mirrors/openssl
0
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-11-28 12:35:22 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix external symbols related to dsa keys

Browse Source 
Partial fix for #12964

This adds ossl_ names for the following symbols:

dsa_check_pairwise, dsa_check_params, dsa_check_priv_key, dsa_check_pub_key, dsa_check_pub_key_partial,
dsa_do_sign_int, dsa_ffc_params_fromdata,
dsa_generate_ffc_parameters, dsa_generate_public_key,
dsa_get0_params, dsa_key_fromdata, dsa_new_with_ctx, dsa_pkey_method, dsa_sign_int

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14231)
This commit is contained in:
Shane Lontis 2021-02-18 16:30:37 +10:00
parent 19dbb742cd
commit 5af02212a5
16 changed files with 69 additions and 69 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
crypto/dsa/dsa_ameth.c
View File

@ -539,15 +539,15 @@ static int dsa_pkey_import_from(const OSSL_PARAM params[], void *vpctx)
{
EVP_PKEY_CTX *pctx = vpctx;
EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(pctx);
DSA *dsa = dsa_new_with_ctx(pctx->libctx);
DSA *dsa = ossl_dsa_new(pctx->libctx);
if (dsa == NULL) {
ERR_raise(ERR_LIB_DSA, ERR_R_MALLOC_FAILURE);
return 0;
}
if (!dsa_ffc_params_fromdata(dsa, params)
|| !dsa_key_fromdata(dsa, params)
if (!ossl_dsa_ffc_params_fromdata(dsa, params)
|| !ossl_dsa_key_fromdata(dsa, params)
|| !EVP_PKEY_assign_DSA(pkey, dsa)) {
DSA_free(dsa);
return 0;

2
crypto/dsa/dsa_backend.c
View File

@ -22,7 +22,7 @@
* implementations alike.
*/
int dsa_key_fromdata(DSA *dsa, const OSSL_PARAM params[])
int ossl_dsa_key_fromdata(DSA *dsa, const OSSL_PARAM params[])
{
const OSSL_PARAM *param_priv_key, *param_pub_key;
BIGNUM *priv_key = NULL, *pub_key = NULL;

12
crypto/dsa/dsa_check.c
View File

@ -19,7 +19,7 @@
#include "dsa_local.h"
#include "crypto/dsa.h"
int dsa_check_params(const DSA *dsa, int checktype, int *ret)
int ossl_dsa_check_params(const DSA *dsa, int checktype, int *ret)
{
if (checktype == OSSL_KEYMGMT_VALIDATE_QUICK_CHECK)
return ossl_ffc_params_simple_validate(dsa->libctx, &dsa->params,
@ -37,7 +37,7 @@ int dsa_check_params(const DSA *dsa, int checktype, int *ret)
/*
* See SP800-56Ar3 Section 5.6.2.3.1 : FFC Full public key validation.
*/
int dsa_check_pub_key(const DSA *dsa, const BIGNUM *pub_key, int *ret)
int ossl_dsa_check_pub_key(const DSA *dsa, const BIGNUM *pub_key, int *ret)
{
return ossl_ffc_validate_public_key(&dsa->params, pub_key, ret);
}
@ -47,12 +47,12 @@ int dsa_check_pub_key(const DSA *dsa, const BIGNUM *pub_key, int *ret)
* To only be used with ephemeral FFC public keys generated using the approved
* safe-prime groups.
*/
int dsa_check_pub_key_partial(const DSA *dsa, const BIGNUM *pub_key, int *ret)
int ossl_dsa_check_pub_key_partial(const DSA *dsa, const BIGNUM *pub_key, int *ret)
{
return ossl_ffc_validate_public_key_partial(&dsa->params, pub_key, ret);
}
int dsa_check_priv_key(const DSA *dsa, const BIGNUM *priv_key, int *ret)
int ossl_dsa_check_priv_key(const DSA *dsa, const BIGNUM *priv_key, int *ret)
{
*ret = 0;
@ -64,7 +64,7 @@ int dsa_check_priv_key(const DSA *dsa, const BIGNUM *priv_key, int *ret)
* FFC pairwise check from SP800-56A R3.
* Section 5.6.2.1.4 Owner Assurance of Pair-wise Consistency
*/
int dsa_check_pairwise(const DSA *dsa)
int ossl_dsa_check_pairwise(const DSA *dsa)
{
int ret = 0;
BN_CTX *ctx = NULL;
@ -84,7 +84,7 @@ int dsa_check_pairwise(const DSA *dsa)
goto err;
/* recalculate the public key = (g ^ priv) mod p */
if (!dsa_generate_public_key(ctx, dsa, dsa->priv_key, pub_key))
if (!ossl_dsa_generate_public_key(ctx, dsa, dsa->priv_key, pub_key))
goto err;
/* check it matches the existing pubic_key */
ret = BN_cmp(pub_key, dsa->pub_key) == 0;

6
crypto/dsa/dsa_gen.c
View File

@ -23,7 +23,7 @@
#include "crypto/dsa.h"
#include "dsa_local.h"
int dsa_generate_ffc_parameters(DSA *dsa, int type, int pbits, int qbits,
int ossl_dsa_generate_ffc_parameters(DSA *dsa, int type, int pbits, int qbits,
BN_GENCB *cb)
{
int ret = 0, res;
@ -59,11 +59,11 @@ int DSA_generate_parameters_ex(DSA *dsa, int bits,
/* The old code used FIPS 186-2 DSA Parameter generation */
if (bits <= 1024 && seed_len == 20) {
if (!dsa_generate_ffc_parameters(dsa, DSA_PARAMGEN_TYPE_FIPS_186_2,
if (!ossl_dsa_generate_ffc_parameters(dsa, DSA_PARAMGEN_TYPE_FIPS_186_2,
bits, 160, cb))
return 0;
} else {
if (!dsa_generate_ffc_parameters(dsa, DSA_PARAMGEN_TYPE_FIPS_186_4,
if (!ossl_dsa_generate_ffc_parameters(dsa, DSA_PARAMGEN_TYPE_FIPS_186_4,
bits, 0, cb))
return 0;
}

6
crypto/dsa/dsa_key.c
View File

@ -40,8 +40,8 @@ int DSA_generate_key(DSA *dsa)
return dsa_keygen(dsa, 0);
}
int dsa_generate_public_key(BN_CTX *ctx, const DSA *dsa, const BIGNUM *priv_key,
BIGNUM *pub_key)
int ossl_dsa_generate_public_key(BN_CTX *ctx, const DSA *dsa,
const BIGNUM *priv_key, BIGNUM *pub_key)
{
int ret = 0;
BIGNUM *prk = BN_new();
@ -97,7 +97,7 @@ static int dsa_keygen(DSA *dsa, int pairwise_test)
pub_key = dsa->pub_key;
}
if (!dsa_generate_public_key(ctx, dsa, priv_key, pub_key))
if (!ossl_dsa_generate_public_key(ctx, dsa, priv_key, pub_key))
goto err;
dsa->priv_key = priv_key;

8
crypto/dsa/dsa_lib.c
View File

@ -190,7 +190,7 @@ DSA *DSA_new_method(ENGINE *engine)
return dsa_new_intern(engine, NULL);
}
DSA *dsa_new_with_ctx(OSSL_LIB_CTX *libctx)
DSA *ossl_dsa_new(OSSL_LIB_CTX *libctx)
{
return dsa_new_intern(NULL, libctx);
}
@ -336,19 +336,19 @@ int DSA_bits(const DSA *dsa)
return -1;
}
FFC_PARAMS *dsa_get0_params(DSA *dsa)
FFC_PARAMS *ossl_dsa_get0_params(DSA *dsa)
{
return &dsa->params;
}
int dsa_ffc_params_fromdata(DSA *dsa, const OSSL_PARAM params[])
int ossl_dsa_ffc_params_fromdata(DSA *dsa, const OSSL_PARAM params[])
{
int ret;
FFC_PARAMS *ffc;
if (dsa == NULL)
return 0;
ffc = dsa_get0_params(dsa);
ffc = ossl_dsa_get0_params(dsa);
if (ffc == NULL)
return 0;

2
crypto/dsa/dsa_local.h
View File

@ -69,4 +69,4 @@ struct dsa_method {
int (*dsa_keygen) (DSA *dsa);
};
DSA_SIG *dsa_do_sign_int(const unsigned char *dgst, int dlen, DSA *dsa);
DSA_SIG *ossl_dsa_do_sign_int(const unsigned char *dgst, int dlen, DSA *dsa);

4
crypto/dsa/dsa_ossl.c
View File

@ -67,7 +67,7 @@ const DSA_METHOD *DSA_OpenSSL(void)
return &openssl_dsa_meth;
}
DSA_SIG *dsa_do_sign_int(const unsigned char *dgst, int dlen, DSA *dsa)
DSA_SIG *ossl_dsa_do_sign_int(const unsigned char *dgst, int dlen, DSA *dsa)
{
BIGNUM *kinv = NULL;
BIGNUM *m, *blind, *blindm, *tmp;
@ -185,7 +185,7 @@ DSA_SIG *dsa_do_sign_int(const unsigned char *dgst, int dlen, DSA *dsa)
static DSA_SIG *dsa_do_sign(const unsigned char *dgst, int dlen, DSA *dsa)
{
return dsa_do_sign_int(dgst, dlen, dsa);
return ossl_dsa_do_sign_int(dgst, dlen, dsa);
}
static int dsa_sign_setup_no_digest(DSA *dsa, BN_CTX *ctx_in,

2
crypto/dsa/dsa_pmeth.c
View File

@ -281,7 +281,7 @@ static const EVP_PKEY_METHOD dsa_pkey_meth = {
pkey_dsa_ctrl_str
};
const EVP_PKEY_METHOD *dsa_pkey_method(void)
const EVP_PKEY_METHOD *ossl_dsa_pkey_method(void)
{
return &dsa_pkey_meth;
}

9
crypto/dsa/dsa_sign.c
View File

@ -150,8 +150,8 @@ int DSA_SIG_set0(DSA_SIG *sig, BIGNUM *r, BIGNUM *s)
return 1;
}
int dsa_sign_int(int type, const unsigned char *dgst,
int dlen, unsigned char *sig, unsigned int *siglen, DSA *dsa)
int ossl_dsa_sign_int(int type, const unsigned char *dgst, int dlen,
unsigned char *sig, unsigned int *siglen, DSA *dsa)
{
DSA_SIG *s;
@ -159,7 +159,7 @@ int dsa_sign_int(int type, const unsigned char *dgst,
if (dsa->libctx == NULL || dsa->meth != DSA_get_default_method())
s = DSA_do_sign(dgst, dlen, dsa);
else
s = dsa_do_sign_int(dgst, dlen, dsa);
s = ossl_dsa_do_sign_int(dgst, dlen, dsa);
if (s == NULL) {
*siglen = 0;
return 0;
@ -172,7 +172,7 @@ int dsa_sign_int(int type, const unsigned char *dgst,
int DSA_sign(int type, const unsigned char *dgst, int dlen,
unsigned char *sig, unsigned int *siglen, DSA *dsa)
{
return dsa_sign_int(type, dgst, dlen, sig, siglen, dsa);
return ossl_dsa_sign_int(type, dgst, dlen, sig, siglen, dsa);
}
/* data has already been hashed (probably with SHA or SHA-1). */
@ -206,4 +206,3 @@ int DSA_verify(int type, const unsigned char *dgst, int dgst_len,
DSA_SIG_free(s);
return ret;
}

2
crypto/evp/pmeth_lib.c
View File

@ -54,7 +54,7 @@ static pmeth_fn standard_methods[] = {
ossl_dh_pkey_method,
# endif
# ifndef OPENSSL_NO_DSA
dsa_pkey_method,
ossl_dsa_pkey_method,
# endif
# ifndef OPENSSL_NO_EC
ec_pkey_method,

29
include/crypto/dsa.h
View File

@ -18,25 +18,26 @@
#define DSA_PARAMGEN_TYPE_FIPS_186_4 0 /* Use FIPS186-4 standard */
#define DSA_PARAMGEN_TYPE_FIPS_186_2 1 /* Use legacy FIPS186-2 standard */
DSA *dsa_new_with_ctx(OSSL_LIB_CTX *libctx);
DSA *ossl_dsa_new(OSSL_LIB_CTX *libctx);
void ossl_dsa_set0_libctx(DSA *d, OSSL_LIB_CTX *libctx);
int dsa_generate_ffc_parameters(DSA *dsa, int type, int pbits, int qbits,
int ossl_dsa_generate_ffc_parameters(DSA *dsa, int type, int pbits, int qbits,
BN_GENCB *cb);
int dsa_sign_int(int type, const unsigned char *dgst,
int dlen, unsigned char *sig, unsigned int *siglen, DSA *dsa);
int ossl_dsa_sign_int(int type, const unsigned char *dgst, int dlen,
unsigned char *sig, unsigned int *siglen, DSA *dsa);
FFC_PARAMS *dsa_get0_params(DSA *dsa);
int dsa_ffc_params_fromdata(DSA *dsa, const OSSL_PARAM params[]);
int dsa_key_fromdata(DSA *dsa, const OSSL_PARAM params[]);
FFC_PARAMS *ossl_dsa_get0_params(DSA *dsa);
int ossl_dsa_ffc_params_fromdata(DSA *dsa, const OSSL_PARAM params[]);
int ossl_dsa_key_fromdata(DSA *dsa, const OSSL_PARAM params[]);
int dsa_generate_public_key(BN_CTX *ctx, const DSA *dsa, const BIGNUM *priv_key,
BIGNUM *pub_key);
int dsa_check_params(const DSA *dsa, int checktype, int *ret);
int dsa_check_pub_key(const DSA *dsa, const BIGNUM *pub_key, int *ret);
int dsa_check_pub_key_partial(const DSA *dsa, const BIGNUM *pub_key, int *ret);
int dsa_check_priv_key(const DSA *dsa, const BIGNUM *priv_key, int *ret);
int dsa_check_pairwise(const DSA *dsa);
int ossl_dsa_generate_public_key(BN_CTX *ctx, const DSA *dsa,
const BIGNUM *priv_key, BIGNUM *pub_key);
int ossl_dsa_check_params(const DSA *dsa, int checktype, int *ret);
int ossl_dsa_check_pub_key(const DSA *dsa, const BIGNUM *pub_key, int *ret);
int ossl_dsa_check_pub_key_partial(const DSA *dsa, const BIGNUM *pub_key,
int *ret);
int ossl_dsa_check_priv_key(const DSA *dsa, const BIGNUM *priv_key, int *ret);
int ossl_dsa_check_pairwise(const DSA *dsa);
#endif

2
include/crypto/evp.h
View File

@ -181,7 +181,7 @@ void evp_pkey_set_cb_translate(BN_GENCB *cb, EVP_PKEY_CTX *ctx);
const EVP_PKEY_METHOD *ossl_dh_pkey_method(void);
const EVP_PKEY_METHOD *ossl_dhx_pkey_method(void);
const EVP_PKEY_METHOD *dsa_pkey_method(void);
const EVP_PKEY_METHOD *ossl_dsa_pkey_method(void);
const EVP_PKEY_METHOD *ec_pkey_method(void);
const EVP_PKEY_METHOD *ecx25519_pkey_method(void);
const EVP_PKEY_METHOD *ecx448_pkey_method(void);

4
providers/implementations/encode_decode/encode_key2text.c
View File

@ -24,7 +24,7 @@
#include "internal/ffc.h"
#include "crypto/bn.h" /* bn_get_words() */
#include "crypto/dh.h" /* ossl_dh_get0_params() */
#include "crypto/dsa.h" /* dsa_get0_params() */
#include "crypto/dsa.h" /* ossl_dsa_get0_params() */
#include "crypto/ec.h" /* ec_key_get_libctx */
#include "crypto/ecx.h" /* ECX_KEY, etc... */
#include "crypto/rsa.h" /* RSA_PSS_PARAMS_30, etc... */
@ -315,7 +315,7 @@ static int dsa_to_text(BIO *out, const void *key, int selection)
}
}
if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0) {
params = dsa_get0_params((DSA *)dsa);
params = ossl_dsa_get0_params((DSA *)dsa);
if (params == NULL) {
ERR_raise(ERR_LIB_PROV, PROV_R_NOT_PARAMETERS);
return 0;

30
providers/implementations/keymgmt/dsa_kmgmt.c
View File

@ -117,7 +117,7 @@ static void *dsa_newdata(void *provctx)
{
if (!ossl_prov_is_running())
return NULL;
return dsa_new_with_ctx(PROV_LIBCTX_OF(provctx));
return ossl_dsa_new(PROV_LIBCTX_OF(provctx));
}
static void dsa_freedata(void *keydata)
@ -160,8 +160,8 @@ static int dsa_match(const void *keydata1, const void *keydata2, int selection)
ok = ok
&& BN_cmp(DSA_get0_priv_key(dsa1), DSA_get0_priv_key(dsa2)) == 0;
if ((selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0) {
FFC_PARAMS *dsaparams1 = dsa_get0_params((DSA *)dsa1);
FFC_PARAMS *dsaparams2 = dsa_get0_params((DSA *)dsa2);
FFC_PARAMS *dsaparams1 = ossl_dsa_get0_params((DSA *)dsa1);
FFC_PARAMS *dsaparams2 = ossl_dsa_get0_params((DSA *)dsa2);
ok = ok && ossl_ffc_params_cmp(dsaparams1, dsaparams2, 1);
}
@ -180,9 +180,9 @@ static int dsa_import(void *keydata, int selection, const OSSL_PARAM params[])
return 0;
if ((selection & OSSL_KEYMGMT_SELECT_ALL_PARAMETERS) != 0)
ok = ok && dsa_ffc_params_fromdata(dsa, params);
ok = ok && ossl_dsa_ffc_params_fromdata(dsa, params);
if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0)
ok = ok && dsa_key_fromdata(dsa, params);
ok = ok && ossl_dsa_key_fromdata(dsa, params);
return ok;
}
@ -199,7 +199,7 @@ static int dsa_export(void *keydata, int selection, OSSL_CALLBACK *param_cb,
goto err;
if ((selection & OSSL_KEYMGMT_SELECT_ALL_PARAMETERS) != 0)
ok = ok && ossl_ffc_params_todata(dsa_get0_params(dsa), tmpl, NULL);
ok = ok && ossl_ffc_params_todata(ossl_dsa_get0_params(dsa), tmpl, NULL);
if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR) != 0)
ok = ok && dsa_key_todata(dsa, tmpl, NULL);
@ -289,7 +289,7 @@ static ossl_inline int dsa_get_params(void *key, OSSL_PARAM params[])
if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_DEFAULT_DIGEST)) != NULL
&& !OSSL_PARAM_set_utf8_string(p, DSA_DEFAULT_MD))
return 0;
return ossl_ffc_params_todata(dsa_get0_params(dsa), NULL, params)
return ossl_ffc_params_todata(ossl_dsa_get0_params(dsa), NULL, params)
&& dsa_key_todata(dsa, NULL, params);
}
@ -313,7 +313,7 @@ static int dsa_validate_domparams(const DSA *dsa, int checktype)
{
int status = 0;
return dsa_check_params(dsa, checktype, &status);
return ossl_dsa_check_params(dsa, checktype, &status);
}
static int dsa_validate_public(const DSA *dsa)
@ -324,7 +324,7 @@ static int dsa_validate_public(const DSA *dsa)
DSA_get0_key(dsa, &pub_key, NULL);
if (pub_key == NULL)
return 0;
return dsa_check_pub_key(dsa, pub_key, &status);
return ossl_dsa_check_pub_key(dsa, pub_key, &status);
}
static int dsa_validate_private(const DSA *dsa)
@ -335,7 +335,7 @@ static int dsa_validate_private(const DSA *dsa)
DSA_get0_key(dsa, NULL, &priv_key);
if (priv_key == NULL)
return 0;
return dsa_check_priv_key(dsa, priv_key, &status);
return ossl_dsa_check_priv_key(dsa, priv_key, &status);
}
static int dsa_validate(const void *keydata, int selection, int checktype)
@ -361,7 +361,7 @@ static int dsa_validate(const void *keydata, int selection, int checktype)
/* If the whole key is selected, we do a pairwise validation */
if ((selection & OSSL_KEYMGMT_SELECT_KEYPAIR)
== OSSL_KEYMGMT_SELECT_KEYPAIR)
ok = ok && dsa_check_pairwise(dsa);
ok = ok && ossl_dsa_check_pairwise(dsa);
return ok;
}
@ -397,7 +397,7 @@ static int dsa_gen_set_template(void *genctx, void *templ)
if (!ossl_prov_is_running() || gctx == NULL || dsa == NULL)
return 0;
gctx->ffc_params = dsa_get0_params(dsa);
gctx->ffc_params = ossl_dsa_get0_params(dsa);
return 1;
}
@ -514,7 +514,7 @@ static void *dsa_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg)
if (!ossl_prov_is_running() || gctx == NULL)
return NULL;
dsa = dsa_new_with_ctx(gctx->libctx);
dsa = ossl_dsa_new(gctx->libctx);
if (dsa == NULL)
return NULL;
@ -524,7 +524,7 @@ static void *dsa_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg)
if (gencb != NULL)
BN_GENCB_set(gencb, dsa_gencb, genctx);
ffc = dsa_get0_params(dsa);
ffc = ossl_dsa_get0_params(dsa);
/* Copy the template value if one was passed */
if (gctx->ffc_params != NULL
&& !ossl_ffc_params_copy(ffc, gctx->ffc_params))
@ -546,7 +546,7 @@ static void *dsa_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg)
}
if ((gctx->selection & OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS) != 0) {
if (dsa_generate_ffc_parameters(dsa, gctx->gen_type,
if (ossl_dsa_generate_ffc_parameters(dsa, gctx->gen_type,
gctx->pbits, gctx->qbits,
gencb) <= 0)
goto end;

2
providers/implementations/signature/dsa.c
View File

@ -223,7 +223,7 @@ static int dsa_sign(void *vpdsactx, unsigned char *sig, size_t *siglen,
if (mdsize != 0 && tbslen != mdsize)
return 0;
ret = dsa_sign_int(0, tbs, tbslen, sig, &sltmp, pdsactx->dsa);
ret = ossl_dsa_sign_int(0, tbs, tbslen, sig, &sltmp, pdsactx->dsa);
if (ret <= 0)
return 0;