b/include/crypto/evp.h @@ -183,8 +183,8 @@ const EVP_PKEY_METHOD *ecx25519_pkey_method(void); const EVP_PKEY_METHOD *ecx448_pkey_method(void); const EVP_PKEY_METHOD *ed25519_pkey_method(void); const EVP_PKEY_METHOD *ed448_pkey_method(void); -const EVP_PKEY_METHOD *rsa_pkey_method(void); -const EVP_PKEY_METHOD *rsa_pss_pkey_method(void); +const EVP_PKEY_METHOD *ossl_rsa_pkey_method(void); +const EVP_PKEY_METHOD *ossl_rsa_pss_pkey_method(void); struct evp_mac_st { OSSL_PROVIDER *prov; diff --git a/include/crypto/rsa.h b/include/crypto/rsa.h index e663681e6e..85682aa55d 100644 --- a/include/crypto/rsa.h +++ b/include/crypto/rsa.h @@ -23,72 +23,75 @@ typedef struct rsa_pss_params_30_st { int trailer_field; } RSA_PSS_PARAMS_30; -RSA_PSS_PARAMS_30 *rsa_get0_pss_params_30(RSA *r); -int rsa_pss_params_30_set_defaults(RSA_PSS_PARAMS_30 *rsa_pss_params); -int rsa_pss_params_30_copy(RSA_PSS_PARAMS_30 *to, - const RSA_PSS_PARAMS_30 *from); -int rsa_pss_params_30_is_unrestricted(const RSA_PSS_PARAMS_30 *rsa_pss_params); -int rsa_pss_params_30_set_hashalg(RSA_PSS_PARAMS_30 *rsa_pss_params, - int hashalg_nid); -int rsa_pss_params_30_set_maskgenalg(RSA_PSS_PARAMS_30 *rsa_pss_params, - int maskgenalg_nid); -int rsa_pss_params_30_set_maskgenhashalg(RSA_PSS_PARAMS_30 *rsa_pss_params, - int maskgenhashalg_nid); -int rsa_pss_params_30_set_saltlen(RSA_PSS_PARAMS_30 *rsa_pss_params, - int saltlen); -int rsa_pss_params_30_set_trailerfield(RSA_PSS_PARAMS_30 *rsa_pss_params, - int trailerfield); -int rsa_pss_params_30_hashalg(const RSA_PSS_PARAMS_30 *rsa_pss_params); -int rsa_pss_params_30_maskgenalg(const RSA_PSS_PARAMS_30 *rsa_pss_params); -int rsa_pss_params_30_maskgenhashalg(const RSA_PSS_PARAMS_30 *rsa_pss_params); -int rsa_pss_params_30_saltlen(const RSA_PSS_PARAMS_30 *rsa_pss_params); -int rsa_pss_params_30_trailerfield(const RSA_PSS_PARAMS_30 *rsa_pss_params); - -const char *rsa_mgf_nid2name(int mgf); -int rsa_oaeppss_md2nid(const EVP_MD *md); -const char *rsa_oaeppss_nid2name(int md); - -RSA *rsa_new_with_ctx(OPENSSL_CTX *libctx); -OPENSSL_CTX *rsa_get0_libctx(RSA *r); - -int rsa_set0_all_params(RSA *r, const STACK_OF(BIGNUM) *primes, - const STACK_OF(BIGNUM) *exps, - const STACK_OF(BIGNUM) *coeffs); -int rsa_get0_all_params(RSA *r, STACK_OF(BIGNUM_const) *primes, - STACK_OF(BIGNUM_const) *exps, - STACK_OF(BIGNUM_const) *coeffs); - -int rsa_todata(RSA *rsa, OSSL_PARAM_BLD *bld, OSSL_PARAM params[]); -int rsa_fromdata(RSA *rsa, const OSSL_PARAM params[]); -int rsa_pss_params_30_todata(const RSA_PSS_PARAMS_30 *pss, - OSSL_PARAM_BLD *bld, OSSL_PARAM params[]); -int rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params, - const OSSL_PARAM params[], OPENSSL_CTX *libctx); - -int rsa_padding_check_PKCS1_type_2_TLS(OPENSSL_CTX *ctx, unsigned char *to, - size_t tlen, const unsigned char *from, - size_t flen, int client_version, - int alt_version); -int rsa_padding_add_PKCS1_OAEP_mgf1_ex(OPENSSL_CTX *libctx, unsigned char *to, - int tlen, const unsigned char *from, - int flen, const unsigned char *param, - int plen, const EVP_MD *md, - const EVP_MD *mgf1md); - -int rsa_validate_public(const RSA *key); -int rsa_validate_private(const RSA *key); -int rsa_validate_pairwise(const RSA *key); +RSA_PSS_PARAMS_30 *ossl_rsa_get0_pss_params_30(RSA *r); +int ossl_rsa_pss_params_30_set_defaults(RSA_PSS_PARAMS_30 *rsa_pss_params); +int ossl_rsa_pss_params_30_copy(RSA_PSS_PARAMS_30 *to, + const RSA_PSS_PARAMS_30 *from); +int ossl_rsa_pss_params_30_is_unrestricted(const RSA_PSS_PARAMS_30 *rsa_pss_params); +int ossl_rsa_pss_params_30_set_hashalg(RSA_PSS_PARAMS_30 *rsa_pss_params, + int hashalg_nid); +int ossl_rsa_pss_params_30_set_maskgenalg(RSA_PSS_PARAMS_30 *rsa_pss_params, + int maskgenalg_nid); +int ossl_rsa_pss_params_30_set_maskgenhashalg(RSA_PSS_PARAMS_30 *rsa_pss_params, + int maskgenhashalg_nid); +int ossl_rsa_pss_params_30_set_saltlen(RSA_PSS_PARAMS_30 *rsa_pss_params, + int saltlen); +int ossl_rsa_pss_params_30_set_trailerfield(RSA_PSS_PARAMS_30 *rsa_pss_params, + int trailerfield); +int ossl_rsa_pss_params_30_hashalg(const RSA_PSS_PARAMS_30 *rsa_pss_params); +int ossl_rsa_pss_params_30_maskgenalg(const RSA_PSS_PARAMS_30 *rsa_pss_params); +int ossl_rsa_pss_params_30_maskgenhashalg(const RSA_PSS_PARAMS_30 *rsa_pss_params); +int ossl_rsa_pss_params_30_saltlen(const RSA_PSS_PARAMS_30 *rsa_pss_params); +int ossl_rsa_pss_params_30_trailerfield(const RSA_PSS_PARAMS_30 *rsa_pss_params); + +const char *ossl_rsa_mgf_nid2name(int mgf); +int ossl_rsa_oaeppss_md2nid(const EVP_MD *md); +const char *ossl_rsa_oaeppss_nid2name(int md); + +RSA *ossl_rsa_new_with_ctx(OPENSSL_CTX *libctx); +OPENSSL_CTX *ossl_rsa_get0_libctx(RSA *r); + +int ossl_rsa_set0_all_params(RSA *r, const STACK_OF(BIGNUM) *primes, + const STACK_OF(BIGNUM) *exps, + const STACK_OF(BIGNUM) *coeffs); +int ossl_rsa_get0_all_params(RSA *r, STACK_OF(BIGNUM_const) *primes, + STACK_OF(BIGNUM_const) *exps, + STACK_OF(BIGNUM_const) *coeffs); + +int ossl_rsa_todata(RSA *rsa, OSSL_PARAM_BLD *bld, OSSL_PARAM params[]); +int ossl_rsa_fromdata(RSA *rsa, const OSSL_PARAM params[]); +int ossl_rsa_pss_params_30_todata(const RSA_PSS_PARAMS_30 *pss, + OSSL_PARAM_BLD *bld, OSSL_PARAM params[]); +int ossl_rsa_pss_params_30_fromdata(RSA_PSS_PARAMS_30 *pss_params, + const OSSL_PARAM params[], + OPENSSL_CTX *libctx); + +int ossl_rsa_padding_check_PKCS1_type_2_TLS(OPENSSL_CTX *ctx, unsigned char *to, + size_t tlen, + const unsigned char *from, + size_t flen, int client_version, + int alt_version); +int ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex(OPENSSL_CTX *libctx, + unsigned char *to, int tlen, + const unsigned char *from, int flen, + const unsigned char *param, + int plen, const EVP_MD *md, + const EVP_MD *mgf1md); + +int ossl_rsa_validate_public(const RSA *key); +int ossl_rsa_validate_private(const RSA *key); +int ossl_rsa_validate_pairwise(const RSA *key); int int_rsa_verify(int dtype, const unsigned char *m, unsigned int m_len, unsigned char *rm, size_t *prm_len, const unsigned char *sigbuf, size_t siglen, RSA *rsa); -const unsigned char *rsa_digestinfo_encoding(int md_nid, size_t *len); +const unsigned char *ossl_rsa_digestinfo_encoding(int md_nid, size_t *len); -extern const char *rsa_mp_factor_names[]; -extern const char *rsa_mp_exp_names[]; -extern const char *rsa_mp_coeff_names[]; +extern const char *ossl_rsa_mp_factor_names[]; +extern const char *ossl_rsa_mp_exp_names[]; +extern const char *ossl_rsa_mp_coeff_names[]; # if defined(FIPS_MODULE) && !defined(OPENSSL_NO_ACVP_TESTS) int rsa_acvp_test_gen_params_new(OSSL_PARAM **dst, const OSSL_PARAM src[]); diff --git a/include/openssl/rsaerr.h b/include/openssl/rsaerr.h index 34df111eaf..794f433a05 100644 --- a/include/openssl/rsaerr.h +++ b/include/openssl/rsaerr.h @@ -41,7 +41,6 @@ int ERR_load_RSA_strings(void); # define RSA_F_RSA_CHECK_KEY_EX 0 # define RSA_F_RSA_CMS_DECRYPT 0 # define RSA_F_RSA_CMS_VERIFY 0 -# define RSA_F_RSA_FIPS186_4_GEN_PROB_PRIMES 0 # define RSA_F_RSA_ITEM_VERIFY 0 # define RSA_F_RSA_METH_DUP 0 # define RSA_F_RSA_METH_NEW 0 @@ -85,10 +84,6 @@ int ERR_load_RSA_strings(void); # define RSA_F_RSA_SETUP_BLINDING 0 # define RSA_F_RSA_SIGN 0 # define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 0 -# define RSA_F_RSA_SP800_56B_CHECK_KEYPAIR 0 -# define RSA_F_RSA_SP800_56B_CHECK_PUBLIC 0 -# define RSA_F_RSA_SP800_56B_PAIRWISE_TEST 0 -# define RSA_F_RSA_SP800_56B_VALIDATE_STRENGTH 0 # define RSA_F_RSA_VERIFY 0 # define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 0 # define RSA_F_RSA_VERIFY_PKCS1_PSS_MGF1 0 diff --git a/providers/common/der/der_rsa_key.c b/providers/common/der/der_rsa_key.c index 6e8a37699d..a20c334b23 100644 --- a/providers/common/der/der_rsa_key.c +++ b/providers/common/der/der_rsa_key.c @@ -242,8 +242,8 @@ static const unsigned char der_aid_mgf1SHA512_256Identifier[] = { static int DER_w_MaskGenAlgorithm(WPACKET *pkt, int tag, const RSA_PSS_PARAMS_30 *pss) { - if (pss != NULL && rsa_pss_params_30_maskgenalg(pss) == NID_mgf1) { - int maskgenhashalg_nid = rsa_pss_params_30_maskgenhashalg(pss); + if (pss != NULL && ossl_rsa_pss_params_30_maskgenalg(pss) == NID_mgf1) { + int maskgenhashalg_nid = ossl_rsa_pss_params_30_maskgenhashalg(pss); const unsigned char *maskgenalg = NULL; size_t maskgenalg_sz = 0; @@ -292,17 +292,18 @@ int ossl_DER_w_RSASSA_PSS_params(WPACKET *pkt, int tag, * intent. Therefore, we assert that here, the PSS parameters must show * that the key is restricted. */ - if (!ossl_assert(pss != NULL && !rsa_pss_params_30_is_unrestricted(pss))) + if (!ossl_assert(pss != NULL + && !ossl_rsa_pss_params_30_is_unrestricted(pss))) return 0; - hashalg_nid = rsa_pss_params_30_hashalg(pss); - saltlen = rsa_pss_params_30_saltlen(pss); - trailerfield = rsa_pss_params_30_trailerfield(pss); + hashalg_nid = ossl_rsa_pss_params_30_hashalg(pss); + saltlen = ossl_rsa_pss_params_30_saltlen(pss); + trailerfield = ossl_rsa_pss_params_30_trailerfield(pss); /* Getting default values */ - default_hashalg_nid = rsa_pss_params_30_hashalg(NULL); - default_saltlen = rsa_pss_params_30_saltlen(NULL); - default_trailerfield = rsa_pss_params_30_trailerfield(NULL); + default_hashalg_nid = ossl_rsa_pss_params_30_hashalg(NULL); + default_saltlen = ossl_rsa_pss_params_30_saltlen(NULL); + default_trailerfield = ossl_rsa_pss_params_30_trailerfield(NULL); /* * From https://tools.ietf.org/html/rfc8017#appendix-A.2.1: @@ -354,7 +355,7 @@ int ossl_DER_w_algorithmIdentifier_RSA(WPACKET *pkt, int tag, RSA *rsa) int rsa_nid = NID_undef; const unsigned char *rsa_oid = NULL; size_t rsa_oid_sz = 0; - RSA_PSS_PARAMS_30 *pss_params = rsa_get0_pss_params_30(rsa); + RSA_PSS_PARAMS_30 *pss_params = ossl_rsa_get0_pss_params_30(rsa); switch (RSA_test_flags(rsa, RSA_FLAG_TYPE_MASK)) { case RSA_FLAG_TYPE_RSA: @@ -368,7 +369,7 @@ int ossl_DER_w_algorithmIdentifier_RSA(WPACKET *pkt, int tag, RSA *rsa) return ossl_DER_w_begin_sequence(pkt, tag) && (rsa_nid != NID_rsassaPss - || rsa_pss_params_30_is_unrestricted(pss_params) + || ossl_rsa_pss_params_30_is_unrestricted(pss_params) || ossl_DER_w_RSASSA_PSS_params(pkt, -1, pss_params)) && ossl_DER_w_precompiled(pkt, -1, rsa_oid, rsa_oid_sz) && ossl_DER_w_end_sequence(pkt, tag); diff --git a/providers/common/include/prov/securitycheck.h b/providers/common/include/prov/securitycheck.h index 0d3b9e8bac..8ab3370263 100644 --- a/providers/common/include/prov/securitycheck.h +++ b/providers/common/include/prov/securitycheck.h @@ -8,7 +8,7 @@ */ /* Functions that are common */ -int rsa_check_key(const RSA *rsa, int protect); +int ossl_rsa_check_key(const RSA *rsa, int protect); int ec_check_key(const EC_KEY *ec, int protect); int dsa_check_key(const DSA *dsa, int sign); int dh_check_key(const DH *dh); diff --git a/providers/common/securitycheck.c b/providers/common/securitycheck.c index 9a425fb630..a95fa9dda9 100644 --- a/providers/common/securitycheck.c +++ b/providers/common/securitycheck.c @@ -25,7 +25,7 @@ * Set protect = 1 for encryption or signing operations, or 0 otherwise. See * https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar2.pdf. */ -int rsa_check_key(const RSA *rsa, int protect) +int ossl_rsa_check_key(const RSA *rsa, int protect) { #if !defined(OPENSSL_NO_FIPS_SECURITYCHECKS) if (securitycheck_enabled()) { diff --git a/providers/implementations/asymciphers/rsa_enc.c b/providers/implementations/asymciphers/rsa_enc.c index 0ce2054e7d..6241ce5fcf 100644 --- a/providers/implementations/asymciphers/rsa_enc.c +++ b/providers/implementations/asymciphers/rsa_enc.c @@ -113,7 +113,7 @@ static int rsa_init(void *vprsactx, void *vrsa, int operation) ERR_raise(ERR_LIB_PROV, PROV_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE); return 0; } - if (!rsa_check_key(vrsa, operation == EVP_PKEY_OP_ENCRYPT)) { + if (!ossl_rsa_check_key(vrsa, operation == EVP_PKEY_OP_ENCRYPT)) { ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); return 0; } @@ -165,11 +165,12 @@ static int rsa_encrypt(void *vprsactx, unsigned char *out, size_t *outlen, return 0; } ret = - rsa_padding_add_PKCS1_OAEP_mgf1_ex(prsactx->libctx, tbuf, rsasize, - in, inlen, prsactx->oaep_label, - prsactx->oaep_labellen, - prsactx->oaep_md, - prsactx->mgf1_md); + ossl_rsa_padding_add_PKCS1_OAEP_mgf1_ex(prsactx->libctx, tbuf, + rsasize, in, inlen, + prsactx->oaep_label, + prsactx->oaep_labellen, + prsactx->oaep_md, + prsactx->mgf1_md); if (!ret) { OPENSSL_free(tbuf); @@ -263,11 +264,9 @@ static int rsa_decrypt(void *vprsactx, unsigned char *out, size_t *outlen, ERR_raise(ERR_LIB_PROV, PROV_R_BAD_TLS_CLIENT_VERSION); return 0; } - ret = rsa_padding_check_PKCS1_type_2_TLS(prsactx->libctx, out, - outsize, - tbuf, len, - prsactx->client_version, - prsactx->alt_version); + ret = ossl_rsa_padding_check_PKCS1_type_2_TLS( + prsactx->libctx, out, outsize, tbuf, len, + prsactx->client_version, prsactx->alt_version); } OPENSSL_free(tbuf); } else { diff --git a/providers/implementations/encode_decode/encode_key2any.c b/providers/implementations/encode_decode/encode_key2any.c index 2a4a31fe5b..c21b74d9d3 100644 --- a/providers/implementations/encode_decode/encode_key2any.c +++ b/providers/implementations/encode_decode/encode_key2any.c @@ -624,7 +624,7 @@ static int ecx_priv_to_der(const void *vecxkey, unsigned char **pder) static int prepare_rsa_params(const void *rsa, int nid, void **pstr, int *pstrtype) { - const RSA_PSS_PARAMS_30 *pss = rsa_get0_pss_params_30((RSA *)rsa); + const RSA_PSS_PARAMS_30 *pss = ossl_rsa_get0_pss_params_30((RSA *)rsa); *pstr = NULL; @@ -634,7 +634,7 @@ static int prepare_rsa_params(const void *rsa, int nid, *pstrtype = V_ASN1_NULL; return 1; case RSA_FLAG_TYPE_RSASSAPSS: - if (rsa_pss_params_30_is_unrestricted(pss)) { + if (ossl_rsa_pss_params_30_is_unrestricted(pss)) { *pstrtype = V_ASN1_UNDEF; return 1; } else { diff --git a/providers/implementations/encode_decode/encode_key2text.c b/providers/implementations/encode_decode/encode_key2text.c index 638e16ec27..ac6d42970e 100644 --- a/providers/implementations/encode_decode/encode_key2text.c +++ b/providers/implementations/encode_decode/encode_key2text.c @@ -627,7 +627,7 @@ static int rsa_to_text(BIO *out, const void *key, int selection) STACK_OF(BIGNUM_const) *exps = NULL; STACK_OF(BIGNUM_const) *coeffs = NULL; int primes; - const RSA_PSS_PARAMS_30 *pss_params = rsa_get0_pss_params_30((RSA *)rsa); + const RSA_PSS_PARAMS_30 *pss_params = ossl_rsa_get0_pss_params_30((RSA *)rsa); int ret = 0; if (out == NULL || rsa == NULL) { @@ -655,7 +655,7 @@ static int rsa_to_text(BIO *out, const void *key, int selection) } RSA_get0_key(rsa, &rsa_n, &rsa_e, &rsa_d); - rsa_get0_all_params((RSA *)rsa, factors, exps, coeffs); + ossl_rsa_get0_all_params((RSA *)rsa, factors, exps, coeffs); primes = sk_BIGNUM_const_num(factors); if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) { @@ -714,33 +714,35 @@ static int rsa_to_text(BIO *out, const void *key, int selection) if ((selection & OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS) != 0) { switch (RSA_test_flags(rsa, RSA_FLAG_TYPE_MASK)) { case RSA_FLAG_TYPE_RSA: - if (!rsa_pss_params_30_is_unrestricted(pss_params)) { + if (!ossl_rsa_pss_params_30_is_unrestricted(pss_params)) { if (BIO_printf(out, "(INVALID PSS PARAMETERS)\n") <= 0) goto err; } break; case RSA_FLAG_TYPE_RSASSAPSS: - if (rsa_pss_params_30_is_unrestricted(pss_params)) { + if (ossl_rsa_pss_params_30_is_unrestricted(pss_params)) { if (BIO_printf(out, "No PSS parameter restrictions\n") <= 0) goto err; } else { - int hashalg_nid = rsa_pss_params_30_hashalg(pss_params); - int maskgenalg_nid = rsa_pss_params_30_maskgenalg(pss_params); + int hashalg_nid = ossl_rsa_pss_params_30_hashalg(pss_params); + int maskgenalg_nid = + ossl_rsa_pss_params_30_maskgenalg(pss_params); int maskgenhashalg_nid = - rsa_pss_params_30_maskgenhashalg(pss_params); - int saltlen = rsa_pss_params_30_saltlen(pss_params); - int trailerfield = rsa_pss_params_30_trailerfield(pss_params); + ossl_rsa_pss_params_30_maskgenhashalg(pss_params); + int saltlen = ossl_rsa_pss_params_30_saltlen(pss_params); + int trailerfield = + ossl_rsa_pss_params_30_trailerfield(pss_params); if (BIO_printf(out, "PSS parameter restrictions:\n") <= 0) goto err; if (BIO_printf(out, " Hash Algorithm: %s%s\n", - rsa_oaeppss_nid2name(hashalg_nid), + ossl_rsa_oaeppss_nid2name(hashalg_nid), (hashalg_nid == NID_sha1 ? " (default)" : "")) <= 0) goto err; if (BIO_printf(out, " Mask Algorithm: %s with %s%s\n", - rsa_mgf_nid2name(maskgenalg_nid), - rsa_oaeppss_nid2name(maskgenhashalg_nid), + ossl_rsa_mgf_nid2name(maskgenalg_nid), + ossl_rsa_oaeppss_nid2name(maskgenhashalg_nid), (maskgenalg_nid == NID_mgf1 && maskgenhashalg_nid == NID_sha1 ? " (default)" : "")) <= 0) diff --git a/providers/implementations/kem/rsa_kem.c b/providers/implementations/kem/rsa_kem.c index 39ee9f4bac..cb02854100 100644 --- a/providers/implementations/kem/rsa_kem.c +++ b/providers/implementations/kem/rsa_kem.c @@ -126,7 +126,7 @@ static int rsakem_init(void *vprsactx, void *vrsa, int operation) RSA_free(prsactx->rsa); prsactx->rsa = vrsa; - if (!rsa_check_key(vrsa, operation == EVP_PKEY_OP_ENCAPSULATE)) { + if (!ossl_rsa_check_key(vrsa, operation == EVP_PKEY_OP_ENCAPSULATE)) { ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); return 0; } @@ -205,7 +205,7 @@ static int rsasve_gen_rand_bytes(RSA *rsa_pub, BN_CTX *bnctx; BIGNUM *z, *nminus3; - bnctx = BN_CTX_secure_new_ex(rsa_get0_libctx(rsa_pub)); + bnctx = BN_CTX_secure_new_ex(ossl_rsa_get0_libctx(rsa_pub)); if (bnctx == NULL) return 0; diff --git a/providers/implementations/keymgmt/rsa_kmgmt.c b/providers/implementations/keymgmt/rsa_kmgmt.c index 98c369d97f..4156fbd5b0 100644 --- a/providers/implementations/keymgmt/rsa_kmgmt.c +++ b/providers/implementations/keymgmt/rsa_kmgmt.c @@ -60,12 +60,12 @@ static int pss_params_fromdata(RSA_PSS_PARAMS_30 *pss_params, const OSSL_PARAM params[], int rsa_type, OPENSSL_CTX *libctx) { - if (!rsa_pss_params_30_fromdata(pss_params, params, libctx)) + if (!ossl_rsa_pss_params_30_fromdata(pss_params, params, libctx)) return 0; /* If not a PSS type RSA, sending us PSS parameters is wrong */ if (rsa_type != RSA_FLAG_TYPE_RSASSAPSS - && !rsa_pss_params_30_is_unrestricted(pss_params)) + && !ossl_rsa_pss_params_30_is_unrestricted(pss_params)) return 0; return 1; @@ -79,7 +79,7 @@ static void *rsa_newdata(void *provctx) if (!ossl_prov_is_running()) return NULL; - rsa = rsa_new_with_ctx(libctx); + rsa = ossl_rsa_new_with_ctx(libctx); if (rsa != NULL) { RSA_clear_flags(rsa, RSA_FLAG_TYPE_MASK); RSA_set_flags(rsa, RSA_FLAG_TYPE_RSA); @@ -95,7 +95,7 @@ static void *rsapss_newdata(void *provctx) if (!ossl_prov_is_running()) return NULL; - rsa = rsa_new_with_ctx(libctx); + rsa = ossl_rsa_new_with_ctx(libctx); if (rsa != NULL) { RSA_clear_flags(rsa, RSA_FLAG_TYPE_MASK); RSA_set_flags(rsa, RSA_FLAG_TYPE_RSASSAPSS); @@ -165,10 +165,10 @@ static int rsa_import(void *keydata, int selection, const OSSL_PARAM params[]) /* TODO(3.0) OAEP should bring on parameters as well */ if ((selection & OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS) != 0) - ok = ok && pss_params_fromdata(rsa_get0_pss_params_30(rsa), params, - rsa_type, rsa_get0_libctx(rsa)); + ok = ok && pss_params_fromdata(ossl_rsa_get0_pss_params_30(rsa), params, + rsa_type, ossl_rsa_get0_libctx(rsa)); if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) - ok = ok && rsa_fromdata(rsa, params); + ok = ok && ossl_rsa_fromdata(rsa, params); return ok; } @@ -177,7 +177,7 @@ static int rsa_export(void *keydata, int selection, OSSL_CALLBACK *param_callback, void *cbarg) { RSA *rsa = keydata; - const RSA_PSS_PARAMS_30 *pss_params = rsa_get0_pss_params_30(rsa); + const RSA_PSS_PARAMS_30 *pss_params = ossl_rsa_get0_pss_params_30(rsa); OSSL_PARAM_BLD *tmpl; OSSL_PARAM *params = NULL; int ok = 1; @@ -192,10 +192,10 @@ static int rsa_export(void *keydata, int selection, return 0; if ((selection & OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS) != 0) - ok = ok && (rsa_pss_params_30_is_unrestricted(pss_params) - || rsa_pss_params_30_todata(pss_params, tmpl, NULL)); + ok = ok && (ossl_rsa_pss_params_30_is_unrestricted(pss_params) + || ossl_rsa_pss_params_30_todata(pss_params, tmpl, NULL)); if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0) - ok = ok && rsa_todata(rsa, tmpl, NULL); + ok = ok && ossl_rsa_todata(rsa, tmpl, NULL); if (!ok || (params = OSSL_PARAM_BLD_to_param(tmpl)) == NULL) @@ -297,7 +297,7 @@ static const OSSL_PARAM *rsa_export_types(int selection) static int rsa_get_params(void *key, OSSL_PARAM params[]) { RSA *rsa = key; - const RSA_PSS_PARAMS_30 *pss_params = rsa_get0_pss_params_30(rsa); + const RSA_PSS_PARAMS_30 *pss_params = ossl_rsa_get0_pss_params_30(rsa); int rsa_type = RSA_test_flags(rsa, RSA_FLAG_TYPE_MASK); OSSL_PARAM *p; @@ -330,17 +330,17 @@ static int rsa_get_params(void *key, OSSL_PARAM params[]) && rsa_type == RSA_FLAG_TYPE_RSASSAPSS) { const char *mdname = RSA_PSS_DEFAULT_MD; - if (!rsa_pss_params_30_is_unrestricted(pss_params)) { + if (!ossl_rsa_pss_params_30_is_unrestricted(pss_params)) { mdname = - rsa_oaeppss_nid2name(rsa_pss_params_30_hashalg(pss_params)); + ossl_rsa_oaeppss_nid2name(ossl_rsa_pss_params_30_hashalg(pss_params)); if (mdname == NULL || !OSSL_PARAM_set_utf8_string(p, mdname)) return 0; } } return (rsa_type != RSA_FLAG_TYPE_RSASSAPSS - || rsa_pss_params_30_todata(pss_params, NULL, params)) - && rsa_todata(rsa, NULL, params); + || ossl_rsa_pss_params_30_todata(pss_params, NULL, params)) + && ossl_rsa_todata(rsa, NULL, params); } static const OSSL_PARAM rsa_params[] = { @@ -371,12 +371,12 @@ static int rsa_validate(void *keydata, int selection) /* If the whole key is selected, we do a pairwise validation */ if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) == OSSL_KEYMGMT_SELECT_KEYPAIR) { - ok = ok && rsa_validate_pairwise(rsa); + ok = ok && ossl_rsa_validate_pairwise(rsa); } else { if ((selection & OSSL_KEYMGMT_SELECT_PRIVATE_KEY) != 0) - ok = ok && rsa_validate_private(rsa); + ok = ok && ossl_rsa_validate_private(rsa); if ((selection & OSSL_KEYMGMT_SELECT_PUBLIC_KEY) != 0) - ok = ok && rsa_validate_public(rsa); + ok = ok && ossl_rsa_validate_public(rsa); } return ok; } @@ -489,7 +489,7 @@ static int rsa_gen_set_params(void *genctx, const OSSL_PARAM params[]) OSSL_PARAM_BN(OSSL_PKEY_PARAM_RSA_E, NULL, 0) /* - * The following must be kept in sync with rsa_pss_params_30_fromdata() + * The following must be kept in sync with ossl_rsa_pss_params_30_fromdata() * in crypto/rsa/rsa_backend.c */ #define rsa_gen_pss \ @@ -532,7 +532,7 @@ static void *rsa_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg) switch (gctx->rsa_type) { case RSA_FLAG_TYPE_RSA: /* For plain RSA keys, PSS parameters must not be set */ - if (!rsa_pss_params_30_is_unrestricted(&gctx->pss_params)) + if (!ossl_rsa_pss_params_30_is_unrestricted(&gctx->pss_params)) goto err; break; case RSA_FLAG_TYPE_RSASSAPSS: @@ -546,7 +546,7 @@ static void *rsa_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg) return NULL; } - if ((rsa_tmp = rsa_new_with_ctx(gctx->libctx)) == NULL) + if ((rsa_tmp = ossl_rsa_new_with_ctx(gctx->libctx)) == NULL) return NULL; gctx->cb = osslcb; @@ -567,8 +567,8 @@ static void *rsa_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg) gctx->pub_exp, gencb)) goto err; - if (!rsa_pss_params_30_copy(rsa_get0_pss_params_30(rsa_tmp), - &gctx->pss_params)) + if (!ossl_rsa_pss_params_30_copy(ossl_rsa_get0_pss_params_30(rsa_tmp), + &gctx->pss_params)) goto err; RSA_clear_flags(rsa_tmp, RSA_FLAG_TYPE_MASK); diff --git a/providers/implementations/signature/rsa.c b/providers/implementations/signature/rsa.c index dbebf7d7b1..efcb76661e 100644 --- a/providers/implementations/signature/rsa.c +++ b/providers/implementations/signature/rsa.c @@ -288,7 +288,7 @@ static int rsa_signverify_init(void *vprsactx, void *vrsa, int operation) prsactx->rsa = vrsa; prsactx->operation = operation; - if (!rsa_check_key(vrsa, operation == EVP_PKEY_OP_SIGN)) { + if (!ossl_rsa_check_key(vrsa, operation == EVP_PKEY_OP_SIGN)) { ERR_raise(ERR_LIB_PROV, PROV_R_INVALID_KEY_LENGTH); return 0; } @@ -306,17 +306,17 @@ static int rsa_signverify_init(void *vprsactx, void *vrsa, int operation) { const RSA_PSS_PARAMS_30 *pss = - rsa_get0_pss_params_30(prsactx->rsa); + ossl_rsa_get0_pss_params_30(prsactx->rsa); - if (!rsa_pss_params_30_is_unrestricted(pss)) { - int md_nid = rsa_pss_params_30_hashalg(pss); - int mgf1md_nid = rsa_pss_params_30_maskgenhashalg(pss); - int min_saltlen = rsa_pss_params_30_saltlen(pss); + if (!ossl_rsa_pss_params_30_is_unrestricted(pss)) { + int md_nid = ossl_rsa_pss_params_30_hashalg(pss); + int mgf1md_nid = ossl_rsa_pss_params_30_maskgenhashalg(pss); + int min_saltlen = ossl_rsa_pss_params_30_saltlen(pss); const char *mdname, *mgf1mdname; size_t len; - mdname = rsa_oaeppss_nid2name(md_nid); - mgf1mdname = rsa_oaeppss_nid2name(mgf1md_nid); + mdname = ossl_rsa_oaeppss_nid2name(md_nid); + mgf1mdname = ossl_rsa_oaeppss_nid2name(mgf1md_nid); prsactx->min_saltlen = min_saltlen; if (mdname == NULL) { diff --git a/test/rsa_mp_test.c b/test/rsa_mp_test.c index 4e82780b8e..0f3db5d4da 100644 --- a/test/rsa_mp_test.c +++ b/test/rsa_mp_test.c @@ -231,7 +231,7 @@ static int key2048p3_v2(RSA *key) || !TEST_int_ne(sk_BIGNUM_push(coeffs, num), 0)) goto err; - if (!TEST_true(rsa_set0_all_params(key, primes, exps, coeffs))) + if (!TEST_true(ossl_rsa_set0_all_params(key, primes, exps, coeffs))) goto err; ret: diff --git a/test/rsa_sp800_56b_test.c b/test/rsa_sp800_56b_test.c index edcf4478fa..72451b37ca 100644 --- a/test/rsa_sp800_56b_test.c +++ b/test/rsa_sp800_56b_test.c @@ -113,19 +113,19 @@ static int test_check_public_exponent(void) ret = TEST_ptr(e = BN_new()) /* e is too small */ && TEST_true(BN_set_word(e, 65535)) - && TEST_false(rsa_check_public_exponent(e)) + && TEST_false(ossl_rsa_check_public_exponent(e)) /* e is even will fail */ && TEST_true(BN_set_word(e, 65536)) - && TEST_false(rsa_check_public_exponent(e)) + && TEST_false(ossl_rsa_check_public_exponent(e)) /* e is ok */ && TEST_true(BN_set_word(e, 65537)) - && TEST_true(rsa_check_public_exponent(e)) + && TEST_true(ossl_rsa_check_public_exponent(e)) /* e = 2^256 is too big */ && TEST_true(BN_lshift(e, BN_value_one(), 256)) - && TEST_false(rsa_check_public_exponent(e)) + && TEST_false(ossl_rsa_check_public_exponent(e)) /* e = 2^256-1 is odd and in range */ && TEST_true(BN_sub(e, e, BN_value_one())) - && TEST_true(rsa_check_public_exponent(e)); + && TEST_true(ossl_rsa_check_public_exponent(e)); BN_free(e); return ret; } @@ -153,19 +153,19 @@ static int test_check_prime_factor_range(void) && TEST_ptr(bn_p4 = bn_load_new(p4, sizeof(p4))) && TEST_ptr(ctx = BN_CTX_new()) && TEST_true(BN_set_word(p, 0xA)) - && TEST_false(rsa_check_prime_factor_range(p, 8, ctx)) + && TEST_false(ossl_rsa_check_prime_factor_range(p, 8, ctx)) && TEST_true(BN_set_word(p, 0x10)) - && TEST_false(rsa_check_prime_factor_range(p, 8, ctx)) + && TEST_false(ossl_rsa_check_prime_factor_range(p, 8, ctx)) && TEST_true(BN_set_word(p, 0xB)) - && TEST_false(rsa_check_prime_factor_range(p, 8, ctx)) + && TEST_false(ossl_rsa_check_prime_factor_range(p, 8, ctx)) && TEST_true(BN_set_word(p, 0xC)) - && TEST_true(rsa_check_prime_factor_range(p, 8, ctx)) + && TEST_true(ossl_rsa_check_prime_factor_range(p, 8, ctx)) && TEST_true(BN_set_word(p, 0xF)) - && TEST_true(rsa_check_prime_factor_range(p, 8, ctx)) - && TEST_false(rsa_check_prime_factor_range(bn_p1, 72, ctx)) - && TEST_false(rsa_check_prime_factor_range(bn_p2, 72, ctx)) - && TEST_true(rsa_check_prime_factor_range(bn_p3, 72, ctx)) - && TEST_true(rsa_check_prime_factor_range(bn_p4, 72, ctx)); + && TEST_true(ossl_rsa_check_prime_factor_range(p, 8, ctx)) + && TEST_false(ossl_rsa_check_prime_factor_range(bn_p1, 72, ctx)) + && TEST_false(ossl_rsa_check_prime_factor_range(bn_p2, 72, ctx)) + && TEST_true(ossl_rsa_check_prime_factor_range(bn_p3, 72, ctx)) + && TEST_true(ossl_rsa_check_prime_factor_range(bn_p4, 72, ctx)); BN_free(bn_p4); BN_free(bn_p3); @@ -196,15 +196,15 @@ static int test_check_prime_factor(void) && TEST_ptr(ctx = BN_CTX_new()) /* Fails the prime test */ && TEST_true(BN_set_word(e, 0x1)) - && TEST_false(rsa_check_prime_factor(bn_p1, e, 72, ctx)) + && TEST_false(ossl_rsa_check_prime_factor(bn_p1, e, 72, ctx)) /* p is prime and in range and gcd(p-1, e) = 1 */ - && TEST_true(rsa_check_prime_factor(bn_p2, e, 72, ctx)) + && TEST_true(ossl_rsa_check_prime_factor(bn_p2, e, 72, ctx)) /* gcd(p-1,e) = 1 test fails */ && TEST_true(BN_set_word(e, 0x2)) - && TEST_false(rsa_check_prime_factor(p, e, 72, ctx)) + && TEST_false(ossl_rsa_check_prime_factor(p, e, 72, ctx)) /* p fails the range check */ && TEST_true(BN_set_word(e, 0x1)) - && TEST_false(rsa_check_prime_factor(bn_p3, e, 72, ctx)); + && TEST_false(ossl_rsa_check_prime_factor(bn_p3, e, 72, ctx)); BN_free(bn_p3); BN_free(bn_p2); @@ -250,18 +250,18 @@ static int test_check_private_exponent(void) goto end; } /* fails since d >= lcm(p-1, q-1) */ - ret = TEST_false(rsa_check_private_exponent(key, 8, ctx)) + ret = TEST_false(ossl_rsa_check_private_exponent(key, 8, ctx)) && TEST_true(BN_set_word(d, 45)) /* d is correct size and 1 = e.d mod lcm(p-1, q-1) */ - && TEST_true(rsa_check_private_exponent(key, 8, ctx)) + && TEST_true(ossl_rsa_check_private_exponent(key, 8, ctx)) /* d is too small compared to nbits */ - && TEST_false(rsa_check_private_exponent(key, 16, ctx)) + && TEST_false(ossl_rsa_check_private_exponent(key, 16, ctx)) /* d is too small compared to nbits */ && TEST_true(BN_set_word(d, 16)) - && TEST_false(rsa_check_private_exponent(key, 8, ctx)) + && TEST_false(ossl_rsa_check_private_exponent(key, 8, ctx)) /* fail if 1 != e.d mod lcm(p-1, q-1) */ && TEST_true(BN_set_word(d, 46)) - && TEST_false(rsa_check_private_exponent(key, 8, ctx)); + && TEST_false(ossl_rsa_check_private_exponent(key, 8, ctx)); end: RSA_free(key); BN_CTX_free(ctx); @@ -297,44 +297,44 @@ static int test_check_crt_components(void) BN_free(q); goto end; } - ret = TEST_true(rsa_sp800_56b_derive_params_from_pq(key, 8, e, ctx)) + ret = TEST_true(ossl_rsa_sp800_56b_derive_params_from_pq(key, 8, e, ctx)) && TEST_BN_eq_word(key->n, N) && TEST_BN_eq_word(key->dmp1, DP) && TEST_BN_eq_word(key->dmq1, DQ) && TEST_BN_eq_word(key->iqmp, QINV) - && TEST_true(rsa_check_crt_components(key, ctx)) + && TEST_true(ossl_rsa_check_crt_components(key, ctx)) /* (a) 1 < dP < (p – 1). */ && TEST_true(BN_set_word(key->dmp1, 1)) - && TEST_false(rsa_check_crt_components(key, ctx)) + && TEST_false(ossl_rsa_check_crt_components(key, ctx)) && TEST_true(BN_set_word(key->dmp1, P-1)) - && TEST_false(rsa_check_crt_components(key, ctx)) + && TEST_false(ossl_rsa_check_crt_components(key, ctx)) && TEST_true(BN_set_word(key->dmp1, DP)) /* (b) 1 < dQ < (q - 1). */ && TEST_true(BN_set_word(key->dmq1, 1)) - && TEST_false(rsa_check_crt_components(key, ctx)) + && TEST_false(ossl_rsa_check_crt_components(key, ctx)) && TEST_true(BN_set_word(key->dmq1, Q-1)) - && TEST_false(rsa_check_crt_components(key, ctx)) + && TEST_false(ossl_rsa_check_crt_components(key, ctx)) && TEST_true(BN_set_word(key->dmq1, DQ)) /* (c) 1 < qInv < p */ && TEST_true(BN_set_word(key->iqmp, 1)) - && TEST_false(rsa_check_crt_components(key, ctx)) + && TEST_false(ossl_rsa_check_crt_components(key, ctx)) && TEST_true(BN_set_word(key->iqmp, P)) - && TEST_false(rsa_check_crt_components(key, ctx)) + && TEST_false(ossl_rsa_check_crt_components(key, ctx)) && TEST_true(BN_set_word(key->iqmp, QINV)) /* (d) 1 = (dP . e) mod (p - 1)*/ && TEST_true(BN_set_word(key->dmp1, DP+1)) - && TEST_false(rsa_check_crt_components(key, ctx)) + && TEST_false(ossl_rsa_check_crt_components(key, ctx)) && TEST_true(BN_set_word(key->dmp1, DP)) /* (e) 1 = (dQ . e) mod (q - 1) */ && TEST_true(BN_set_word(key->dmq1, DQ-1)) - && TEST_false(rsa_check_crt_components(key, ctx)) + && TEST_false(ossl_rsa_check_crt_components(key, ctx)) && TEST_true(BN_set_word(key->dmq1, DQ)) /* (f) 1 = (qInv . q) mod p */ && TEST_true(BN_set_word(key->iqmp, QINV+1)) - && TEST_false(rsa_check_crt_components(key, ctx)) + && TEST_false(ossl_rsa_check_crt_components(key, ctx)) && TEST_true(BN_set_word(key->iqmp, QINV)) /* check defaults are still valid */ - && TEST_true(rsa_check_crt_components(key, ctx)); + && TEST_true(ossl_rsa_check_crt_components(key, ctx)); end: BN_free(e); RSA_free(key); @@ -353,13 +353,13 @@ static int test_pq_diff(void) /* |1-(2+1)| > 2^1 */ && TEST_true(BN_set_word(p, 1)) && TEST_true(BN_set_word(q, 1+2)) - && TEST_false(rsa_check_pminusq_diff(tmp, p, q, 202)) + && TEST_false(ossl_rsa_check_pminusq_diff(tmp, p, q, 202)) /* Check |p - q| > 2^(nbits/2 - 100) */ && TEST_true(BN_set_word(q, 1+3)) - && TEST_true(rsa_check_pminusq_diff(tmp, p, q, 202)) + && TEST_true(ossl_rsa_check_pminusq_diff(tmp, p, q, 202)) && TEST_true(BN_set_word(p, 1+3)) && TEST_true(BN_set_word(q, 1)) - && TEST_true(rsa_check_pminusq_diff(tmp, p, q, 202)); + && TEST_true(ossl_rsa_check_pminusq_diff(tmp, p, q, 202)); BN_free(p); BN_free(q); BN_free(tmp); @@ -376,7 +376,7 @@ static int test_invalid_keypair(void) ret = TEST_ptr(key = RSA_new()) && TEST_ptr(ctx = BN_CTX_new()) /* NULL parameters */ - && TEST_false(rsa_sp800_56b_check_keypair(key, NULL, -1, 2048)) + && TEST_false(ossl_rsa_sp800_56b_check_keypair(key, NULL, -1, 2048)) /* load key */ && TEST_ptr(p = bn_load_new(cav_p, sizeof(cav_p))) && TEST_ptr(q = bn_load_new(cav_q, sizeof(cav_q))) @@ -398,36 +398,35 @@ static int test_invalid_keypair(void) goto end; } /* bad strength/key size */ - ret = TEST_false(rsa_sp800_56b_check_keypair(key, NULL, 100, 2048)) - && TEST_false(rsa_sp800_56b_check_keypair(key, NULL, 112, 1024)) - && TEST_false(rsa_sp800_56b_check_keypair(key, NULL, 128, 2048)) - && TEST_false(rsa_sp800_56b_check_keypair(key, NULL, 140, 3072)) + ret = TEST_false(ossl_rsa_sp800_56b_check_keypair(key, NULL, 100, 2048)) + && TEST_false(ossl_rsa_sp800_56b_check_keypair(key, NULL, 112, 1024)) + && TEST_false(ossl_rsa_sp800_56b_check_keypair(key, NULL, 128, 2048)) + && TEST_false(ossl_rsa_sp800_56b_check_keypair(key, NULL, 140, 3072)) /* mismatching exponent */ - && TEST_false(rsa_sp800_56b_check_keypair(key, BN_value_one(), -1, - 2048)) + && TEST_false(ossl_rsa_sp800_56b_check_keypair(key, BN_value_one(), + -1, 2048)) /* bad exponent */ && TEST_true(BN_add_word(e, 1)) - && TEST_false(rsa_sp800_56b_check_keypair(key, NULL, -1, - 2048)) + && TEST_false(ossl_rsa_sp800_56b_check_keypair(key, NULL, -1, 2048)) && TEST_true(BN_sub_word(e, 1)) /* mismatch between bits and modulus */ - && TEST_false(rsa_sp800_56b_check_keypair(key, NULL, -1, 3072)) - && TEST_true(rsa_sp800_56b_check_keypair(key, e, 112, 2048)) + && TEST_false(ossl_rsa_sp800_56b_check_keypair(key, NULL, -1, 3072)) + && TEST_true(ossl_rsa_sp800_56b_check_keypair(key, e, 112, 2048)) /* check n == pq failure */ && TEST_true(BN_add_word(n, 1)) - && TEST_false(rsa_sp800_56b_check_keypair(key, NULL, -1, 2048)) + && TEST_false(ossl_rsa_sp800_56b_check_keypair(key, NULL, -1, 2048)) && TEST_true(BN_sub_word(n, 1)) /* check p */ && TEST_true(BN_sub_word(p, 2)) && TEST_true(BN_mul(n, p, q, ctx)) - && TEST_false(rsa_sp800_56b_check_keypair(key, NULL, -1, 2048)) + && TEST_false(ossl_rsa_sp800_56b_check_keypair(key, NULL, -1, 2048)) && TEST_true(BN_add_word(p, 2)) && TEST_true(BN_mul(n, p, q, ctx)) /* check q */ && TEST_true(BN_sub_word(q, 2)) && TEST_true(BN_mul(n, p, q, ctx)) - && TEST_false(rsa_sp800_56b_check_keypair(key, NULL, -1, 2048)) + && TEST_false(ossl_rsa_sp800_56b_check_keypair(key, NULL, -1, 2048)) && TEST_true(BN_add_word(q, 2)) && TEST_true(BN_mul(n, p, q, ctx)); end: @@ -448,10 +447,10 @@ static int test_sp80056b_keygen(int id) int sz = keygen_size[id]; ret = TEST_ptr(key = RSA_new()) - && TEST_true(rsa_sp800_56b_generate_key(key, sz, NULL, NULL)) - && TEST_true(rsa_sp800_56b_check_public(key)) - && TEST_true(rsa_sp800_56b_check_private(key)) - && TEST_true(rsa_sp800_56b_check_keypair(key, NULL, -1, sz)); + && TEST_true(ossl_rsa_sp800_56b_generate_key(key, sz, NULL, NULL)) + && TEST_true(ossl_rsa_sp800_56b_check_public(key)) + && TEST_true(ossl_rsa_sp800_56b_check_private(key)) + && TEST_true(ossl_rsa_sp800_56b_check_keypair(key, NULL, -1, sz)); RSA_free(key); return ret; @@ -465,7 +464,7 @@ static int test_check_private_key(void) ret = TEST_ptr(key = RSA_new()) /* check NULL pointers fail */ - && TEST_false(rsa_sp800_56b_check_private(key)) + && TEST_false(ossl_rsa_sp800_56b_check_private(key)) /* load private key */ && TEST_ptr(n = bn_load_new(cav_n, sizeof(cav_n))) && TEST_ptr(d = bn_load_new(cav_d, sizeof(cav_d))) @@ -478,13 +477,13 @@ static int test_check_private_key(void) goto end; } /* check d is in range */ - ret = TEST_true(rsa_sp800_56b_check_private(key)) + ret = TEST_true(ossl_rsa_sp800_56b_check_private(key)) /* check d is too low */ && TEST_true(BN_set_word(d, 0)) - && TEST_false(rsa_sp800_56b_check_private(key)) + && TEST_false(ossl_rsa_sp800_56b_check_private(key)) /* check d is too high */ && TEST_ptr(BN_copy(d, n)) - && TEST_false(rsa_sp800_56b_check_private(key)); + && TEST_false(ossl_rsa_sp800_56b_check_private(key)); end: RSA_free(key); return ret; @@ -498,7 +497,7 @@ static int test_check_public_key(void) ret = TEST_ptr(key = RSA_new()) /* check NULL pointers fail */ - && TEST_false(rsa_sp800_56b_check_public(key)) + && TEST_false(ossl_rsa_sp800_56b_check_public(key)) /* load public key */ && TEST_ptr(e = bn_load_new(cav_e, sizeof(cav_e))) && TEST_ptr(n = bn_load_new(cav_n, sizeof(cav_n))) @@ -509,22 +508,22 @@ static int test_check_public_key(void) goto end; } /* check public key is valid */ - ret = TEST_true(rsa_sp800_56b_check_public(key)) + ret = TEST_true(ossl_rsa_sp800_56b_check_public(key)) /* check fail if n is even */ && TEST_true(BN_add_word(n, 1)) - && TEST_false(rsa_sp800_56b_check_public(key)) + && TEST_false(ossl_rsa_sp800_56b_check_public(key)) && TEST_true(BN_sub_word(n, 1)) /* check fail if n is wrong number of bits */ && TEST_true(BN_lshift1(n, n)) - && TEST_false(rsa_sp800_56b_check_public(key)) + && TEST_false(ossl_rsa_sp800_56b_check_public(key)) && TEST_true(BN_rshift1(n, n)) /* test odd exponent fails */ && TEST_true(BN_add_word(e, 1)) - && TEST_false(rsa_sp800_56b_check_public(key)) + && TEST_false(ossl_rsa_sp800_56b_check_public(key)) && TEST_true(BN_sub_word(e, 1)) /* modulus fails composite check */ && TEST_true(BN_add_word(n, 2)) - && TEST_false(rsa_sp800_56b_check_public(key)); + && TEST_false(ossl_rsa_sp800_56b_check_public(key)); end: RSA_free(key); return ret; -- 2.34.1