Make internal header file names consistent

Libcrypto currently has a mess of *_lcl.h, *_locl.h, and *_local.h names used for internal headers. Move all these headers we inherited from OpenSSL to *_local.h, reserving the name *_internal.h for our own code. Similarly, move dtls_locl.h and ssl_locl.h to dtls_local and ssl_local.h. constant_time_locl.h is moved to constant_time.h since it's special. Adjust all .c files in libcrypto, libssl and regress. The diff is mechanical with the exception of tls13_quic.c, where #include <ssl_locl.h> was fixed manually. discussed with jsing, no objection bcook
author: tb <> 2022-11-26 16:08:57 +0000
committer: tb <> 2022-11-26 16:08:57 +0000
commit: d0a21970fdc0fbbfc7ad31bc135f5a8fde1d3d49 (patch)
tree: 556ebf909e81599dc3d8da585217d1576eabe0e4 /src/lib/libcrypto/rsa/rsa_local.h
parent: bcbac728558eebfaa4404c405e7dc22769585345 (diff)
download: openbsd-d0a21970fdc0fbbfc7ad31bc135f5a8fde1d3d49.tar.gz
openbsd-d0a21970fdc0fbbfc7ad31bc135f5a8fde1d3d49.tar.bz2
openbsd-d0a21970fdc0fbbfc7ad31bc135f5a8fde1d3d49.zip
1 files changed, 94 insertions, 0 deletions
diff --git a/src/lib/libcrypto/rsa/rsa_local.h b/src/lib/libcrypto/rsa/rsa_local.h
new file mode 100644
index 0000000000..b438ab4eec
--- /dev/null
+++ b/src/lib/libcrypto/rsa/rsa_local.h
@@ -0,0 +1,94 @@
+/* $OpenBSD: rsa_local.h,v 1.1 2022/11/26 16:08:54 tb Exp $ */
+__BEGIN_HIDDEN_DECLS
+#define RSA_MIN_MODULUS_BITS    512
+/* Macros to test if a pkey or ctx is for a PSS key */
+#define pkey_is_pss(pkey) (pkey->ameth->pkey_id == EVP_PKEY_RSA_PSS)
+#define pkey_ctx_is_pss(ctx) (ctx->pmeth->pkey_id == EVP_PKEY_RSA_PSS)
+struct rsa_meth_st {
+        char *name;
+        int (*rsa_pub_enc)(int flen, const unsigned char *from,
+            unsigned char *to, RSA *rsa, int padding);
+        int (*rsa_pub_dec)(int flen, const unsigned char *from,
+            unsigned char *to, RSA *rsa, int padding);
+        int (*rsa_priv_enc)(int flen, const unsigned char *from,
+            unsigned char *to, RSA *rsa, int padding);
+        int (*rsa_priv_dec)(int flen, const unsigned char *from,
+            unsigned char *to, RSA *rsa, int padding);
+        int (*rsa_mod_exp)(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
+            BN_CTX *ctx); /* Can be null */
+        int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
+            const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); /* Can be null */
+        int (*init)(RSA *rsa);          /* called at new */
+        int (*finish)(RSA *rsa);        /* called at free */
+        int flags;                      /* RSA_METHOD_FLAG_* things */
+        char *app_data;                 /* may be needed! */
+/* New sign and verify functions: some libraries don't allow arbitrary data
+ * to be signed/verified: this allows them to be used. Note: for this to work
+ * the RSA_public_decrypt() and RSA_private_encrypt() should *NOT* be used
+ * RSA_sign(), RSA_verify() should be used instead. Note: for backwards
+ * compatibility this functionality is only enabled if the RSA_FLAG_SIGN_VER
+ * option is set in 'flags'.
+ */
+        int (*rsa_sign)(int type, const unsigned char *m, unsigned int m_length,
+            unsigned char *sigret, unsigned int *siglen, const RSA *rsa);
+        int (*rsa_verify)(int dtype, const unsigned char *m,
+            unsigned int m_length, const unsigned char *sigbuf,
+            unsigned int siglen, const RSA *rsa);
+/* If this callback is NULL, the builtin software RSA key-gen will be used. This
+ * is for behavioural compatibility whilst the code gets rewired, but one day
+ * it would be nice to assume there are no such things as "builtin software"
+ * implementations. */
+        int (*rsa_keygen)(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
+};
+struct rsa_st {
+        /* The first parameter is used to pickup errors where
+         * this is passed instead of aEVP_PKEY, it is set to 0 */
+        int pad;
+        long version;
+        const RSA_METHOD *meth;
+        /* functional reference if 'meth' is ENGINE-provided */
+        ENGINE *engine;
+        BIGNUM *n;
+        BIGNUM *e;
+        BIGNUM *d;
+        BIGNUM *p;
+        BIGNUM *q;
+        BIGNUM *dmp1;
+        BIGNUM *dmq1;
+        BIGNUM *iqmp;
+        /* Parameter restrictions for PSS only keys. */
+        RSA_PSS_PARAMS *pss;
+        /* be careful using this if the RSA structure is shared */
+        CRYPTO_EX_DATA ex_data;
+        int references;
+        int flags;
+        /* Used to cache montgomery values */
+        BN_MONT_CTX *_method_mod_n;
+        BN_MONT_CTX *_method_mod_p;
+        BN_MONT_CTX *_method_mod_q;
+        /* all BIGNUM values are actually in the following data, if it is not
+         * NULL */
+        BN_BLINDING *blinding;
+        BN_BLINDING *mt_blinding;
+};
+RSA_PSS_PARAMS *rsa_pss_params_create(const EVP_MD *sigmd, const EVP_MD *mgf1md,
+    int saltlen);
+int rsa_pss_get_param(const RSA_PSS_PARAMS *pss, const EVP_MD **pmd,
+    const EVP_MD **pmgf1md, int *psaltlen);
+extern int int_rsa_verify(int dtype, const unsigned char *m,
+    unsigned int m_len, unsigned char *rm, size_t *prm_len,
+    const unsigned char *sigbuf, size_t siglen, RSA *rsa);
+__END_HIDDEN_DECLS
author	tb <>	2022-11-26 16:08:57 +0000
committer	tb <>	2022-11-26 16:08:57 +0000
commit	d0a21970fdc0fbbfc7ad31bc135f5a8fde1d3d49 (patch)
tree	556ebf909e81599dc3d8da585217d1576eabe0e4 /src/lib/libcrypto/rsa/rsa_local.h
parent	bcbac728558eebfaa4404c405e7dc22769585345 (diff)
download	openbsd-d0a21970fdc0fbbfc7ad31bc135f5a8fde1d3d49.tar.gz openbsd-d0a21970fdc0fbbfc7ad31bc135f5a8fde1d3d49.tar.bz2 openbsd-d0a21970fdc0fbbfc7ad31bc135f5a8fde1d3d49.zip

diff --git a/src/lib/libcrypto/rsa/rsa_local.h b/src/lib/libcrypto/rsa/rsa_local.h new file mode 100644 index 0000000000..b438ab4eec --- /dev/null +++ b/src/lib/libcrypto/rsa/rsa_local.h
@@ -0,0 +1,94 @@
	1	/* $OpenBSD: rsa_local.h,v 1.1 2022/11/26 16:08:54 tb Exp $ */
	2
	3	__BEGIN_HIDDEN_DECLS
	4
	5	#define RSA_MIN_MODULUS_BITS 512
	6
	7	/* Macros to test if a pkey or ctx is for a PSS key */
	8	#define pkey_is_pss(pkey) (pkey->ameth->pkey_id == EVP_PKEY_RSA_PSS)
	9	#define pkey_ctx_is_pss(ctx) (ctx->pmeth->pkey_id == EVP_PKEY_RSA_PSS)
	10
	11	struct rsa_meth_st {
	12	char *name;
	13	int (rsa_pub_enc)(int flen, const unsigned char from,
	14	unsigned char to, RSA rsa, int padding);
	15	int (rsa_pub_dec)(int flen, const unsigned char from,
	16	unsigned char to, RSA rsa, int padding);
	17	int (rsa_priv_enc)(int flen, const unsigned char from,
	18	unsigned char to, RSA rsa, int padding);
	19	int (rsa_priv_dec)(int flen, const unsigned char from,
	20	unsigned char to, RSA rsa, int padding);
	21	int (rsa_mod_exp)(BIGNUM r0, const BIGNUM I, RSA rsa,
	22	BN_CTX ctx); / Can be null */
	23	int (bn_mod_exp)(BIGNUM r, const BIGNUM a, const BIGNUM p,
	24	const BIGNUM m, BN_CTX ctx, BN_MONT_CTX m_ctx); / Can be null */
	25	int (init)(RSA rsa); /* called at new */
	26	int (finish)(RSA rsa); /* called at free */
	27	int flags; /* RSA_METHOD_FLAG_* things */
	28	char app_data; / may be needed! */
	29	/* New sign and verify functions: some libraries don't allow arbitrary data
	30	* to be signed/verified: this allows them to be used. Note: for this to work
	31	* the RSA_public_decrypt() and RSA_private_encrypt() should NOT be used
	32	* RSA_sign(), RSA_verify() should be used instead. Note: for backwards
	33	* compatibility this functionality is only enabled if the RSA_FLAG_SIGN_VER
	34	* option is set in 'flags'.
	35	*/
	36	int (rsa_sign)(int type, const unsigned char m, unsigned int m_length,
	37	unsigned char sigret, unsigned int siglen, const RSA *rsa);
	38	int (rsa_verify)(int dtype, const unsigned char m,
	39	unsigned int m_length, const unsigned char *sigbuf,
	40	unsigned int siglen, const RSA *rsa);
	41	/* If this callback is NULL, the builtin software RSA key-gen will be used. This
	42	* is for behavioural compatibility whilst the code gets rewired, but one day
	43	* it would be nice to assume there are no such things as "builtin software"
	44	* implementations. */
	45	int (rsa_keygen)(RSA rsa, int bits, BIGNUM e, BN_GENCB cb);
	46	};
	47
	48	struct rsa_st {
	49	/* The first parameter is used to pickup errors where
	50	* this is passed instead of aEVP_PKEY, it is set to 0 */
	51	int pad;
	52	long version;
	53	const RSA_METHOD *meth;
	54
	55	/* functional reference if 'meth' is ENGINE-provided */
	56	ENGINE *engine;
	57	BIGNUM *n;
	58	BIGNUM *e;
	59	BIGNUM *d;
	60	BIGNUM *p;
	61	BIGNUM *q;
	62	BIGNUM *dmp1;
	63	BIGNUM *dmq1;
	64	BIGNUM *iqmp;
	65
	66	/* Parameter restrictions for PSS only keys. */
	67	RSA_PSS_PARAMS *pss;
	68
	69	/* be careful using this if the RSA structure is shared */
	70	CRYPTO_EX_DATA ex_data;
	71	int references;
	72	int flags;
	73
	74	/* Used to cache montgomery values */
	75	BN_MONT_CTX *_method_mod_n;
	76	BN_MONT_CTX *_method_mod_p;
	77	BN_MONT_CTX *_method_mod_q;
	78
	79	/* all BIGNUM values are actually in the following data, if it is not
	80	* NULL */
	81	BN_BLINDING *blinding;
	82	BN_BLINDING *mt_blinding;
	83	};
	84
	85	RSA_PSS_PARAMS rsa_pss_params_create(const EVP_MD sigmd, const EVP_MD *mgf1md,
	86	int saltlen);
	87	int rsa_pss_get_param(const RSA_PSS_PARAMS pss, const EVP_MD *pmd,
	88	const EVP_MD *pmgf1md, int psaltlen);
	89
	90	extern int int_rsa_verify(int dtype, const unsigned char *m,
	91	unsigned int m_len, unsigned char rm, size_t prm_len,
	92	const unsigned char sigbuf, size_t siglen, RSA rsa);
	93
	94	__END_HIDDEN_DECLS