openssl
/
openssl
mirror of https://github.com/openssl/openssl
1
0
Fork 0
Code Issues Releases Wiki Activity

Run the withlibctx.pl script 

Automatically rename all instances of _with_libctx() to _ex() as per
our coding style.

Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12970)
This commit is contained in:
Matt Caswell 2020-09-24 10:42:23 +01:00
parent aedac96c11
commit d8652be06e
162 changed files with 1091 additions and 1240 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
apps/ca.c
View File

@ -1652,7 +1652,7 @@ static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509,
BIO_printf(bio_err,
"Everything appears to be ok, creating and signing the certificate\n");
if ((ret = X509_new_with_libctx(app_get0_libctx(), app_get0_propq())) == NULL)
if ((ret = X509_new_ex(app_get0_libctx(), app_get0_propq())) == NULL)
goto end;
#ifdef X509_V3

19
apps/cms.c
View File

@ -237,7 +237,7 @@ static CMS_ContentInfo *load_content_info(int informat, BIO *in, BIO **indata,
{
CMS_ContentInfo *ret, *ci;
ret = CMS_ContentInfo_new_with_libctx(libctx, propq);
ret = CMS_ContentInfo_new_ex(libctx, propq);
if (ret == NULL) {
BIO_printf(bio_err, "Error allocating CMS_contentinfo\n");
return NULL;
@ -926,15 +926,15 @@ int cms_main(int argc, char **argv)
ret = 3;
if (operation == SMIME_DATA_CREATE) {
cms = CMS_data_create_with_libctx(in, flags, libctx, propq);
cms = CMS_data_create_ex(in, flags, libctx, propq);
} else if (operation == SMIME_DIGEST_CREATE) {
cms = CMS_digest_create_with_libctx(in, sign_md, flags, libctx, propq);
cms = CMS_digest_create_ex(in, sign_md, flags, libctx, propq);
} else if (operation == SMIME_COMPRESS) {
cms = CMS_compress(in, -1, flags);
} else if (operation == SMIME_ENCRYPT) {
int i;
flags |= CMS_PARTIAL;
cms = CMS_encrypt_with_libctx(NULL, in, cipher, flags, libctx, propq);
cms = CMS_encrypt_ex(NULL, in, cipher, flags, libctx, propq);
if (cms == NULL)
goto end;
for (i = 0; i < sk_X509_num(encerts); i++) {
@ -999,9 +999,8 @@ int cms_main(int argc, char **argv)
goto end;
}
} else if (operation == SMIME_ENCRYPTED_ENCRYPT) {
cms = CMS_EncryptedData_encrypt_with_libctx(in, cipher, secret_key,
secret_keylen, flags,
libctx, propq);
cms = CMS_EncryptedData_encrypt_ex(in, cipher, secret_key,
secret_keylen, flags, libctx, propq);
} else if (operation == SMIME_SIGN_RECEIPT) {
CMS_ContentInfo *srcms = NULL;
@ -1029,7 +1028,7 @@ int cms_main(int argc, char **argv)
flags |= CMS_STREAM;
}
flags |= CMS_PARTIAL;
cms = CMS_sign_with_libctx(NULL, NULL, other, in, flags, libctx, propq);
cms = CMS_sign_ex(NULL, NULL, other, in, flags, libctx, propq);
if (cms == NULL)
goto end;
if (econtent_type != NULL)
@ -1416,8 +1415,8 @@ static CMS_ReceiptRequest *make_receipt_request(
} else {
rct_from = NULL;
}
rr = CMS_ReceiptRequest_create0_with_libctx(NULL, -1, rr_allorfirst,
rct_from, rct_to, libctx, propq);
rr = CMS_ReceiptRequest_create0_ex(NULL, -1, rr_allorfirst, rct_from,
rct_to, libctx, propq);
return rr;
err:
sk_GENERAL_NAMES_pop_free(rct_to, GENERAL_NAMES_free);

18
apps/lib/apps.c
View File

@ -364,7 +364,7 @@ CONF *app_load_config_bio(BIO *in, const char *filename)
CONF *conf;
int i;
conf = NCONF_new_with_libctx(app_libctx, NULL);
conf = NCONF_new_ex(app_libctx, NULL);
i = NCONF_load_bio(conf, in, &errorline);
if (i > 0)
return conf;
@ -756,8 +756,8 @@ int load_key_certs_crls(const char *uri, int maybe_stdin,
ctx = OSSL_STORE_attach(bio, "file", libctx, propq,
get_ui_method(), &uidata, NULL, NULL);
} else {
ctx = OSSL_STORE_open_with_libctx(uri, libctx, propq, get_ui_method(),
&uidata, NULL, NULL);
ctx = OSSL_STORE_open_ex(uri, libctx, propq, get_ui_method(), &uidata,
NULL, NULL);
}
if (ctx == NULL) {
BIO_printf(bio_err, "Could not open file or uri for loading");
@ -1116,16 +1116,14 @@ X509_STORE *setup_verify(const char *CAfile, int noCAfile,
if (lookup == NULL)
goto end;
if (CAfile != NULL) {
if (!X509_LOOKUP_load_file_with_libctx(lookup, CAfile,
X509_FILETYPE_PEM,
libctx, propq)) {
if (!X509_LOOKUP_load_file_ex(lookup, CAfile, X509_FILETYPE_PEM,
libctx, propq)) {
BIO_printf(bio_err, "Error loading file %s\n", CAfile);
goto end;
}
} else {
X509_LOOKUP_load_file_with_libctx(lookup, NULL,
X509_FILETYPE_DEFAULT,
libctx, propq);
X509_LOOKUP_load_file_ex(lookup, NULL, X509_FILETYPE_DEFAULT,
libctx, propq);
}
}
@ -1147,7 +1145,7 @@ X509_STORE *setup_verify(const char *CAfile, int noCAfile,
lookup = X509_STORE_add_lookup(store, X509_LOOKUP_store());
if (lookup == NULL)
goto end;
if (!X509_LOOKUP_add_store_with_libctx(lookup, CAstore, libctx, propq)) {
if (!X509_LOOKUP_add_store_ex(lookup, CAstore, libctx, propq)) {
if (CAstore != NULL)
BIO_printf(bio_err, "Error loading store URI %s\n", CAstore);
goto end;

3
apps/pkcs12.c
View File

@ -897,8 +897,7 @@ static int get_cert_chain(X509 *cert, X509_STORE *store,
STACK_OF(X509) *chn = NULL;
int i = 0;
store_ctx = X509_STORE_CTX_new_with_libctx(app_get0_libctx(),
app_get0_propq());
store_ctx = X509_STORE_CTX_new_ex(app_get0_libctx(), app_get0_propq());
if (store_ctx == NULL) {
i = X509_V_ERR_UNSPECIFIED;
goto end;

2
apps/pkcs7.c
View File

@ -118,7 +118,7 @@ int pkcs7_main(int argc, char **argv)
if (in == NULL)
goto end;
p7 = PKCS7_new_with_libctx(libctx, propq);
p7 = PKCS7_new_ex(libctx, propq);
if (p7 == NULL) {
BIO_printf(bio_err, "unable to allocate PKCS7 object\n");
ERR_print_errors(bio_err);

3
apps/req.c
View File

@ -741,8 +741,7 @@ int req_main(int argc, char **argv)
if (x509) {
EVP_PKEY *tmppkey;
X509V3_CTX ext_ctx;
if ((x509ss = X509_new_with_libctx(app_get0_libctx(),
app_get0_propq())) == NULL)
if ((x509ss = X509_new_ex(app_get0_libctx(), app_get0_propq())) == NULL)
goto end;
/* Set version to V3 */

7
apps/smime.c
View File

@ -491,7 +491,7 @@ int smime_main(int argc, char **argv)
if (operation & SMIME_IP) {
PKCS7 *p7_in = NULL;
p7 = PKCS7_new_with_libctx(libctx, propq);
p7 = PKCS7_new_ex(libctx, propq);
if (p7 == NULL) {
BIO_printf(bio_err, "Error allocating PKCS7 object\n");
goto end;
@ -538,7 +538,7 @@ int smime_main(int argc, char **argv)
if (operation == SMIME_ENCRYPT) {
if (indef)
flags |= PKCS7_STREAM;
p7 = PKCS7_encrypt_with_libctx(encerts, in, cipher, flags, libctx, propq);
p7 = PKCS7_encrypt_ex(encerts, in, cipher, flags, libctx, propq);
} else if (operation & SMIME_SIGNERS) {
int i;
/*
@ -553,8 +553,7 @@ int smime_main(int argc, char **argv)
flags |= PKCS7_STREAM;
}
flags |= PKCS7_PARTIAL;
p7 = PKCS7_sign_with_libctx(NULL, NULL, other, in, flags, libctx,
propq);
p7 = PKCS7_sign_ex(NULL, NULL, other, in, flags, libctx, propq);
if (p7 == NULL)
goto end;
if (flags & PKCS7_NOCERTS) {

4
apps/storeutl.c
View File

@ -356,8 +356,8 @@ static int process(const char *uri, const UI_METHOD *uimeth, PW_CB_DATA *uidata,
OSSL_STORE_CTX *store_ctx = NULL;
int ret = 1, items = 0;
if ((store_ctx = OSSL_STORE_open_with_libctx(uri, libctx, propq,
uimeth, uidata, NULL, NULL))
if ((store_ctx = OSSL_STORE_open_ex(uri, libctx, propq, uimeth, uidata,
NULL, NULL))
== NULL) {
BIO_printf(bio_err, "Couldn't open file or uri %s\n", uri);
ERR_print_errors(bio_err);

7
apps/ts.c
View File

@ -980,9 +980,8 @@ static X509_STORE *create_cert_store(const char *CApath, const char *CAfile,
BIO_printf(bio_err, "memory allocation failure\n");
goto err;
}
if (!X509_LOOKUP_load_file_with_libctx(lookup, CAfile,
X509_FILETYPE_PEM,
libctx, propq)) {
if (!X509_LOOKUP_load_file_ex(lookup, CAfile, X509_FILETYPE_PEM, libctx,
propq)) {
BIO_printf(bio_err, "Error loading file %s\n", CAfile);
goto err;
}
@ -994,7 +993,7 @@ static X509_STORE *create_cert_store(const char *CApath, const char *CAfile,
BIO_printf(bio_err, "memory allocation failure\n");
goto err;
}
if (!X509_LOOKUP_load_store_with_libctx(lookup, CAstore, libctx, propq)) {
if (!X509_LOOKUP_load_store_ex(lookup, CAstore, libctx, propq)) {
BIO_printf(bio_err, "Error loading store URI %s\n", CAstore);
goto err;
}

6
apps/x509.c
View File

@ -506,8 +506,8 @@ int x509_main(int argc, char **argv)
goto end;
}
if (!X509_STORE_set_default_paths_with_libctx(ctx, app_get0_libctx(),
app_get0_propq())) {
if (!X509_STORE_set_default_paths_ex(ctx, app_get0_libctx(),
app_get0_propq())) {
ERR_print_errors(bio_err);
goto end;
}
@ -605,7 +605,7 @@ int x509_main(int argc, char **argv)
"We need a private key to sign with, use -signkey or -CAkey or -CA <file> with private key\n");
goto end;
}
if ((x = X509_new_with_libctx(app_get0_libctx(), app_get0_propq())) == NULL)
if ((x = X509_new_ex(app_get0_libctx(), app_get0_propq())) == NULL)
goto end;
if (sno == NULL) {

9
crypto/asn1/a_digest.c
View File

@ -53,10 +53,9 @@ int ASN1_digest(i2d_of_void *i2d, const EVP_MD *type, char *data,
#endif
int asn1_item_digest_with_libctx(const ASN1_ITEM *it, const EVP_MD *md,
void *asn, unsigned char *data,
unsigned int *len, OPENSSL_CTX *libctx,
const char *propq)
int asn1_item_digest_ex(const ASN1_ITEM *it, const EVP_MD *md, void *asn,
unsigned char *data, unsigned int *len,
OPENSSL_CTX *libctx, const char *propq)
{
int i, ret = 0;
unsigned char *str = NULL;
@ -90,6 +89,6 @@ err:
int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *md, void *asn,
unsigned char *data, unsigned int *len)
{
return asn1_item_digest_with_libctx(it, md, asn, data, len, NULL, NULL);
return asn1_item_digest_ex(it, md, asn, data, len, NULL, NULL);
}

16
crypto/asn1/a_sign.c
View File

@ -119,18 +119,18 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2,
ASN1_BIT_STRING *signature, const void *data,
EVP_PKEY *pkey, const EVP_MD *md)
{
return ASN1_item_sign_with_libctx(it, algor1, algor2, signature, data, NULL,
pkey, md, NULL, NULL);
return ASN1_item_sign_ex(it, algor1, algor2, signature, data, NULL, pkey,
md, NULL, NULL);
}
int ASN1_item_sign_with_libctx(const ASN1_ITEM *it, X509_ALGOR *algor1,
X509_ALGOR *algor2, ASN1_BIT_STRING *signature,
const void *data, const ASN1_OCTET_STRING *id,
EVP_PKEY *pkey, const EVP_MD *md,
OPENSSL_CTX *libctx, const char *propq)
int ASN1_item_sign_ex(const ASN1_ITEM *it, X509_ALGOR *algor1,
X509_ALGOR *algor2, ASN1_BIT_STRING *signature,
const void *data, const ASN1_OCTET_STRING *id,
EVP_PKEY *pkey, const EVP_MD *md, OPENSSL_CTX *libctx,
const char *propq)
{
int rv = 0;
EVP_MD_CTX *ctx = evp_md_ctx_new_with_libctx(pkey, id, libctx, propq);
EVP_MD_CTX *ctx = evp_md_ctx_new_ex(pkey, id, libctx, propq);
if (ctx == NULL) {
ASN1err(0, ERR_R_MALLOC_FAILURE);

14
crypto/asn1/a_verify.c
View File

@ -89,20 +89,18 @@ int ASN1_item_verify(const ASN1_ITEM *it, const X509_ALGOR *alg,
const ASN1_BIT_STRING *signature, const void *data,
EVP_PKEY *pkey)
{
return ASN1_item_verify_with_libctx(it, alg, signature, data, NULL, pkey,
NULL, NULL);
return ASN1_item_verify_ex(it, alg, signature, data, NULL, pkey, NULL, NULL);
}
int ASN1_item_verify_with_libctx(const ASN1_ITEM *it, const X509_ALGOR *alg,
const ASN1_BIT_STRING *signature,
const void *data,
const ASN1_OCTET_STRING *id, EVP_PKEY *pkey,
OPENSSL_CTX *libctx, const char *propq)
int ASN1_item_verify_ex(const ASN1_ITEM *it, const X509_ALGOR *alg,
const ASN1_BIT_STRING *signature, const void *data,
const ASN1_OCTET_STRING *id, EVP_PKEY *pkey,
OPENSSL_CTX *libctx, const char *propq)
{
EVP_MD_CTX *ctx;
int rv = -1;
if ((ctx = evp_md_ctx_new_with_libctx(pkey, id, libctx, propq)) != NULL) {
if ((ctx = evp_md_ctx_new_ex(pkey, id, libctx, propq)) != NULL) {
rv = ASN1_item_verify_ctx(it, alg, signature, data, ctx);
EVP_PKEY_CTX_free(EVP_MD_CTX_pkey_ctx(ctx));
EVP_MD_CTX_free(ctx);

13
crypto/asn1/asn_mime.c
View File

@ -229,11 +229,10 @@ static int asn1_write_micalg(BIO *out, STACK_OF(X509_ALGOR) *mdalgs)
/* SMIME sender */
int SMIME_write_ASN1_with_libctx(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
int ctype_nid, int econt_nid,
STACK_OF(X509_ALGOR) *mdalgs,
const ASN1_ITEM *it,
OPENSSL_CTX *libctx, const char *propq)
int SMIME_write_ASN1_ex(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
int ctype_nid, int econt_nid,
STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it,
OPENSSL_CTX *libctx, const char *propq)
{
char bound[33], c;
int i;
@ -326,8 +325,8 @@ int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
int ctype_nid, int econt_nid,
STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it)
{
return SMIME_write_ASN1_with_libctx(bio, val, data, flags, ctype_nid,
econt_nid, mdalgs, it, NULL, NULL);
return SMIME_write_ASN1_ex(bio, val, data, flags, ctype_nid, econt_nid,
mdalgs, it, NULL, NULL);
}
/* Handle output of ASN1 data */

6
crypto/asn1/d2i_pr.c
View File

@ -48,13 +48,13 @@ EVP_PKEY *d2i_PrivateKey_ex(int type, EVP_PKEY **a, const unsigned char **pp,
if (!ret->ameth->old_priv_decode ||
!ret->ameth->old_priv_decode(ret, &p, length)) {
if (ret->ameth->priv_decode != NULL
|| ret->ameth->priv_decode_with_libctx != NULL) {
|| ret->ameth->priv_decode_ex != NULL) {
EVP_PKEY *tmp;
PKCS8_PRIV_KEY_INFO *p8 = NULL;
p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, &p, length);
if (p8 == NULL)
goto err;
tmp = EVP_PKCS82PKEY_with_libctx(p8, libctx, propq);
tmp = EVP_PKCS82PKEY_ex(p8, libctx, propq);
PKCS8_PRIV_KEY_INFO_free(p8);
if (tmp == NULL)
goto err;
@ -121,7 +121,7 @@ EVP_PKEY *d2i_AutoPrivateKey_ex(EVP_PKEY **a, const unsigned char **pp,
ASN1err(0, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
return NULL;
}
ret = EVP_PKCS82PKEY_with_libctx(p8, libctx, propq);
ret = EVP_PKCS82PKEY_ex(p8, libctx, propq);
PKCS8_PRIV_KEY_INFO_free(p8);
if (ret == NULL)
return NULL;

6
crypto/cmp/cmp_protect.c
View File

@ -119,9 +119,9 @@ ASN1_BIT_STRING *ossl_cmp_calc_protection(const OSSL_CMP_CTX *ctx,
if ((prot = ASN1_BIT_STRING_new()) == NULL)
return NULL;
if (ASN1_item_sign_with_libctx(ASN1_ITEM_rptr(OSSL_CMP_PROTECTEDPART),
NULL, NULL, prot, &prot_part, NULL,
ctx->pkey, md, ctx->libctx, ctx->propq))
if (ASN1_item_sign_ex(ASN1_ITEM_rptr(OSSL_CMP_PROTECTEDPART), NULL,
NULL, prot, &prot_part, NULL, ctx->pkey, md,
ctx->libctx, ctx->propq))
return prot;
ASN1_BIT_STRING_free(prot);
return NULL;

2
crypto/cmp/cmp_util.c
View File

@ -230,7 +230,7 @@ STACK_OF(X509)
goto err;
}
if ((csc = X509_STORE_CTX_new_with_libctx(libctx, propq)) == NULL)
if ((csc = X509_STORE_CTX_new_ex(libctx, propq)) == NULL)
goto err;
if (store == NULL && certs != NULL
&& !ossl_cmp_X509_STORE_add1_certs(ts, certs, 0))

14
crypto/cmp/cmp_vfy.c
View File

@ -50,10 +50,10 @@ static int verify_signature(const OSSL_CMP_CTX *cmp_ctx,
prot_part.header = msg->header;
prot_part.body = msg->body;
if (ASN1_item_verify_with_libctx(ASN1_ITEM_rptr(OSSL_CMP_PROTECTEDPART),
msg->header->protectionAlg,
msg->protection, &prot_part, NULL, pubkey,
cmp_ctx->libctx, cmp_ctx->propq) > 0) {
if (ASN1_item_verify_ex(ASN1_ITEM_rptr(OSSL_CMP_PROTECTEDPART),
msg->header->protectionAlg, msg->protection,
&prot_part, NULL, pubkey, cmp_ctx->libctx,
cmp_ctx->propq) > 0) {
res = 1;
goto end;
}
@ -118,7 +118,7 @@ int OSSL_CMP_validate_cert_path(const OSSL_CMP_CTX *ctx,
return 0;
}
if ((csc = X509_STORE_CTX_new_with_libctx(ctx->libctx, ctx->propq)) == NULL
if ((csc = X509_STORE_CTX_new_ex(ctx->libctx, ctx->propq)) == NULL
|| !X509_STORE_CTX_init(csc, trusted_store,
cert, ctx->untrusted))
goto err;
@ -825,8 +825,8 @@ int ossl_cmp_verify_popo(const OSSL_CMP_CTX *ctx,
{
X509_REQ *req = msg->body->value.p10cr;
if (X509_REQ_verify_with_libctx(req, X509_REQ_get0_pubkey(req),
ctx->libctx, ctx->propq) <= 0) {
if (X509_REQ_verify_ex(req, X509_REQ_get0_pubkey(req), ctx->libctx,
ctx->propq) <= 0) {
#ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
CMPerr(0, CMP_R_REQUEST_NOT_ACCEPTED);
return 0;

2
crypto/cms/cms_cd.c
View File

@ -36,7 +36,7 @@ CMS_ContentInfo *cms_CompressedData_create(int comp_nid, OPENSSL_CTX *libctx,
CMS_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
return NULL;
}
cms = CMS_ContentInfo_new_with_libctx(libctx, propq);
cms = CMS_ContentInfo_new_ex(libctx, propq);
if (cms == NULL)
return NULL;

2
crypto/cms/cms_dd.c
View File

@ -23,7 +23,7 @@ CMS_ContentInfo *cms_DigestedData_create(const EVP_MD *md,
CMS_ContentInfo *cms;
CMS_DigestedData *dd;
cms = CMS_ContentInfo_new_with_libctx(libctx, propq);
cms = CMS_ContentInfo_new_ex(libctx, propq);
if (cms == NULL)
return NULL;

19
crypto/cms/cms_env.c
View File

@ -203,14 +203,14 @@ EVP_PKEY_CTX *CMS_RecipientInfo_get0_pkey_ctx(CMS_RecipientInfo *ri)
return NULL;
}
CMS_ContentInfo *CMS_EnvelopedData_create_with_libctx(const EVP_CIPHER *cipher,
OPENSSL_CTX *libctx,
const char *propq)
CMS_ContentInfo *CMS_EnvelopedData_create_ex(const EVP_CIPHER *cipher,
OPENSSL_CTX *libctx,
const char *propq)
{
CMS_ContentInfo *cms;
CMS_EnvelopedData *env;
cms = CMS_ContentInfo_new_with_libctx(libctx, propq);
cms = CMS_ContentInfo_new_ex(libctx, propq);
if (cms == NULL)
goto merr;
env = cms_enveloped_data_init(cms);
@ -229,18 +229,17 @@ CMS_ContentInfo *CMS_EnvelopedData_create_with_libctx(const EVP_CIPHER *cipher,
CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher)
{
return CMS_EnvelopedData_create_with_libctx(cipher, NULL, NULL);
return CMS_EnvelopedData_create_ex(cipher, NULL, NULL);
}
CMS_ContentInfo *
CMS_AuthEnvelopedData_create_with_libctx(const EVP_CIPHER *cipher,
OPENSSL_CTX *libctx,
const char *propq)
CMS_AuthEnvelopedData_create_ex(const EVP_CIPHER *cipher, OPENSSL_CTX *libctx,
const char *propq)
{
CMS_ContentInfo *cms;
CMS_AuthEnvelopedData *aenv;
cms = CMS_ContentInfo_new_with_libctx(libctx, propq);
cms = CMS_ContentInfo_new_ex(libctx, propq);
if (cms == NULL)
goto merr;
aenv = cms_auth_enveloped_data_init(cms);
@ -259,7 +258,7 @@ CMS_AuthEnvelopedData_create_with_libctx(const EVP_CIPHER *cipher,
CMS_ContentInfo *CMS_AuthEnvelopedData_create(const EVP_CIPHER *cipher)
{
return CMS_AuthEnvelopedData_create_with_libctx(cipher, NULL, NULL);
return CMS_AuthEnvelopedData_create_ex(cipher, NULL, NULL);
}
/* Key Transport Recipient Info (KTRI) routines */

13
crypto/cms/cms_ess.c
View File

@ -114,7 +114,7 @@ int ess_check_signing_certs(CMS_SignerInfo *si, STACK_OF(X509) *chain)
return ret;
}
CMS_ReceiptRequest *CMS_ReceiptRequest_create0_with_libctx(
CMS_ReceiptRequest *CMS_ReceiptRequest_create0_ex(
unsigned char *id, int idlen, int allorfirst,
STACK_OF(GENERAL_NAMES) *receiptList, STACK_OF(GENERAL_NAMES) *receiptsTo,
OPENSSL_CTX *libctx, const char *propq)
@ -159,9 +159,8 @@ CMS_ReceiptRequest *CMS_ReceiptRequest_create0(
unsigned char *id, int idlen, int allorfirst,
STACK_OF(GENERAL_NAMES) *receiptList, STACK_OF(GENERAL_NAMES) *receiptsTo)
{
return CMS_ReceiptRequest_create0_with_libctx(id, idlen, allorfirst,
receiptList, receiptsTo,
NULL, NULL);
return CMS_ReceiptRequest_create0_ex(id, idlen, allorfirst, receiptList,
receiptsTo, NULL, NULL);
}
int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr)
@ -221,9 +220,9 @@ static int cms_msgSigDigest(CMS_SignerInfo *si,
if (md == NULL)
return 0;
if (!asn1_item_digest_with_libctx(ASN1_ITEM_rptr(CMS_Attributes_Verify), md,
si->signedAttrs, dig, diglen,
si->cms_ctx->libctx, si->cms_ctx->propq))
if (!asn1_item_digest_ex(ASN1_ITEM_rptr(CMS_Attributes_Verify), md,
si->signedAttrs, dig, diglen, si->cms_ctx->libctx,
si->cms_ctx->propq))
return 0;
return 1;
}

10
crypto/cms/cms_io.c
View File

@ -83,11 +83,11 @@ int SMIME_write_CMS(BIO *bio, CMS_ContentInfo *cms, BIO *data, int flags)
else
mdalgs = NULL;
return SMIME_write_ASN1_with_libctx(bio, (ASN1_VALUE *)cms, data, flags,
ctype_nid, econt_nid, mdalgs,
ASN1_ITEM_rptr(CMS_ContentInfo),
cms_ctx_get0_libctx(ctx),
cms_ctx_get0_propq(ctx));
return SMIME_write_ASN1_ex(bio, (ASN1_VALUE *)cms, data, flags, ctype_nid,
econt_nid, mdalgs,
ASN1_ITEM_rptr(CMS_ContentInfo),
cms_ctx_get0_libctx(ctx),
cms_ctx_get0_propq(ctx));
}
CMS_ContentInfo *SMIME_read_CMS_ex(BIO *bio, BIO **bcont, CMS_ContentInfo **cms)

7
crypto/cms/cms_lib.c
View File

@ -40,8 +40,7 @@ int i2d_CMS_ContentInfo(const CMS_ContentInfo *a, unsigned char **out)
return ASN1_item_i2d((const ASN1_VALUE *)a, out, (CMS_ContentInfo_it()));
}
CMS_ContentInfo *CMS_ContentInfo_new_with_libctx(OPENSSL_CTX *libctx,
const char *propq)
CMS_ContentInfo *CMS_ContentInfo_new_ex(OPENSSL_CTX *libctx, const char *propq)
{
CMS_ContentInfo *ci;
@ -63,7 +62,7 @@ CMS_ContentInfo *CMS_ContentInfo_new_with_libctx(OPENSSL_CTX *libctx,
CMS_ContentInfo *CMS_ContentInfo_new(void)
{
return CMS_ContentInfo_new_with_libctx(NULL, NULL);
return CMS_ContentInfo_new_ex(NULL, NULL);
}
void CMS_ContentInfo_free(CMS_ContentInfo *cms)
@ -120,7 +119,7 @@ const ASN1_OBJECT *CMS_get0_type(const CMS_ContentInfo *cms)
CMS_ContentInfo *cms_Data_create(OPENSSL_CTX *libctx, const char *propq)
{
CMS_ContentInfo *cms = CMS_ContentInfo_new_with_libctx(libctx, propq);
CMS_ContentInfo *cms = CMS_ContentInfo_new_ex(libctx, propq);
if (cms != NULL) {
cms->contentType = OBJ_nid2obj(NID_pkcs7_data);

20
crypto/cms/cms_sd.c
View File

@ -411,10 +411,8 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms,
goto err;
if (EVP_PKEY_CTX_set_signature_md(si->pctx, md) <= 0)
goto err;
} else if (EVP_DigestSignInit_with_libctx(si->mctx, &si->pctx,
EVP_MD_name(md),
ctx->libctx, ctx->propq,
pk) <= 0) {
} else if (EVP_DigestSignInit_ex(si->mctx, &si->pctx, EVP_MD_name(md),
ctx->libctx, ctx->propq, pk) <= 0) {
goto err;
}
}
@ -676,8 +674,8 @@ static int cms_SignerInfo_content_sign(CMS_ContentInfo *cms,
CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN, ERR_R_MALLOC_FAILURE);
goto err;
}
if (!EVP_SignFinal_with_libctx(mctx, sig, &siglen, si->pkey,
ctx->libctx, ctx->propq)) {
if (!EVP_SignFinal_ex(mctx, sig, &siglen, si->pkey, ctx->libctx,
ctx->propq)) {
CMSerr(CMS_F_CMS_SIGNERINFO_CONTENT_SIGN, CMS_R_SIGNFINAL_ERROR);
OPENSSL_free(sig);
goto err;
@ -735,9 +733,8 @@ int CMS_SignerInfo_sign(CMS_SignerInfo *si)
pctx = si->pctx;
else {
EVP_MD_CTX_reset(mctx);
if (EVP_DigestSignInit_with_libctx(mctx, &pctx,
md_name, ctx->libctx, ctx->propq,
si->pkey) <= 0)
if (EVP_DigestSignInit_ex(mctx, &pctx, md_name, ctx->libctx, ctx->propq,
si->pkey) <= 0)
goto err;
si->pctx = pctx;
}
@ -844,9 +841,8 @@ int CMS_SignerInfo_verify(CMS_SignerInfo *si)
goto err;
}
mctx = si->mctx;
if (EVP_DigestVerifyInit_with_libctx(mctx, &si->pctx,
EVP_MD_name(md), ctx->libctx, NULL,
si->pkey) <= 0)
if (EVP_DigestVerifyInit_ex(mctx, &si->pctx, EVP_MD_name(md), ctx->libctx,
NULL, si->pkey) <= 0)
goto err;
if (!cms_sd_asn1_ctrl(si, 1))

65
crypto/cms/cms_smime.c
View File

@ -118,9 +118,8 @@ int CMS_data(CMS_ContentInfo *cms, BIO *out, unsigned int flags)
return r;
}
CMS_ContentInfo *CMS_data_create_with_libctx(BIO *in, unsigned int flags,
OPENSSL_CTX *libctx,
const char *propq)
CMS_ContentInfo *CMS_data_create_ex(BIO *in, unsigned int flags,
OPENSSL_CTX *libctx, const char *propq)
{
CMS_ContentInfo *cms = cms_Data_create(libctx, propq);
@ -136,7 +135,7 @@ CMS_ContentInfo *CMS_data_create_with_libctx(BIO *in, unsigned int flags,
CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags)
{
return CMS_data_create_with_libctx(in, flags, NULL, NULL);
return CMS_data_create_ex(in, flags, NULL, NULL);
}
int CMS_digest_verify(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
@ -164,11 +163,9 @@ int CMS_digest_verify(CMS_ContentInfo *cms, BIO *dcont, BIO *out,
return r;
}
CMS_ContentInfo *CMS_digest_create_with_libctx(BIO *in,
const EVP_MD *md,
unsigned int flags,
OPENSSL_CTX *ctx,
const char *propq)
CMS_ContentInfo *CMS_digest_create_ex(BIO *in, const EVP_MD *md,
unsigned int flags, OPENSSL_CTX *ctx,
const char *propq)
{
CMS_ContentInfo *cms;
@ -191,7 +188,7 @@ CMS_ContentInfo *CMS_digest_create_with_libctx(BIO *in,
CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md,
unsigned int flags)
{
return CMS_digest_create_with_libctx(in, md, flags, NULL, NULL);
return CMS_digest_create_ex(in, md, flags, NULL, NULL);
}
int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms,
@ -220,13 +217,11 @@ int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms,
return r;
}
CMS_ContentInfo *CMS_EncryptedData_encrypt_with_libctx(BIO *in,
const EVP_CIPHER *cipher,
const unsigned char *key,
size_t keylen,
unsigned int flags,
OPENSSL_CTX *libctx,
const char *propq)
CMS_ContentInfo *CMS_EncryptedData_encrypt_ex(BIO *in, const EVP_CIPHER *cipher,
const unsigned char *key,
size_t keylen, unsigned int flags,
OPENSSL_CTX *libctx,
const char *propq)
{
CMS_ContentInfo *cms;
@ -234,7 +229,7 @@ CMS_ContentInfo *CMS_EncryptedData_encrypt_with_libctx(BIO *in,
CMSerr(0, CMS_R_NO_CIPHER);
return NULL;
}
cms = CMS_ContentInfo_new_with_libctx(libctx, propq);
cms = CMS_ContentInfo_new_ex(libctx, propq);
if (cms == NULL)
return NULL;
if (!CMS_EncryptedData_set1_key(cms, cipher, key, keylen))
@ -255,8 +250,8 @@ CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher,
const unsigned char *key,
size_t keylen, unsigned int flags)
{
return CMS_EncryptedData_encrypt_with_libctx(in, cipher, key, keylen, flags,
NULL, NULL);
return CMS_EncryptedData_encrypt_ex(in, cipher, key, keylen, flags, NULL,
NULL);
}
static int cms_signerinfo_verify_cert(CMS_SignerInfo *si,
@ -270,7 +265,7 @@ static int cms_signerinfo_verify_cert(CMS_SignerInfo *si,
X509 *signer;
int i, j, r = 0;
ctx = X509_STORE_CTX_new_with_libctx(cms_ctx->libctx, cms_ctx->propq);
ctx = X509_STORE_CTX_new_ex(cms_ctx->libctx, cms_ctx->propq);
if (ctx == NULL) {
CMSerr(CMS_F_CMS_SIGNERINFO_VERIFY_CERT, ERR_R_MALLOC_FAILURE);
goto err;
@ -503,15 +498,15 @@ int CMS_verify_receipt(CMS_ContentInfo *rcms, CMS_ContentInfo *ocms,
return cms_Receipt_verify(rcms, ocms);
}
CMS_ContentInfo *CMS_sign_with_libctx(X509 *signcert, EVP_PKEY *pkey,
STACK_OF(X509) *certs, BIO *data,
unsigned int flags,
OPENSSL_CTX *libctx, const char *propq)
CMS_ContentInfo *CMS_sign_ex(X509 *signcert, EVP_PKEY *pkey,
STACK_OF(X509) *certs, BIO *data,
unsigned int flags, OPENSSL_CTX *libctx,
const char *propq)
{
CMS_ContentInfo *cms;
int i;
cms = CMS_ContentInfo_new_with_libctx(libctx, propq);
cms = CMS_ContentInfo_new_ex(libctx, propq);
if (cms == NULL || !CMS_SignedData_init(cms))
goto merr;
if (flags & CMS_ASCIICRLF
@ -551,7 +546,7 @@ CMS_ContentInfo *CMS_sign_with_libctx(X509 *signcert, EVP_PKEY *pkey,
CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
BIO *data, unsigned int flags)
{
return CMS_sign_with_libctx(signcert, pkey, certs, data, flags, NULL, NULL);
return CMS_sign_ex(signcert, pkey, certs, data, flags, NULL, NULL);
}
CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
@ -575,8 +570,7 @@ CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
/* Initialize signed data */
cms = CMS_sign_with_libctx(NULL, NULL, certs, NULL, flags,
ctx->libctx, ctx->propq);
cms = CMS_sign_ex(NULL, NULL, certs, NULL, flags, ctx->libctx, ctx->propq);
if (cms == NULL)
goto err;
@ -623,10 +617,9 @@ CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si,
}
CMS_ContentInfo *CMS_encrypt_with_libctx(STACK_OF(X509) *certs,
BIO *data, const EVP_CIPHER *cipher,
unsigned int flags,
OPENSSL_CTX *libctx, const char *propq)
CMS_ContentInfo *CMS_encrypt_ex(STACK_OF(X509) *certs, BIO *data,
const EVP_CIPHER *cipher, unsigned int flags,
OPENSSL_CTX *libctx, const char *propq)
{
CMS_ContentInfo *cms;
int i;
@ -634,8 +627,8 @@ CMS_ContentInfo *CMS_encrypt_with_libctx(STACK_OF(X509) *certs,
cms = (EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER)
? CMS_AuthEnvelopedData_create_with_libctx(cipher, libctx, propq)
: CMS_EnvelopedData_create_with_libctx(cipher, libctx, propq);
? CMS_AuthEnvelopedData_create_ex(cipher, libctx, propq)
: CMS_EnvelopedData_create_ex(cipher, libctx, propq);
if (cms == NULL)
goto merr;
for (i = 0; i < sk_X509_num(certs); i++) {
@ -665,7 +658,7 @@ CMS_ContentInfo *CMS_encrypt_with_libctx(STACK_OF(X509) *certs,
CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *data,
const EVP_CIPHER *cipher, unsigned int flags)
{
return CMS_encrypt_with_libctx(certs, data, cipher, flags, NULL, NULL);
return CMS_encrypt_ex(certs, data, cipher, flags, NULL, NULL);
}
static int cms_kari_set1_pkey_and_peer(CMS_ContentInfo *cms,

4
crypto/conf/conf_lib.c
View File

@ -174,7 +174,7 @@ int CONF_dump_bio(LHASH_OF(CONF_VALUE) *conf, BIO *out)
* the "CONF classic" functions, for consistency.
*/
CONF *NCONF_new_with_libctx(OPENSSL_CTX *libctx, CONF_METHOD *meth)
CONF *NCONF_new_ex(OPENSSL_CTX *libctx, CONF_METHOD *meth)
{
CONF *ret;
@ -193,7 +193,7 @@ CONF *NCONF_new_with_libctx(OPENSSL_CTX *libctx, CONF_METHOD *meth)
CONF *NCONF_new(CONF_METHOD *meth)
{
return NCONF_new_with_libctx(NULL, meth);
return NCONF_new_ex(NULL, meth);
}
void NCONF_free(CONF *conf)

9
crypto/conf/conf_mod.c
View File

@ -145,15 +145,14 @@ int CONF_modules_load(const CONF *cnf, const char *appname,
}
int CONF_modules_load_file_with_libctx(OPENSSL_CTX *libctx,
const char *filename,
const char *appname, unsigned long flags)
int CONF_modules_load_file_ex(OPENSSL_CTX *libctx, const char *filename,
const char *appname, unsigned long flags)
{
char *file = NULL;
CONF *conf = NULL;
int ret = 0, diagnostics = 0;
conf = NCONF_new_with_libctx(libctx, NULL);
conf = NCONF_new_ex(libctx, NULL);
if (conf == NULL)
goto err;
@ -191,7 +190,7 @@ int CONF_modules_load_file_with_libctx(OPENSSL_CTX *libctx,
int CONF_modules_load_file(const char *filename,
const char *appname, unsigned long flags)
{
return CONF_modules_load_file_with_libctx(NULL, filename, appname, flags);
return CONF_modules_load_file_ex(NULL, filename, appname, flags);
}
DEFINE_RUN_ONCE_STATIC(do_load_builtin_modules)

2
crypto/context.c
View File

@ -170,7 +170,7 @@ OPENSSL_CTX *OPENSSL_CTX_new(void)
#ifndef FIPS_MODULE
int OPENSSL_CTX_load_config(OPENSSL_CTX *ctx, const char *config_file)
{
return CONF_modules_load_file_with_libctx(ctx, config_file, NULL, 0) > 0;
return CONF_modules_load_file_ex(ctx, config_file, NULL, 0) > 0;
}
#endif

16
crypto/crmf/crmf_lib.c
View File

@ -365,10 +365,9 @@ static int create_popo_signature(OSSL_CRMF_POPOSIGNINGKEY *ps,
return 0;
}
return ASN1_item_sign_with_libctx(ASN1_ITEM_rptr(OSSL_CRMF_CERTREQUEST),
ps->algorithmIdentifier, NULL,
ps->signature, cr, NULL, pkey, digest,
libctx, propq);
return ASN1_item_sign_ex(ASN1_ITEM_rptr(OSSL_CRMF_CERTREQUEST),
ps->algorithmIdentifier, NULL, ps->signature, cr,
NULL, pkey, digest, libctx, propq);
}
@ -502,10 +501,9 @@ int OSSL_CRMF_MSGS_verify_popo(const OSSL_CRMF_MSGS *reqs,
it = ASN1_ITEM_rptr(OSSL_CRMF_CERTREQUEST);
asn = req->certReq;
}
if (ASN1_item_verify_with_libctx(it, sig->algorithmIdentifier,
sig->signature, asn, NULL,
X509_PUBKEY_get0(pubkey),
libctx, propq) < 1)
if (ASN1_item_verify_ex(it, sig->algorithmIdentifier, sig->signature,
asn, NULL, X509_PUBKEY_get0(pubkey), libctx,
propq) < 1)
return 0;
break;
case OSSL_CRMF_POPO_KEYENC:
@ -680,7 +678,7 @@ X509
outlen += n;
/* convert decrypted certificate from DER to internal ASN.1 structure */
if ((cert = X509_new_with_libctx(libctx, propq)) == NULL)
if ((cert = X509_new_ex(libctx, propq)) == NULL)
goto end;
if (d2i_X509(&cert, &p, outlen) == NULL)
CRMFerr(CRMF_F_OSSL_CRMF_ENCRYPTEDVALUE_GET1_ENCCERT,

11
crypto/ct/ct_b64.c
View File

@ -132,9 +132,9 @@ SCT *SCT_new_from_base64(unsigned char version, const char *logid_base64,
* 0 on decoding failure, or invalid parameter if any
* -1 on internal (malloc) failure
*/
int CTLOG_new_from_base64_with_libctx(CTLOG **ct_log, const char *pkey_base64,
const char *name, OPENSSL_CTX *libctx,
const char *propq)
int CTLOG_new_from_base64_ex(CTLOG **ct_log, const char *pkey_base64,
const char *name, OPENSSL_CTX *libctx,
const char *propq)
{
unsigned char *pkey_der = NULL;
int pkey_der_len;
@ -160,7 +160,7 @@ int CTLOG_new_from_base64_with_libctx(CTLOG **ct_log, const char *pkey_base64,
return 0;
}
*ct_log = CTLOG_new_with_libctx(pkey, name, libctx, propq);
*ct_log = CTLOG_new_ex(pkey, name, libctx, propq);
if (*ct_log == NULL) {
EVP_PKEY_free(pkey);
return 0;
@ -172,6 +172,5 @@ int CTLOG_new_from_base64_with_libctx(CTLOG **ct_log, const char *pkey_base64,
int CTLOG_new_from_base64(CTLOG **ct_log, const char *pkey_base64,
const char *name)
{
return CTLOG_new_from_base64_with_libctx(ct_log, pkey_base64, name, NULL,
NULL);
return CTLOG_new_from_base64_ex(ct_log, pkey_base64, name, NULL, NULL);
}

14
crypto/ct/ct_log.c
View File

@ -100,7 +100,7 @@ err:
return ret;
}
CTLOG_STORE *CTLOG_STORE_new_with_libctx(OPENSSL_CTX *libctx, const char *propq)
CTLOG_STORE *CTLOG_STORE_new_ex(OPENSSL_CTX *libctx, const char *propq)
{
CTLOG_STORE *ret = OPENSSL_zalloc(sizeof(*ret));
@ -132,7 +132,7 @@ err:
CTLOG_STORE *CTLOG_STORE_new(void)
{
return CTLOG_STORE_new_with_libctx(NULL, NULL);
return CTLOG_STORE_new_ex(NULL, NULL);
}
void CTLOG_STORE_free(CTLOG_STORE *store)
@ -161,8 +161,8 @@ static int ctlog_new_from_conf(CTLOG_STORE *store, CTLOG **ct_log,
return 0;
}
return CTLOG_new_from_base64_with_libctx(ct_log, pkey_base64, description,
store->libctx, store->propq);
return CTLOG_new_from_base64_ex(ct_log, pkey_base64, description,
store->libctx, store->propq);
}
int CTLOG_STORE_load_default_file(CTLOG_STORE *store)
@ -264,8 +264,8 @@ end:
* Takes ownership of the public key.
* Copies the name.
*/
CTLOG *CTLOG_new_with_libctx(EVP_PKEY *public_key, const char *name,
OPENSSL_CTX *libctx, const char *propq)
CTLOG *CTLOG_new_ex(EVP_PKEY *public_key, const char *name, OPENSSL_CTX *libctx,
const char *propq)
{
CTLOG *ret = OPENSSL_zalloc(sizeof(*ret));
@ -301,7 +301,7 @@ err:
CTLOG *CTLOG_new(EVP_PKEY *public_key, const char *name)
{
return CTLOG_new_with_libctx(public_key, name, NULL, NULL);
return CTLOG_new_ex(public_key, name, NULL, NULL);
}
/* Frees CT log and associated structures */

6
crypto/ct/ct_policy.c
View File

@ -25,8 +25,8 @@
*/
static const time_t SCT_CLOCK_DRIFT_TOLERANCE = 300;
CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new_with_libctx(OPENSSL_CTX *libctx,
const char *propq)
CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new_ex(OPENSSL_CTX *libctx,
const char *propq)
{
CT_POLICY_EVAL_CTX *ctx = OPENSSL_zalloc(sizeof(CT_POLICY_EVAL_CTX));
@ -54,7 +54,7 @@ CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new_with_libctx(OPENSSL_CTX *libctx,
CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new(void)
{
return CT_POLICY_EVAL_CTX_new_with_libctx(NULL, NULL);
return CT_POLICY_EVAL_CTX_new_ex(NULL, NULL);
}
void CT_POLICY_EVAL_CTX_free(CT_POLICY_EVAL_CTX *ctx)

5
crypto/ct/ct_vfy.c
View File

@ -122,9 +122,8 @@ int SCT_CTX_verify(const SCT_CTX *sctx, const SCT *sct)
if (ctx == NULL)
goto end;
if (!EVP_DigestVerifyInit_with_libctx(ctx, NULL,
"SHA2-256", sctx->libctx, sctx->propq,
sctx->pkey))
if (!EVP_DigestVerifyInit_ex(ctx, NULL, "SHA2-256", sctx->libctx,
sctx->propq, sctx->pkey))
goto end;
if (!sct_ctx_update(ctx, sctx, sct))

2
crypto/dh/dh_ameth.c
View File

@ -560,7 +560,7 @@ static int dh_pkey_import_from_type(const OSSL_PARAM params[], void *vpctx,
{
EVP_PKEY_CTX *pctx = vpctx;
EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(pctx);
DH *dh = dh_new_with_libctx(pctx->libctx);
DH *dh = dh_new_ex(pctx->libctx);
if (dh == NULL) {
ERR_raise(ERR_LIB_DH, ERR_R_MALLOC_FAILURE);

2
crypto/dh/dh_gen.c
View File

@ -100,7 +100,7 @@ static int dh_gen_named_group(OPENSSL_CTX *libctx, DH *ret, int prime_len)
if (nid == NID_undef)
return 0;
dh = dh_new_by_nid_with_libctx(libctx, nid);
dh = dh_new_by_nid_ex(libctx, nid);
if (dh != NULL
&& ffc_params_copy(&ret->params, &dh->params)) {
ok = 1;

6
crypto/dh/dh_group_params.c
View File

@ -103,7 +103,7 @@ const char *ffc_named_group_from_uid(int uid)
static DH *dh_param_init(OPENSSL_CTX *libctx, int uid, const BIGNUM *p,
const BIGNUM *q, const BIGNUM *g)
{
DH *dh = dh_new_with_libctx(libctx);
DH *dh = dh_new_ex(libctx);
if (dh == NULL)
return NULL;
@ -136,7 +136,7 @@ static DH *dh_new_by_group_name(OPENSSL_CTX *libctx, const char *name)
return NULL;
}
DH *dh_new_by_nid_with_libctx(OPENSSL_CTX *libctx, int nid)
DH *dh_new_by_nid_ex(OPENSSL_CTX *libctx, int nid)
{
const char *name = ffc_named_group_from_uid(nid);
@ -145,7 +145,7 @@ DH *dh_new_by_nid_with_libctx(OPENSSL_CTX *libctx, int nid)
DH *DH_new_by_nid(int nid)
{
return dh_new_by_nid_with_libctx(NULL, nid);
return dh_new_by_nid_ex(NULL, nid);
}
int ffc_set_group_pqg(FFC_PARAMS *ffc, const char *group_name)

2
crypto/dh/dh_lib.c
View File

@ -63,7 +63,7 @@ DH *DH_new_method(ENGINE *engine)
}
#endif /* !FIPS_MODULE */
DH *dh_new_with_libctx(OPENSSL_CTX *libctx)
DH *dh_new_ex(OPENSSL_CTX *libctx)
{
return dh_new_intern(NULL, libctx);
}

15
crypto/ec/ec_ameth.c
View File

@ -112,7 +112,7 @@ static EC_KEY *eckey_type2param(int ptype, const void *pval,
EC_KEY *eckey = NULL;
EC_GROUP *group = NULL;
if ((eckey = EC_KEY_new_with_libctx(libctx, propq)) == NULL) {
if ((eckey = EC_KEY_new_ex(libctx, propq)) == NULL) {
ECerr(EC_F_ECKEY_TYPE2PARAM, ERR_R_MALLOC_FAILURE);
goto ecerr;
}
@ -134,8 +134,7 @@ static EC_KEY *eckey_type2param(int ptype, const void *pval,
* type == V_ASN1_OBJECT => the parameters are given by an asn1 OID
*/
group = EC_GROUP_new_by_curve_name_with_libctx(libctx, propq,
OBJ_obj2nid(poid));
group = EC_GROUP_new_by_curve_name_ex(libctx, propq, OBJ_obj2nid(poid));
if (group == NULL)
goto ecerr;
EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE);
@ -206,10 +205,8 @@ static int eckey_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
return -2;
}
static int eckey_priv_decode_with_libctx(EVP_PKEY *pkey,
const PKCS8_PRIV_KEY_INFO *p8,
OPENSSL_CTX *libctx,
const char *propq)
static int eckey_priv_decode_ex(EVP_PKEY *pkey, const PKCS8_PRIV_KEY_INFO *p8,
OPENSSL_CTX *libctx, const char *propq)
{
const unsigned char *p = NULL;
const void *pval;
@ -744,7 +741,7 @@ static int ec_pkey_import_from(const OSSL_PARAM params[], void *vpctx)
{
EVP_PKEY_CTX *pctx = vpctx;
EVP_PKEY *pkey = EVP_PKEY_CTX_get0_pkey(pctx);
EC_KEY *ec = EC_KEY_new_with_libctx(pctx->libctx, pctx->propquery);
EC_KEY *ec = EC_KEY_new_ex(pctx->libctx, pctx->propquery);
if (ec == NULL) {
ERR_raise(ERR_LIB_DH, ERR_R_MALLOC_FAILURE);
@ -808,7 +805,7 @@ const EVP_PKEY_ASN1_METHOD eckey_asn1_meth = {
ec_pkey_dirty_cnt,
ec_pkey_export_to,
ec_pkey_import_from,
eckey_priv_decode_with_libctx
eckey_priv_decode_ex
};
#if !defined(OPENSSL_NO_SM2)

12
crypto/ec/ec_curve.c
View File

@ -3197,8 +3197,8 @@ static EC_GROUP *ec_group_new_from_data(OPENSSL_CTX *libctx,
/* If no curve data curve method must handle everything */
if (curve.data == NULL)
return ec_group_new_with_libctx(libctx, propq,
curve.meth != NULL ? curve.meth() : NULL);
return ec_group_new_ex(libctx, propq,
curve.meth != NULL ? curve.meth() : NULL);
if ((ctx = BN_CTX_new_ex(libctx)) == NULL) {
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_MALLOC_FAILURE);
@ -3220,7 +3220,7 @@ static EC_GROUP *ec_group_new_from_data(OPENSSL_CTX *libctx,
if (curve.meth != 0) {
meth = curve.meth();
if (((group = ec_group_new_with_libctx(libctx, propq, meth)) == NULL) ||
if (((group = ec_group_new_ex(libctx, propq, meth)) == NULL) ||
(!(group->meth->group_set_curve(group, p, a, b, ctx)))) {
ECerr(EC_F_EC_GROUP_NEW_FROM_DATA, ERR_R_EC_LIB);
goto err;
@ -3290,8 +3290,8 @@ static EC_GROUP *ec_group_new_from_data(OPENSSL_CTX *libctx,
return group;
}
EC_GROUP *EC_GROUP_new_by_curve_name_with_libctx(OPENSSL_CTX *libctx,
const char *propq, int nid)
EC_GROUP *EC_GROUP_new_by_curve_name_ex(OPENSSL_CTX *libctx, const char *propq,
int nid)
{
EC_GROUP *ret = NULL;
const ec_list_element *curve;
@ -3311,7 +3311,7 @@ EC_GROUP *EC_GROUP_new_by_curve_name_with_libctx(OPENSSL_CTX *libctx,
#ifndef FIPS_MODULE
EC_GROUP *EC_GROUP_new_by_curve_name(int nid)
{
return EC_GROUP_new_by_curve_name_with_libctx(NULL, NULL, nid);
return EC_GROUP_new_by_curve_name_ex(NULL, NULL, nid);
}
#endif

4
crypto/ec/ec_cvt.c
View File

@ -54,7 +54,7 @@ EC_GROUP *EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a,
meth = EC_GFp_mont_method();
#endif
ret = ec_group_new_with_libctx(bn_get_lib_ctx(ctx), NULL, meth);
ret = ec_group_new_ex(bn_get_lib_ctx(ctx), NULL, meth);
if (ret == NULL)
return NULL;
@ -75,7 +75,7 @@ EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a,
meth = EC_GF2m_simple_method();
ret = ec_group_new_with_libctx(bn_get_lib_ctx(ctx), NULL, meth);
ret = ec_group_new_ex(bn_get_lib_ctx(ctx), NULL, meth);
if (ret == NULL)
return NULL;

15
crypto/ec/ec_key.c
View File

@ -34,18 +34,18 @@ EC_KEY *EC_KEY_new(void)
}
#endif
EC_KEY *EC_KEY_new_with_libctx(OPENSSL_CTX *ctx, const char *propq)
EC_KEY *EC_KEY_new_ex(OPENSSL_CTX *ctx, const char *propq)
{
return ec_key_new_method_int(ctx, propq, NULL);
}
EC_KEY *EC_KEY_new_by_curve_name_with_libctx(OPENSSL_CTX *ctx,
const char *propq, int nid)
EC_KEY *EC_KEY_new_by_curve_name_ex(OPENSSL_CTX *ctx, const char *propq,
int nid)
{
EC_KEY *ret = EC_KEY_new_with_libctx(ctx, propq);
EC_KEY *ret = EC_KEY_new_ex(ctx, propq);
if (ret == NULL)
return NULL;
ret->group = EC_GROUP_new_by_curve_name_with_libctx(ctx, propq, nid);
ret->group = EC_GROUP_new_by_curve_name_ex(ctx, propq, nid);
if (ret->group == NULL) {
EC_KEY_free(ret);
return NULL;
@ -61,7 +61,7 @@ EC_KEY *EC_KEY_new_by_curve_name_with_libctx(OPENSSL_CTX *ctx,
#ifndef FIPS_MODULE
EC_KEY *EC_KEY_new_by_curve_name(int nid)
{
return EC_KEY_new_by_curve_name_with_libctx(NULL, NULL, nid);
return EC_KEY_new_by_curve_name_ex(NULL, NULL, nid);
}
#endif
@ -122,8 +122,7 @@ EC_KEY *EC_KEY_copy(EC_KEY *dest, const EC_KEY *src)
if (src->group != NULL) {
/* clear the old group */
EC_GROUP_free(dest->group);
dest->group = ec_group_new_with_libctx(src->libctx, src->propq,
src->group->meth);
dest->group = ec_group_new_ex(src->libctx, src->propq, src->group->meth);
if (dest->group == NULL)
return NULL;
if (!EC_GROUP_copy(dest->group, src->group))

13
crypto/ec/ec_lib.c
View File

@ -26,8 +26,8 @@
/* functions for EC_GROUP objects */
EC_GROUP *ec_group_new_with_libctx(OPENSSL_CTX *libctx, const char *propq,
const EC_METHOD *meth)
EC_GROUP *ec_group_new_ex(OPENSSL_CTX *libctx, const char *propq,
const EC_METHOD *meth)
{
EC_GROUP *ret;
@ -81,7 +81,7 @@ EC_GROUP *ec_group_new_with_libctx(OPENSSL_CTX *libctx, const char *propq,
# ifndef FIPS_MODULE
EC_GROUP *EC_GROUP_new(const EC_METHOD *meth)
{
return ec_group_new_with_libctx(NULL, NULL, meth);
return ec_group_new_ex(NULL, NULL, meth);
}
# endif
#endif
@ -271,7 +271,7 @@ EC_GROUP *EC_GROUP_dup(const EC_GROUP *a)
if (a == NULL)
return NULL;
if ((t = ec_group_new_with_libctx(a->libctx, a->propq, a->meth)) == NULL)
if ((t = ec_group_new_ex(a->libctx, a->propq, a->meth)) == NULL)
return NULL;
if (!EC_GROUP_copy(t, a))
goto err;
@ -1438,8 +1438,7 @@ static EC_GROUP *ec_group_explicit_to_named(const EC_GROUP *group,
curve_name_nid = NID_secp224r1;
#endif /* !def(OPENSSL_NO_EC_NISTP_64_GCC_128) */
ret_group = EC_GROUP_new_by_curve_name_with_libctx(libctx, propq,
curve_name_nid);
ret_group = EC_GROUP_new_by_curve_name_ex(libctx, propq, curve_name_nid);
if (ret_group == NULL)
goto err;
@ -1522,7 +1521,7 @@ static EC_GROUP *group_new_from_name(const OSSL_PARAM *p,
ECerr(0, EC_R_INVALID_CURVE);
return NULL;
} else {
return EC_GROUP_new_by_curve_name_with_libctx(libctx, propq, nid);
return EC_GROUP_new_by_curve_name_ex(libctx, propq, nid);
}
}
return NULL;

4
crypto/ec/ec_local.h
View File

@ -601,8 +601,8 @@ int ec_group_simple_order_bits(const EC_GROUP *group);
* \param meth EC_METHOD to use
* \return newly created EC_GROUP object or NULL in case of an error.
*/
EC_GROUP *ec_group_new_with_libctx(OPENSSL_CTX *libctx, const char *propq,
const EC_METHOD *meth);
EC_GROUP *ec_group_new_ex(OPENSSL_CTX *libctx, const char *propq,
const EC_METHOD *meth);
#ifdef ECP_NISTZ256_ASM
/** Returns GFp methods using montgomery multiplication, with x86-64 optimized

13
crypto/ec/ecx_meth.c
View File

@ -149,9 +149,8 @@ static int ecx_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
return CRYPTO_memcmp(akey->pubkey, bkey->pubkey, KEYLEN(a)) == 0;
}
static int ecx_priv_decode_with_libctx(EVP_PKEY *pkey,
const PKCS8_PRIV_KEY_INFO *p8,
OPENSSL_CTX *libctx, const char *propq)
static int ecx_priv_decode_ex(EVP_PKEY *pkey, const PKCS8_PRIV_KEY_INFO *p8,
OPENSSL_CTX *libctx, const char *propq)
{
const unsigned char *p;
int plen;
@ -505,7 +504,7 @@ const EVP_PKEY_ASN1_METHOD ecx25519_asn1_meth = {
ecx_pkey_export_to,
x25519_import_from,
ecx_priv_decode_with_libctx
ecx_priv_decode_ex
};
static int x448_import_from(const OSSL_PARAM params[], void *vpctx)
@ -558,7 +557,7 @@ const EVP_PKEY_ASN1_METHOD ecx448_asn1_meth = {
ecx_pkey_export_to,
x448_import_from,
ecx_priv_decode_with_libctx
ecx_priv_decode_ex
};
static int ecd_size25519(const EVP_PKEY *pkey)
@ -684,7 +683,7 @@ const EVP_PKEY_ASN1_METHOD ed25519_asn1_meth = {
ecx_pkey_export_to,
ed25519_import_from,
ecx_priv_decode_with_libctx
ecx_priv_decode_ex
};
static int ed448_import_from(const OSSL_PARAM params[], void *vpctx)
@ -736,7 +735,7 @@ const EVP_PKEY_ASN1_METHOD ed448_asn1_meth = {
ecx_pkey_export_to,
ed448_import_from,
ecx_priv_decode_with_libctx
ecx_priv_decode_ex
};
static int pkey_ecx_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)

9
crypto/evp/digest.c
View File

@ -82,9 +82,8 @@ int EVP_MD_CTX_reset(EVP_MD_CTX *ctx)
}
#ifndef FIPS_MODULE
EVP_MD_CTX *evp_md_ctx_new_with_libctx(EVP_PKEY *pkey,
const ASN1_OCTET_STRING *id,
OPENSSL_CTX *libctx, const char *propq)
EVP_MD_CTX *evp_md_ctx_new_ex(EVP_PKEY *pkey, const ASN1_OCTET_STRING *id,
OPENSSL_CTX *libctx, const char *propq)
{
EVP_MD_CTX *ctx;
EVP_PKEY_CTX *pctx = NULL;
@ -351,8 +350,8 @@ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count)
* Prior to OpenSSL 3.0 EVP_DigestSignUpdate() and
* EVP_DigestVerifyUpdate() were just macros for EVP_DigestUpdate().
* Some code calls EVP_DigestUpdate() directly even when initialised
* with EVP_DigestSignInit_with_libctx() or
* EVP_DigestVerifyInit_with_libctx(), so we detect that and redirect to
* with EVP_DigestSignInit_ex() or
* EVP_DigestVerifyInit_ex(), so we detect that and redirect to
* the correct EVP_Digest*Update() function
*/
if (ctx->pctx->operation == EVP_PKEY_OP_SIGNCTX)

10
crypto/evp/evp_pkey.c
View File

@ -18,8 +18,8 @@
/* Extract a private key from a PKCS8 structure */
EVP_PKEY *EVP_PKCS82PKEY_with_libctx(const PKCS8_PRIV_KEY_INFO *p8,
OPENSSL_CTX *libctx, const char *propq)
EVP_PKEY *EVP_PKCS82PKEY_ex(const PKCS8_PRIV_KEY_INFO *p8, OPENSSL_CTX *libctx,
const char *propq)
{
EVP_PKEY *pkey = NULL;
const ASN1_OBJECT *algoid;
@ -40,8 +40,8 @@ EVP_PKEY *EVP_PKCS82PKEY_with_libctx(const PKCS8_PRIV_KEY_INFO *p8,
goto error;
}
if (pkey->ameth->priv_decode_with_libctx != NULL) {
if (!pkey->ameth->priv_decode_with_libctx(pkey, p8, libctx, propq))
if (pkey->ameth->priv_decode_ex != NULL) {
if (!pkey->ameth->priv_decode_ex(pkey, p8, libctx, propq))
goto error;
} else if (pkey->ameth->priv_decode != NULL) {
if (!pkey->ameth->priv_decode(pkey, p8)) {
@ -62,7 +62,7 @@ EVP_PKEY *EVP_PKCS82PKEY_with_libctx(const PKCS8_PRIV_KEY_INFO *p8,
EVP_PKEY *EVP_PKCS82PKEY(const PKCS8_PRIV_KEY_INFO *p8)
{
return EVP_PKCS82PKEY_with_libctx(p8, NULL, NULL);
return EVP_PKCS82PKEY_ex(p8, NULL, NULL);
}
/* Turn a private key into a PKCS8 structure */

14
crypto/evp/m_sigver.c
View File

@ -310,10 +310,9 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
return ret > 0 ? 1 : 0;
}
int EVP_DigestSignInit_with_libctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const char *mdname,
OPENSSL_CTX *libctx, const char *props,
EVP_PKEY *pkey)
int EVP_DigestSignInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const char *mdname, OPENSSL_CTX *libctx,
const char *props, EVP_PKEY *pkey)
{
return do_sigver_init(ctx, pctx, NULL, mdname, libctx, props, NULL, pkey, 0);
}
@ -324,10 +323,9 @@ int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
return do_sigver_init(ctx, pctx, type, NULL, NULL, NULL, e, pkey, 0);
}
int EVP_DigestVerifyInit_with_libctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const char *mdname,
OPENSSL_CTX *libctx, const char *props,
EVP_PKEY *pkey)
int EVP_DigestVerifyInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const char *mdname, OPENSSL_CTX *libctx,
const char *props, EVP_PKEY *pkey)
{
return do_sigver_init(ctx, pctx, NULL, mdname, libctx, props, NULL, pkey, 1);
}

13
crypto/evp/p5_crpt2.c
View File

@ -19,11 +19,10 @@
#include "crypto/evp.h"
#include "evp_local.h"
int pkcs5_pbkdf2_hmac_with_libctx(const char *pass, int passlen,
const unsigned char *salt, int saltlen,
int iter, const EVP_MD *digest, int keylen,
unsigned char *out,
OPENSSL_CTX *libctx, const char *propq)
int pkcs5_pbkdf2_hmac_ex(const char *pass, int passlen,
const unsigned char *salt, int saltlen, int iter,
const EVP_MD *digest, int keylen, unsigned char *out,
OPENSSL_CTX *libctx, const char *propq)
{
const char *empty = "";
int rv = 1, mode = 1;
@ -84,8 +83,8 @@ int PKCS5_PBKDF2_HMAC(const char *pass, int passlen, const unsigned char *salt,
int saltlen, int iter, const EVP_MD *digest, int keylen,
unsigned char *out)
{
return pkcs5_pbkdf2_hmac_with_libctx(pass, passlen, salt, saltlen, iter,
digest, keylen, out, NULL, NULL);
return pkcs5_pbkdf2_hmac_ex(pass, passlen, salt, saltlen, iter, digest,
keylen, out, NULL, NULL);
}

25
crypto/evp/p_lib.c
View File

@ -450,11 +450,10 @@ static EVP_PKEY *new_raw_key_int(OPENSSL_CTX *libctx,
return pkey;
}
EVP_PKEY *EVP_PKEY_new_raw_private_key_with_libctx(OPENSSL_CTX *libctx,
const char *keytype,
const char *propq,
const unsigned char *priv,
size_t len)
EVP_PKEY *EVP_PKEY_new_raw_private_key_ex(OPENSSL_CTX *libctx,
const char *keytype,
const char *propq,
const unsigned char *priv, size_t len)
{
return new_raw_key_int(libctx, keytype, propq, EVP_PKEY_NONE, NULL, priv,
len, 1);
@ -467,11 +466,9 @@ EVP_PKEY *EVP_PKEY_new_raw_private_key(int type, ENGINE *e,
return new_raw_key_int(NULL, NULL, NULL, type, e, priv, len, 1);
}
EVP_PKEY *EVP_PKEY_new_raw_public_key_with_libctx(OPENSSL_CTX *libctx,
const char *keytype,
const char *propq,
const unsigned char *pub,
size_t len)
EVP_PKEY *EVP_PKEY_new_raw_public_key_ex(OPENSSL_CTX *libctx,
const char *keytype, const char *propq,
const unsigned char *pub, size_t len)
{
return new_raw_key_int(libctx, keytype, propq, EVP_PKEY_NONE, NULL, pub,
len, 0);
@ -636,11 +633,9 @@ static EVP_PKEY *new_cmac_key_int(const unsigned char *priv, size_t len,
# endif
}
EVP_PKEY *EVP_PKEY_new_CMAC_key_with_libctx(const unsigned char *priv,
size_t len,
const char *cipher_name,
OPENSSL_CTX *libctx,
const char *propq)
EVP_PKEY *EVP_PKEY_new_CMAC_key_ex(const unsigned char *priv, size_t len,
const char *cipher_name, OPENSSL_CTX *libctx,
const char *propq)
{
return new_cmac_key_int(priv, len, cipher_name, NULL, libctx, propq, NULL);
}

8
crypto/evp/p_sign.c
View File

@ -14,9 +14,9 @@
#include <openssl/x509.h>
#include "crypto/evp.h"
int EVP_SignFinal_with_libctx(EVP_MD_CTX *ctx, unsigned char *sigret,
unsigned int *siglen, EVP_PKEY *pkey,
OPENSSL_CTX *libctx, const char *propq)
int EVP_SignFinal_ex(EVP_MD_CTX *ctx, unsigned char *sigret,
unsigned int *siglen, EVP_PKEY *pkey, OPENSSL_CTX *libctx,
const char *propq)
{
unsigned char m[EVP_MAX_MD_SIZE];
unsigned int m_len = 0;
@ -65,5 +65,5 @@ int EVP_SignFinal_with_libctx(EVP_MD_CTX *ctx, unsigned char *sigret,
int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
unsigned int *siglen, EVP_PKEY *pkey)
{
return EVP_SignFinal_with_libctx(ctx, sigret, siglen, pkey, NULL, NULL);
return EVP_SignFinal_ex(ctx, sigret, siglen, pkey, NULL, NULL);
}

8
crypto/evp/p_verify.c
View File

@ -14,9 +14,9 @@
#include <openssl/x509.h>
#include "crypto/evp.h"
int EVP_VerifyFinal_with_libctx(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
unsigned int siglen, EVP_PKEY *pkey,
OPENSSL_CTX *libctx, const char *propq)
int EVP_VerifyFinal_ex(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
unsigned int siglen, EVP_PKEY *pkey, OPENSSL_CTX *libctx,
const char *propq)
{
unsigned char m[EVP_MAX_MD_SIZE];
unsigned int m_len = 0;
@ -59,5 +59,5 @@ int EVP_VerifyFinal_with_libctx(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
int EVP_VerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
unsigned int siglen, EVP_PKEY *pkey)
{
return EVP_VerifyFinal_with_libctx(ctx, sigbuf, siglen, pkey, NULL, NULL);
return EVP_VerifyFinal_ex(ctx, sigbuf, siglen, pkey, NULL, NULL);
}

21
crypto/pem/pem_info.c
View File

@ -25,9 +25,8 @@
#ifndef OPENSSL_NO_STDIO
STACK_OF(X509_INFO)
*PEM_X509_INFO_read_with_libctx(FILE *fp, STACK_OF(X509_INFO) *sk,
pem_password_cb *cb, void *u,
OPENSSL_CTX *libctx, const char *propq)
*PEM_X509_INFO_read_ex(FILE *fp, STACK_OF(X509_INFO) *sk, pem_password_cb *cb,
void *u, OPENSSL_CTX *libctx, const char *propq)
{
BIO *b;
STACK_OF(X509_INFO) *ret;
@ -37,7 +36,7 @@ STACK_OF(X509_INFO)
return 0;
}
BIO_set_fp(b, fp, BIO_NOCLOSE);
ret = PEM_X509_INFO_read_bio_with_libctx(b, sk, cb, u, libctx, propq);
ret = PEM_X509_INFO_read_bio_ex(b, sk, cb, u, libctx, propq);
BIO_free(b);
return ret;
}
@ -45,14 +44,14 @@ STACK_OF(X509_INFO)
STACK_OF(X509_INFO) *PEM_X509_INFO_read(FILE *fp, STACK_OF(X509_INFO) *sk,
pem_password_cb *cb, void *u)
{
return PEM_X509_INFO_read_with_libctx(fp, sk, cb, u, NULL, NULL);
return PEM_X509_INFO_read_ex(fp, sk, cb, u, NULL, NULL);
}
#endif
STACK_OF(X509_INFO)
*PEM_X509_INFO_read_bio_with_libctx(BIO *bp, STACK_OF(X509_INFO) *sk,
pem_password_cb *cb, void *u,
OPENSSL_CTX *libctx, const char *propq)
*PEM_X509_INFO_read_bio_ex(BIO *bp, STACK_OF(X509_INFO) *sk,
pem_password_cb *cb, void *u, OPENSSL_CTX *libctx,
const char *propq)
{
X509_INFO *xi = NULL;
char *name = NULL, *header = NULL;
@ -98,7 +97,7 @@ STACK_OF(X509_INFO)
goto err;
goto start;
}
xi->x509 = X509_new_with_libctx(libctx, propq);
xi->x509 = X509_new_ex(libctx, propq);
if (xi->x509 == NULL)
goto err;
pp = &(xi->x509);
@ -111,7 +110,7 @@ STACK_OF(X509_INFO)
goto err;
goto start;
}
xi->x509 = X509_new_with_libctx(libctx, propq);
xi->x509 = X509_new_ex(libctx, propq);
if (xi->x509 == NULL)
goto err;
pp = &(xi->x509);
@ -268,7 +267,7 @@ STACK_OF(X509_INFO)
STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio(BIO *bp, STACK_OF(X509_INFO) *sk,
pem_password_cb *cb, void *u)
{
return PEM_X509_INFO_read_bio_with_libctx(bp, sk, cb, u, NULL, NULL);
return PEM_X509_INFO_read_bio_ex(bp, sk, cb, u, NULL, NULL);
}
/* A TJH addition */

2
crypto/pkcs7/pk7_asn1.c
View File

@ -83,7 +83,7 @@ PKCS7 *PKCS7_new(void)
return (PKCS7 *)ASN1_item_new(ASN1_ITEM_rptr(PKCS7));
}
PKCS7 *PKCS7_new_with_libctx(OPENSSL_CTX *libctx, const char *propq)
PKCS7 *PKCS7_new_ex(OPENSSL_CTX *libctx, const char *propq)
{
PKCS7 *pkcs7 = PKCS7_new();

13
crypto/pkcs7/pk7_doit.c
View File

@ -847,8 +847,8 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio)
if (abuf == NULL)
goto err;
if (!EVP_SignFinal_with_libctx(ctx_tmp, abuf, &abuflen, si->pkey,
p7_ctx->libctx, p7_ctx->propq)) {
if (!EVP_SignFinal_ex(ctx_tmp, abuf, &abuflen, si->pkey,
p7_ctx->libctx, p7_ctx->propq)) {
OPENSSL_free(abuf);
PKCS7err(PKCS7_F_PKCS7_DATAFINAL, ERR_R_EVP_LIB);
goto err;
@ -919,9 +919,8 @@ int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si)
goto err;
}
if (EVP_DigestSignInit_with_libctx(mctx, &pctx,
EVP_MD_name(md), ctx->libctx, ctx->propq,
si->pkey) <= 0)
if (EVP_DigestSignInit_ex(mctx, &pctx, EVP_MD_name(md), ctx->libctx,
ctx->propq, si->pkey) <= 0)
goto err;
/*
@ -1171,8 +1170,8 @@ int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
goto err;
}
i = EVP_VerifyFinal_with_libctx(mdc_tmp, os->data, os->length, pkey,
ctx->libctx, ctx->propq);
i = EVP_VerifyFinal_ex(mdc_tmp, os->data, os->length, pkey, ctx->libctx,
ctx->propq);
if (i <= 0) {
PKCS7err(PKCS7_F_PKCS7_SIGNATUREVERIFY, PKCS7_R_SIGNATURE_FAILURE);
ret = -1;

9
crypto/pkcs7/pk7_mime.c
View File

@ -40,11 +40,10 @@ int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags)
flags ^= SMIME_OLDMIME;
return SMIME_write_ASN1_with_libctx(bio, (ASN1_VALUE *)p7, data, flags,
ctype_nid, NID_undef, mdalgs,
ASN1_ITEM_rptr(PKCS7),
pkcs7_ctx_get0_libctx(ctx),
pkcs7_ctx_get0_propq(ctx));
return SMIME_write_ASN1_ex(bio, (ASN1_VALUE *)p7, data, flags, ctype_nid,
NID_undef, mdalgs, ASN1_ITEM_rptr(PKCS7),
pkcs7_ctx_get0_libctx(ctx),
pkcs7_ctx_get0_propq(ctx));
}
PKCS7 *SMIME_read_PKCS7_ex(BIO *bio, BIO **bcont, PKCS7 **p7)

22
crypto/pkcs7/pk7_smime.c
View File

@ -20,14 +20,14 @@
static int pkcs7_copy_existing_digest(PKCS7 *p7, PKCS7_SIGNER_INFO *si);
PKCS7 *PKCS7_sign_with_libctx(X509 *signcert, EVP_PKEY *pkey,
STACK_OF(X509) *certs, BIO *data, int flags,
OPENSSL_CTX *libctx, const char *propq)
PKCS7 *PKCS7_sign_ex(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
BIO *data, int flags, OPENSSL_CTX *libctx,
const char *propq)
{
PKCS7 *p7;
int i;
if ((p7 = PKCS7_new_with_libctx(libctx, propq)) == NULL) {
if ((p7 = PKCS7_new_ex(libctx, propq)) == NULL) {
PKCS7err(0, ERR_R_MALLOC_FAILURE);
return NULL;
}
@ -67,7 +67,7 @@ PKCS7 *PKCS7_sign_with_libctx(X509 *signcert, EVP_PKEY *pkey,
PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
BIO *data, int flags)
{
return PKCS7_sign_with_libctx(signcert, pkey, certs, data, flags, NULL, NULL);
return PKCS7_sign_ex(signcert, pkey, certs, data, flags, NULL, NULL);
}
@ -268,7 +268,7 @@ int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
/* Now verify the certificates */
p7_ctx = pkcs7_get0_ctx(p7);
cert_ctx = X509_STORE_CTX_new_with_libctx(p7_ctx->libctx, p7_ctx->propq);
cert_ctx = X509_STORE_CTX_new_ex(p7_ctx->libctx, p7_ctx->propq);
if (cert_ctx == NULL)
goto err;
if (!(flags & PKCS7_NOVERIFY))
@ -443,16 +443,16 @@ STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs,
/* Build a complete PKCS#7 enveloped data */
PKCS7 *PKCS7_encrypt_with_libctx(STACK_OF(X509) *certs, BIO *in,
const EVP_CIPHER *cipher, int flags,
OPENSSL_CTX *libctx, const char *propq)
PKCS7 *PKCS7_encrypt_ex(STACK_OF(X509) *certs, BIO *in,
const EVP_CIPHER *cipher, int flags,
OPENSSL_CTX *libctx, const char *propq)
{
PKCS7 *p7;
BIO *p7bio = NULL;
int i;
X509 *x509;
if ((p7 = PKCS7_new_with_libctx(libctx, propq)) == NULL) {
if ((p7 = PKCS7_new_ex(libctx, propq)) == NULL) {
PKCS7err(0, ERR_R_MALLOC_FAILURE);
return NULL;
}
@ -489,7 +489,7 @@ PKCS7 *PKCS7_encrypt_with_libctx(STACK_OF(X509) *certs, BIO *in,
PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher,
int flags)
{
return PKCS7_encrypt_with_libctx(certs, in, cipher, flags, NULL, NULL);
return PKCS7_encrypt_ex(certs, in, cipher, flags, NULL, NULL);
}

12
crypto/rsa/rsa_local.h
View File

@ -196,12 +196,10 @@ int rsa_fips186_4_gen_prob_primes(RSA *rsa, RSA_ACVP_TEST *test,
int nbits, const BIGNUM *e, BN_CTX *ctx,
BN_GENCB *cb);
int rsa_padding_add_SSLv23_with_libctx(OPENSSL_CTX *libctx, unsigned char *to,
int tlen, const unsigned char *from,
int flen);
int rsa_padding_add_PKCS1_type_2_with_libctx(OPENSSL_CTX *libctx,
unsigned char *to, int tlen,
const unsigned char *from,
int flen);
int rsa_padding_add_SSLv23_ex(OPENSSL_CTX *libctx, unsigned char *to, int tlen,
const unsigned char *from, int flen);
int rsa_padding_add_PKCS1_type_2_ex(OPENSSL_CTX *libctx, unsigned char *to,
int tlen, const unsigned char *from,
int flen);
#endif /* OSSL_CRYPTO_RSA_LOCAL_H */

22
crypto/rsa/rsa_oaep.c
View File

@ -40,9 +40,8 @@ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
const unsigned char *from, int flen,
const unsigned char *param, int plen)
{
return rsa_padding_add_PKCS1_OAEP_mgf1_with_libctx(NULL, to, tlen, from,
flen, param, plen, NULL,
NULL);
return rsa_padding_add_PKCS1_OAEP_mgf1_ex(NULL, to, tlen, from, flen, param,
plen, NULL, NULL);
}
/*
@ -52,13 +51,11 @@ int RSA_padding_add_PKCS1_OAEP(unsigned char *to, int tlen,
* Step numbers are included here but not in the constant time inverse below
* to avoid complicating an already difficult enough function.
*/
int rsa_padding_add_PKCS1_OAEP_mgf1_with_libctx(OPENSSL_CTX *libctx,
unsigned char *to, int tlen,
const unsigned char *from,
int flen,
const unsigned char *param,
int plen, const EVP_MD *md,
const EVP_MD *mgf1md)
int rsa_padding_add_PKCS1_OAEP_mgf1_ex(OPENSSL_CTX *libctx, unsigned char *to,
int tlen, const unsigned char *from,
int flen, const unsigned char *param,
int plen, const EVP_MD *md,
const EVP_MD *mgf1md)
{
int rv = 0;
int i, emlen = tlen - 1;
@ -141,9 +138,8 @@ int RSA_padding_add_PKCS1_OAEP_mgf1(unsigned char *to, int tlen,
const unsigned char *param, int plen,
const EVP_MD *md, const EVP_MD *mgf1md)
{
return rsa_padding_add_PKCS1_OAEP_mgf1_with_libctx(NULL, to, tlen, from,
flen, param, plen, md,
mgf1md);
return rsa_padding_add_PKCS1_OAEP_mgf1_ex(NULL, to, tlen, from, flen, param,
plen, md, mgf1md);
}
int RSA_padding_check_PKCS1_OAEP(unsigned char *to, int tlen,

11
crypto/rsa/rsa_ossl.c
View File

@ -111,18 +111,15 @@ static int rsa_ossl_public_encrypt(int flen, const unsigned char *from,
switch (padding) {
case RSA_PKCS1_PADDING:
i = rsa_padding_add_PKCS1_type_2_with_libctx(rsa->libctx, buf, num,
from, flen);
i = rsa_padding_add_PKCS1_type_2_ex(rsa->libctx, buf, num, from, flen);
break;
case RSA_PKCS1_OAEP_PADDING:
i = rsa_padding_add_PKCS1_OAEP_mgf1_with_libctx(rsa->libctx, buf, num,
from, flen, NULL, 0,
NULL, NULL);
i = rsa_padding_add_PKCS1_OAEP_mgf1_ex(rsa->libctx, buf, num, from,
flen, NULL, 0, NULL, NULL);
break;
#ifndef FIPS_MODULE
case RSA_SSLV23_PADDING:
i = rsa_padding_add_SSLv23_with_libctx(rsa->libctx, buf, num, from,
flen);
i = rsa_padding_add_SSLv23_ex(rsa->libctx, buf, num, from, flen);
break;
#endif
case RSA_NO_PADDING:

9
crypto/rsa/rsa_pk1.c
View File

@ -124,10 +124,9 @@ int RSA_padding_check_PKCS1_type_1(unsigned char *to, int tlen,
return j;
}
int rsa_padding_add_PKCS1_type_2_with_libctx(OPENSSL_CTX *libctx,
unsigned char *to, int tlen,
const unsigned char *from,
int flen)
int rsa_padding_add_PKCS1_type_2_ex(OPENSSL_CTX *libctx, unsigned char *to,
int tlen, const unsigned char *from,
int flen)
{
int i, j;
unsigned char *p;
@ -165,7 +164,7 @@ int rsa_padding_add_PKCS1_type_2_with_libctx(OPENSSL_CTX *libctx,
int RSA_padding_add_PKCS1_type_2(unsigned char *to, int tlen,
const unsigned char *from, int flen)
{
return rsa_padding_add_PKCS1_type_2_with_libctx(NULL, to, tlen, from, flen);
return rsa_padding_add_PKCS1_type_2_ex(NULL, to, tlen, from, flen);
}
int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,

7
crypto/rsa/rsa_ssl.c
View File

@ -21,9 +21,8 @@
#include "internal/constant_time.h"
#include "rsa_local.h"
int rsa_padding_add_SSLv23_with_libctx(OPENSSL_CTX *libctx, unsigned char *to,
int tlen, const unsigned char *from,
int flen)
int rsa_padding_add_SSLv23_ex(OPENSSL_CTX *libctx, unsigned char *to, int tlen,
const unsigned char *from, int flen)
{
int i, j;
unsigned char *p;
@ -63,7 +62,7 @@ int rsa_padding_add_SSLv23_with_libctx(OPENSSL_CTX *libctx, unsigned char *to,
int RSA_padding_add_SSLv23(unsigned char *to, int tlen,
const unsigned char *from, int flen)
{
return rsa_padding_add_SSLv23_with_libctx(NULL, to, tlen, from, flen);
return rsa_padding_add_SSLv23_ex(NULL, to, tlen, from, flen);
}
/*

19
crypto/store/store_lib.c
View File

@ -32,11 +32,10 @@
static int ossl_store_close_it(OSSL_STORE_CTX *ctx);
OSSL_STORE_CTX *
OSSL_STORE_open_with_libctx(const char *uri,
OPENSSL_CTX *libctx, const char *propq,
const UI_METHOD *ui_method, void *ui_data,
OSSL_STORE_post_process_info_fn post_process,
void *post_process_data)
OSSL_STORE_open_ex(const char *uri, OPENSSL_CTX *libctx, const char *propq,
const UI_METHOD *ui_method, void *ui_data,
OSSL_STORE_post_process_info_fn post_process,
void *post_process_data)
{
const OSSL_STORE_LOADER *loader = NULL;
OSSL_STORE_LOADER *fetched_loader = NULL;
@ -85,9 +84,9 @@ OSSL_STORE_open_with_libctx(const char *uri,
OSSL_TRACE1(STORE, "Looking up scheme %s\n", schemes[i]);
#ifndef OPENSSL_NO_DEPRECATED_3_0
if ((loader = ossl_store_get0_loader_int(schemes[i])) != NULL) {
if (loader->open_with_libctx != NULL)
loader_ctx = loader->open_with_libctx(loader, uri, libctx, propq,
ui_method, ui_data);
if (loader->open_ex != NULL)
loader_ctx = loader->open_ex(loader, uri, libctx, propq,
ui_method, ui_data);
else
loader_ctx = loader->open(loader, uri, ui_method, ui_data);
}
@ -187,8 +186,8 @@ OSSL_STORE_CTX *OSSL_STORE_open(const char *uri,
OSSL_STORE_post_process_info_fn post_process,
void *post_process_data)
{
return OSSL_STORE_open_with_libctx(uri, NULL, NULL, ui_method, ui_data,
post_process, post_process_data);
return OSSL_STORE_open_ex(uri, NULL, NULL, ui_method, ui_data, post_process,
post_process_data);
}
#ifndef OPENSSL_NO_DEPRECATED_3_0

2
crypto/store/store_local.h
View File

@ -93,7 +93,7 @@ struct ossl_store_loader_st {
OSSL_STORE_eof_fn eof;
OSSL_STORE_error_fn error;
OSSL_STORE_close_fn close;
OSSL_STORE_open_with_libctx_fn open_with_libctx;
OSSL_STORE_open_ex_fn open_ex;
#endif
/* Provider stuff */

8
crypto/store/store_register.c
View File

@ -70,11 +70,11 @@ int OSSL_STORE_LOADER_set_open(OSSL_STORE_LOADER *loader,
return 1;
}
int OSSL_STORE_LOADER_set_open_with_libctx
int OSSL_STORE_LOADER_set_open_ex
(OSSL_STORE_LOADER *loader,
OSSL_STORE_open_with_libctx_fn open_with_libctx_function)
OSSL_STORE_open_ex_fn open_ex_function)
{
loader->open_with_libctx = open_with_libctx_function;
loader->open_ex = open_ex_function;
return 1;
}
@ -222,7 +222,7 @@ const OSSL_STORE_LOADER *ossl_store_get0_loader_int(const char *scheme)
template.load = NULL;
template.eof = NULL;
template.close = NULL;
template.open_with_libctx = NULL;
template.open_ex = NULL;
if (!ossl_store_init_once())
return NULL;

2
crypto/store/store_result.c
View File

@ -335,7 +335,7 @@ static EVP_PKEY *try_key_value_legacy(struct extracted_param_data_st *data,
p8info = d2i_PKCS8_PRIV_KEY_INFO(NULL, &derp, der_len);
RESET_ERR_MARK();
if (p8info != NULL) {
pk = EVP_PKCS82PKEY_with_libctx(p8info, libctx, propq);
pk = EVP_PKCS82PKEY_ex(p8info, libctx, propq);
PKCS8_PRIV_KEY_INFO_free(p8info);
}
}

0
crypto/trace.c Executable file → Normal file
View File

28
crypto/x509/by_dir.c
View File

@ -47,12 +47,9 @@ static void free_dir(X509_LOOKUP *lu);
static int add_cert_dir(BY_DIR *ctx, const char *dir, int type);
static int get_cert_by_subject(X509_LOOKUP *xl, X509_LOOKUP_TYPE type,
const X509_NAME *name, X509_OBJECT *ret);
static int get_cert_by_subject_with_libctx(X509_LOOKUP *xl,
X509_LOOKUP_TYPE type,
const X509_NAME *name,
X509_OBJECT *ret,
OPENSSL_CTX *libctx,
const char *propq);
static int get_cert_by_subject_ex(X509_LOOKUP *xl, X509_LOOKUP_TYPE type,
const X509_NAME *name, X509_OBJECT *ret,
OPENSSL_CTX *libctx, const char *propq);
static X509_LOOKUP_METHOD x509_dir_lookup = {
"Load certs from files in a directory",
new_dir, /* new_item */
@ -64,8 +61,8 @@ static X509_LOOKUP_METHOD x509_dir_lookup = {
NULL, /* get_by_issuer_serial */
NULL, /* get_by_fingerprint */
NULL, /* get_by_alias */
get_cert_by_subject_with_libctx, /* get_by_subject_with_libctx */
NULL, /* ctrl_with_libctx */
get_cert_by_subject_ex, /* get_by_subject_ex */
NULL, /* ctrl_ex */
};
X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void)
@ -217,12 +214,9 @@ static int add_cert_dir(BY_DIR *ctx, const char *dir, int type)
return 1;
}
static int get_cert_by_subject_with_libctx(X509_LOOKUP *xl,
X509_LOOKUP_TYPE type,
const X509_NAME *name,
X509_OBJECT *ret,
OPENSSL_CTX *libctx,
const char *propq)
static int get_cert_by_subject_ex(X509_LOOKUP *xl, X509_LOOKUP_TYPE type,
const X509_NAME *name, X509_OBJECT *ret,
OPENSSL_CTX *libctx, const char *propq)
{
BY_DIR *ctx;
union {
@ -327,8 +321,8 @@ static int get_cert_by_subject_with_libctx(X509_LOOKUP *xl,
#endif
/* found one. */
if (type == X509_LU_X509) {
if ((X509_load_cert_file_with_libctx(xl, b->data, ent->dir_type,
libctx, propq)) == 0)
if ((X509_load_cert_file_ex(xl, b->data, ent->dir_type, libctx,
propq)) == 0)
break;
} else if (type == X509_LU_CRL) {
if ((X509_load_crl_file(xl, b->data, ent->dir_type)) == 0)
@ -406,5 +400,5 @@ static int get_cert_by_subject_with_libctx(X509_LOOKUP *xl,
static int get_cert_by_subject(X509_LOOKUP *xl, X509_LOOKUP_TYPE type,
const X509_NAME *name, X509_OBJECT *ret)
{
return get_cert_by_subject_with_libctx(xl, type, name, ret, NULL, NULL);
return get_cert_by_subject_ex(xl, type, name, ret, NULL, NULL);
}

53
crypto/x509/by_file.c
View File

@ -19,9 +19,9 @@
static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc,
long argl, char **ret);
static int by_file_ctrl_with_libctx(X509_LOOKUP *ctx, int cmd,
const char *argc, long argl, char **ret,
OPENSSL_CTX *libctx, const char *propq);
static int by_file_ctrl_ex(X509_LOOKUP *ctx, int cmd, const char *argc,
long argl, char **ret, OPENSSL_CTX *libctx,
const char *propq);
static X509_LOOKUP_METHOD x509_file_lookup = {
@ -35,8 +35,8 @@ static X509_LOOKUP_METHOD x509_file_lookup = {
NULL, /* get_by_issuer_serial */
NULL, /* get_by_fingerprint */
NULL, /* get_by_alias */
NULL, /* get_by_subject_with_libctx */
by_file_ctrl_with_libctx, /* ctrl_with_libctx */
NULL, /* get_by_subject_ex */
by_file_ctrl_ex, /* ctrl_ex */
};
X509_LOOKUP_METHOD *X509_LOOKUP_file(void)
@ -44,9 +44,9 @@ X509_LOOKUP_METHOD *X509_LOOKUP_file(void)
return &x509_file_lookup;
}
static int by_file_ctrl_with_libctx(X509_LOOKUP *ctx, int cmd,
const char *argp, long argl, char **ret,
OPENSSL_CTX *libctx, const char *propq)
static int by_file_ctrl_ex(X509_LOOKUP *ctx, int cmd, const char *argp,
long argl, char **ret, OPENSSL_CTX *libctx,
const char *propq)
{
int ok = 0;
const char *file;
@ -56,12 +56,11 @@ static int by_file_ctrl_with_libctx(X509_LOOKUP *ctx, int cmd,
if (argl == X509_FILETYPE_DEFAULT) {
file = ossl_safe_getenv(X509_get_default_cert_file_env());
if (file)
ok = (X509_load_cert_crl_file_with_libctx(ctx, file,
X509_FILETYPE_PEM,
libctx, propq) != 0);
ok = (X509_load_cert_crl_file_ex(ctx, file, X509_FILETYPE_PEM,
libctx, propq) != 0);
else
ok = (X509_load_cert_crl_file_with_libctx(
ok = (X509_load_cert_crl_file_ex(
ctx, X509_get_default_cert_file(),
X509_FILETYPE_PEM, libctx, propq) != 0);
@ -70,12 +69,11 @@ static int by_file_ctrl_with_libctx(X509_LOOKUP *ctx, int cmd,
}
} else {
if (argl == X509_FILETYPE_PEM)
ok = (X509_load_cert_crl_file_with_libctx(ctx, argp,
X509_FILETYPE_PEM,
libctx, propq) != 0);
ok = (X509_load_cert_crl_file_ex(ctx, argp, X509_FILETYPE_PEM,
libctx, propq) != 0);
else
ok = (X509_load_cert_file_with_libctx(ctx, argp, (int)argl,
libctx, propq) != 0);
ok = (X509_load_cert_file_ex(ctx, argp, (int)argl, libctx,
propq) != 0);
}
break;
}
@ -85,11 +83,11 @@ static int by_file_ctrl_with_libctx(X509_LOOKUP *ctx, int cmd,
static int by_file_ctrl(X509_LOOKUP *ctx, int cmd,
const char *argp, long argl, char **ret)
{
return by_file_ctrl_with_libctx(ctx, cmd, argp, argl, ret, NULL, NULL);
return by_file_ctrl_ex(ctx, cmd, argp, argl, ret, NULL, NULL);
}
int X509_load_cert_file_with_libctx(X509_LOOKUP *ctx, const char *file, int type,
OPENSSL_CTX *libctx, const char *propq)
int X509_load_cert_file_ex(X509_LOOKUP *ctx, const char *file, int type,
OPENSSL_CTX *libctx, const char *propq)
{
int ret = 0;
BIO *in = NULL;
@ -107,7 +105,7 @@ int X509_load_cert_file_with_libctx(X509_LOOKUP *ctx, const char *file, int type
X509err(0, X509_R_BAD_X509_FILETYPE);
goto err;
}
x = X509_new_with_libctx(libctx, propq);
x = X509_new_ex(libctx, propq);
if (x == NULL) {
X509err(0, ERR_R_MALLOC_FAILURE);
goto err;
@ -153,7 +151,7 @@ int X509_load_cert_file_with_libctx(X509_LOOKUP *ctx, const char *file, int type
int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type)
{
return X509_load_cert_file_with_libctx(ctx, file, type, NULL, NULL);
return X509_load_cert_file_ex(ctx, file, type, NULL, NULL);
}
int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type)
@ -213,9 +211,8 @@ int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type)
return ret;
}
int X509_load_cert_crl_file_with_libctx(X509_LOOKUP *ctx, const char *file,
int type, OPENSSL_CTX *libctx,
const char *propq)
int X509_load_cert_crl_file_ex(X509_LOOKUP *ctx, const char *file, int type,
OPENSSL_CTX *libctx, const char *propq)
{
STACK_OF(X509_INFO) *inf;
X509_INFO *itmp;
@ -223,13 +220,13 @@ int X509_load_cert_crl_file_with_libctx(X509_LOOKUP *ctx, const char *file,
int i, count = 0;
if (type != X509_FILETYPE_PEM)
return X509_load_cert_file_with_libctx(ctx, file, type, libctx, propq);
return X509_load_cert_file_ex(ctx, file, type, libctx, propq);
in = BIO_new_file(file, "r");
if (!in) {
X509err(0, ERR_R_SYS_LIB);
return 0;
}
inf = PEM_X509_INFO_read_bio_with_libctx(in, NULL, NULL, "", libctx, propq);
inf = PEM_X509_INFO_read_bio_ex(in, NULL, NULL, "", libctx, propq);
BIO_free(in);
if (!inf) {
X509err(0, ERR_R_PEM_LIB);
@ -257,6 +254,6 @@ int X509_load_cert_crl_file_with_libctx(X509_LOOKUP *ctx, const char *file,
int X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type)
{
return X509_load_cert_crl_file_with_libctx(ctx, file, type, NULL, NULL);
return X509_load_cert_crl_file_ex(ctx, file, type, NULL, NULL);
}

24
crypto/x509/by_store.c
View File

@ -21,8 +21,7 @@ static int cache_objects(X509_LOOKUP *lctx, const char *uri,
OSSL_STORE_CTX *ctx = NULL;
X509_STORE *xstore = X509_LOOKUP_get_store(lctx);
if ((ctx = OSSL_STORE_open_with_libctx(uri, libctx, propq,
NULL, NULL, NULL, NULL)) == NULL)
if ((ctx = OSSL_STORE_open_ex(uri, libctx, propq, NULL, NULL, NULL, NULL)) == NULL)
return 0;
/*
@ -105,10 +104,9 @@ static void by_store_free(X509_LOOKUP *ctx)
sk_OPENSSL_STRING_pop_free(uris, free_uri);
}
static int by_store_ctrl_with_libctx(X509_LOOKUP *ctx, int cmd,
const char *argp, long argl,
char **retp,
OPENSSL_CTX *libctx, const char *propq)
static int by_store_ctrl_ex(X509_LOOKUP *ctx, int cmd, const char *argp,
long argl, char **retp, OPENSSL_CTX *libctx,
const char *propq)
{
switch (cmd) {
case X509_L_ADD_STORE:
@ -138,7 +136,7 @@ static int by_store_ctrl_with_libctx(X509_LOOKUP *ctx, int cmd,
static int by_store_ctrl(X509_LOOKUP *ctx, int cmd,
const char *argp, long argl, char **retp)
{
return by_store_ctrl_with_libctx(ctx, cmd, argp, argl, retp, NULL, NULL);
return by_store_ctrl_ex(ctx, cmd, argp, argl, retp, NULL, NULL);
}
static int by_store(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
@ -159,9 +157,9 @@ static int by_store(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
return ok;
}
static int by_store_subject_with_libctx(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
const X509_NAME *name, X509_OBJECT *ret,
OPENSSL_CTX *libctx, const char *propq)
static int by_store_subject_ex(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
const X509_NAME *name, X509_OBJECT *ret,
OPENSSL_CTX *libctx, const char *propq)
{
OSSL_STORE_SEARCH *criterion =
OSSL_STORE_SEARCH_by_name((X509_NAME *)name); /* won't modify it */
@ -216,7 +214,7 @@ static int by_store_subject_with_libctx(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
static int by_store_subject(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
const X509_NAME *name, X509_OBJECT *ret)
{
return by_store_subject_with_libctx(ctx, type, name, ret, NULL, NULL);
return by_store_subject_ex(ctx, type, name, ret, NULL, NULL);
}
/*
@ -236,8 +234,8 @@ static X509_LOOKUP_METHOD x509_store_lookup = {
NULL, /* get_by_issuer_serial */
NULL, /* get_by_fingerprint */
NULL, /* get_by_alias */
by_store_subject_with_libctx,
by_store_ctrl_with_libctx
by_store_subject_ex,
by_store_ctrl_ex
};
X509_LOOKUP_METHOD *X509_LOOKUP_store(void)

41
crypto/x509/x509_d2.c
View File

@ -12,17 +12,15 @@
#include <openssl/crypto.h>
#include <openssl/x509.h>
int X509_STORE_set_default_paths_with_libctx(X509_STORE *ctx,
OPENSSL_CTX *libctx,
const char *propq)
int X509_STORE_set_default_paths_ex(X509_STORE *ctx, OPENSSL_CTX *libctx,
const char *propq)
{
X509_LOOKUP *lookup;
lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_file());
if (lookup == NULL)
return 0;
X509_LOOKUP_load_file_with_libctx(lookup, NULL, X509_FILETYPE_DEFAULT,
libctx, propq);
X509_LOOKUP_load_file_ex(lookup, NULL, X509_FILETYPE_DEFAULT, libctx, propq);
lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_hash_dir());
if (lookup == NULL)
@ -32,7 +30,7 @@ int X509_STORE_set_default_paths_with_libctx(X509_STORE *ctx,
lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_store());
if (lookup == NULL)
return 0;
X509_LOOKUP_add_store_with_libctx(lookup, NULL, libctx, propq);
X509_LOOKUP_add_store_ex(lookup, NULL, libctx, propq);
/* clear any errors */
ERR_clear_error();
@ -41,18 +39,18 @@ int X509_STORE_set_default_paths_with_libctx(X509_STORE *ctx,
}
int X509_STORE_set_default_paths(X509_STORE *ctx)
{
return X509_STORE_set_default_paths_with_libctx(ctx, NULL, NULL);
return X509_STORE_set_default_paths_ex(ctx, NULL, NULL);
}
int X509_STORE_load_file_with_libctx(X509_STORE *ctx, const char *file,
OPENSSL_CTX *libctx, const char *propq)
int X509_STORE_load_file_ex(X509_STORE *ctx, const char *file,
OPENSSL_CTX *libctx, const char *propq)
{
X509_LOOKUP *lookup;
if (file == NULL
|| (lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_file())) == NULL
|| X509_LOOKUP_load_file_with_libctx(lookup, file, X509_FILETYPE_PEM,
libctx, propq) == 0)
|| X509_LOOKUP_load_file_ex(lookup, file, X509_FILETYPE_PEM, libctx,
propq) == 0)
return 0;
return 1;
@ -60,7 +58,7 @@ int X509_STORE_load_file_with_libctx(X509_STORE *ctx, const char *file,
int X509_STORE_load_file(X509_STORE *ctx, const char *file)
{
return X509_STORE_load_file_with_libctx(ctx, file, NULL, NULL);
return X509_STORE_load_file_ex(ctx, file, NULL, NULL);
}
int X509_STORE_load_path(X509_STORE *ctx, const char *path)
@ -75,14 +73,14 @@ int X509_STORE_load_path(X509_STORE *ctx, const char *path)
return 1;
}
int X509_STORE_load_store_with_libctx(X509_STORE *ctx, const char *uri,
OPENSSL_CTX *libctx, const char *propq)
int X509_STORE_load_store_ex(X509_STORE *ctx, const char *uri,
OPENSSL_CTX *libctx, const char *propq)
{
X509_LOOKUP *lookup;
if (uri == NULL
|| (lookup = X509_STORE_add_lookup(ctx, X509_LOOKUP_store())) == NULL
|| X509_LOOKUP_add_store_with_libctx(lookup, uri, libctx, propq) == 0)
|| X509_LOOKUP_add_store_ex(lookup, uri, libctx, propq) == 0)
return 0;
return 1;
@ -90,17 +88,16 @@ int X509_STORE_load_store_with_libctx(X509_STORE *ctx, const char *uri,
int X509_STORE_load_store(X509_STORE *ctx, const char *uri)
{
return X509_STORE_load_store_with_libctx(ctx, uri, NULL, NULL);
return X509_STORE_load_store_ex(ctx, uri, NULL, NULL);
}
int X509_STORE_load_locations_with_libctx(X509_STORE *ctx, const char *file,
const char *path,
OPENSSL_CTX *libctx, const char *propq)
int X509_STORE_load_locations_ex(X509_STORE *ctx, const char *file,
const char *path, OPENSSL_CTX *libctx,
const char *propq)
{
if (file == NULL && path == NULL)
return 0;
if (file != NULL && !X509_STORE_load_file_with_libctx(ctx, file,
libctx, propq))
if (file != NULL && !X509_STORE_load_file_ex(ctx, file, libctx, propq))
return 0;
if (path != NULL && !X509_STORE_load_path(ctx, path))
return 0;
@ -110,5 +107,5 @@ int X509_STORE_load_locations_with_libctx(X509_STORE *ctx, const char *file,
int X509_STORE_load_locations(X509_STORE *ctx, const char *file,
const char *path)
{
return X509_STORE_load_locations_with_libctx(ctx, file, path, NULL, NULL);
return X509_STORE_load_locations_ex(ctx, file, path, NULL, NULL);
}

4
crypto/x509/x509_local.h
View File

@ -90,10 +90,10 @@ struct x509_lookup_method_st {
X509_OBJECT *ret);
int (*get_by_alias) (X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
const char *str, int len, X509_OBJECT *ret);
int (*get_by_subject_with_libctx) (X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
int (*get_by_subject_ex) (X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
const X509_NAME *name, X509_OBJECT *ret,
OPENSSL_CTX *libctx, const char *propq);
int (*ctrl_with_libctx) (X509_LOOKUP *ctx, int cmd,
int (*ctrl_ex) (X509_LOOKUP *ctx, int cmd,
const char *argc, long argl, char **ret,
OPENSSL_CTX *libctx, const char *propq);
};

32
crypto/x509/x509_lu.c
View File

@ -71,15 +71,13 @@ int X509_LOOKUP_shutdown(X509_LOOKUP *ctx)
return 1;
}
int X509_LOOKUP_ctrl_with_libctx(X509_LOOKUP *ctx, int cmd, const char *argc,
long argl, char **ret,
OPENSSL_CTX *libctx, const char *propq)
int X509_LOOKUP_ctrl_ex(X509_LOOKUP *ctx, int cmd, const char *argc, long argl,
char **ret, OPENSSL_CTX *libctx, const char *propq)
{
if (ctx->method == NULL)
return -1;
if (ctx->method->ctrl_with_libctx != NULL)
return ctx->method->ctrl_with_libctx(ctx, cmd, argc, argl, ret,
libctx, propq);
if (ctx->method->ctrl_ex != NULL)
return ctx->method->ctrl_ex(ctx, cmd, argc, argl, ret, libctx, propq);
if (ctx->method->ctrl != NULL)
return ctx->method->ctrl(ctx, cmd, argc, argl, ret);
return 1;
@ -88,21 +86,21 @@ int X509_LOOKUP_ctrl_with_libctx(X509_LOOKUP *ctx, int cmd, const char *argc,
int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl,
char **ret)
{
return X509_LOOKUP_ctrl_with_libctx(ctx, cmd, argc, argl, ret, NULL, NULL);
return X509_LOOKUP_ctrl_ex(ctx, cmd, argc, argl, ret, NULL, NULL);
}
int X509_LOOKUP_by_subject_with_libctx(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
const X509_NAME *name, X509_OBJECT *ret,
OPENSSL_CTX *libctx, const char *propq)
int X509_LOOKUP_by_subject_ex(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
const X509_NAME *name, X509_OBJECT *ret,
OPENSSL_CTX *libctx, const char *propq)
{
if (ctx->skip
|| ctx->method == NULL
|| (ctx->method->get_by_subject == NULL
&& ctx->method->get_by_subject_with_libctx == NULL))
&& ctx->method->get_by_subject_ex == NULL))
return 0;
if (ctx->method->get_by_subject_with_libctx != NULL)
return ctx->method->get_by_subject_with_libctx(ctx, type, name, ret,
libctx, propq);
if (ctx->method->get_by_subject_ex != NULL)
return ctx->method->get_by_subject_ex(ctx, type, name, ret, libctx,
propq);
else
return ctx->method->get_by_subject(ctx, type, name, ret);
}
@ -110,7 +108,7 @@ int X509_LOOKUP_by_subject_with_libctx(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
const X509_NAME *name, X509_OBJECT *ret)
{
return X509_LOOKUP_by_subject_with_libctx(ctx, type, name, ret, NULL, NULL);
return X509_LOOKUP_by_subject_ex(ctx, type, name, ret, NULL, NULL);
}
int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
@ -330,8 +328,8 @@ int X509_STORE_CTX_get_by_subject(const X509_STORE_CTX *vs,
if (tmp == NULL || type == X509_LU_CRL) {
for (i = 0; i < sk_X509_LOOKUP_num(store->get_cert_methods); i++) {
lu = sk_X509_LOOKUP_value(store->get_cert_methods, i);
j = X509_LOOKUP_by_subject_with_libctx(lu, type, name, &stmp,
vs->libctx, vs->propq);
j = X509_LOOKUP_by_subject_ex(lu, type, name, &stmp, vs->libctx,
vs->propq);
if (j) {
tmp = &stmp;
break;

5
crypto/x509/x509_vfy.c
View File

@ -2316,8 +2316,7 @@ int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
return 1;
}
X509_STORE_CTX *X509_STORE_CTX_new_with_libctx(OPENSSL_CTX *libctx,
const char *propq)
X509_STORE_CTX *X509_STORE_CTX_new_ex(OPENSSL_CTX *libctx, const char *propq)
{
X509_STORE_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx));
@ -2341,7 +2340,7 @@ X509_STORE_CTX *X509_STORE_CTX_new_with_libctx(OPENSSL_CTX *libctx,
X509_STORE_CTX *X509_STORE_CTX_new(void)
{
return X509_STORE_CTX_new_with_libctx(NULL, NULL);
return X509_STORE_CTX_new_ex(NULL, NULL);
}

23
crypto/x509/x_all.c
View File

@ -32,23 +32,22 @@ int X509_verify(X509 *a, EVP_PKEY *r)
if (X509_ALGOR_cmp(&a->sig_alg, &a->cert_info.signature))
return 0;
return ASN1_item_verify_with_libctx(ASN1_ITEM_rptr(X509_CINF), &a->sig_alg,
&a->signature, &a->cert_info,
a->distinguishing_id, r,
a->libctx, a->propq);
return ASN1_item_verify_ex(ASN1_ITEM_rptr(X509_CINF), &a->sig_alg,
&a->signature, &a->cert_info,
a->distinguishing_id, r, a->libctx, a->propq);
}
int X509_REQ_verify_with_libctx(X509_REQ *a, EVP_PKEY *r, OPENSSL_CTX *libctx,
const char *propq)
int X509_REQ_verify_ex(X509_REQ *a, EVP_PKEY *r, OPENSSL_CTX *libctx,
const char *propq)
{
return ASN1_item_verify_with_libctx(ASN1_ITEM_rptr(X509_REQ_INFO),
&a->sig_alg, a->signature, &a->req_info,
a->distinguishing_id, r, libctx, propq);
return ASN1_item_verify_ex(ASN1_ITEM_rptr(X509_REQ_INFO), &a->sig_alg,
a->signature, &a->req_info, a->distinguishing_id,
r, libctx, propq);
}
int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r)
{
return X509_REQ_verify_with_libctx(a, r, NULL, NULL);
return X509_REQ_verify_ex(a, r, NULL, NULL);
}
int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r)
@ -403,8 +402,8 @@ int X509_digest(const X509 *cert, const EVP_MD *md, unsigned char *data,
memcpy(data, cert->sha1_hash, sizeof(cert->sha1_hash));
return 1;
}
return (asn1_item_digest_with_libctx(ASN1_ITEM_rptr(X509), md, (char *)cert,
data, len, cert->libctx, cert->propq));
return (asn1_item_digest_ex(ASN1_ITEM_rptr(X509), md, (char *)cert, data,
len, cert->libctx, cert->propq));
}
/* calculate cert digest using the same hash algorithm as in its signature */

4
crypto/x509/x_x509.c
View File

@ -132,7 +132,7 @@ int i2d_X509(const X509 *a, unsigned char **out)
/*
* This should only be used if the X509 object was embedded inside another
* asn1 object and it needs a libctx to operate.
* Use X509_new_with_libctx() instead if possible.
* Use X509_new_ex() instead if possible.
*/
int x509_set0_libctx(X509 *x, OPENSSL_CTX *libctx, const char *propq)
{
@ -143,7 +143,7 @@ int x509_set0_libctx(X509 *x, OPENSSL_CTX *libctx, const char *propq)
return 1;
}
X509 *X509_new_with_libctx(OPENSSL_CTX *libctx, const char *propq)
X509 *X509_new_ex(OPENSSL_CTX *libctx, const char *propq)
{
X509 *cert = NULL;

20
doc/man3/CMS_EncryptedData_encrypt.pod
View File

@ -2,16 +2,20 @@
=head1 NAME
CMS_EncryptedData_encrypt_with_libctx, CMS_EncryptedData_encrypt
CMS_EncryptedData_encrypt_ex, CMS_EncryptedData_encrypt
- Create CMS EncryptedData
=head1 SYNOPSIS
#include <openssl/cms.h>
CMS_ContentInfo *CMS_EncryptedData_encrypt_with_libctx(BIO *in,
const EVP_CIPHER *cipher, const unsigned char *key, size_t keylen,
unsigned int flags, OPENSSL_CTX *ctx, const char *propq);
CMS_ContentInfo *CMS_EncryptedData_encrypt_ex(BIO *in,
const EVP_CIPHER *cipher,
const unsigned char *key,
size_t keylen,
unsigned int flags,
OPENSSL_CTX *ctx,
const char *propq);
CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in,
const EVP_CIPHER *cipher, const unsigned char *key, size_t keylen,
@ -19,7 +23,7 @@ CMS_EncryptedData_encrypt_with_libctx, CMS_EncryptedData_encrypt
=head1 DESCRIPTION
CMS_EncryptedData_encrypt_with_libctx() creates a B<CMS_ContentInfo> structure
CMS_EncryptedData_encrypt_ex() creates a B<CMS_ContentInfo> structure
with a type B<NID_pkcs7_encrypted>. I<in> is a BIO containing the data to
encrypt using I<cipher> and the encryption key I<key> of size I<keylen> bytes.
The library context I<libctx> and the property query I<propq> are used when
@ -34,13 +38,13 @@ its parameters.
The B<CMS_ContentInfo> structure can be freed using L<CMS_ContentInfo_free(3)>.
CMS_EncryptedData_encrypt() is similar to CMS_EncryptedData_encrypt_with_libctx()
CMS_EncryptedData_encrypt() is similar to CMS_EncryptedData_encrypt_ex()
but uses default values of NULL for the library context I<libctx> and the
property query I<propq>.
=head1 RETURN VALUES
If the allocation fails, CMS_EncryptedData_encrypt_with_libctx() and
If the allocation fails, CMS_EncryptedData_encrypt_ex() and
CMS_EncryptedData_encrypt() return NULL and set an error code that can be
obtained by L<ERR_get_error(3)>. Otherwise they return a pointer to the newly
allocated structure.
@ -51,7 +55,7 @@ L<ERR_get_error(3)>, L<CMS_final(3)>, L<CMS_EncryptedData_decrypt(3)>
head1 HISTORY
The CMS_EncryptedData_encrypt_with_libctx() method was added in OpenSSL 3.0.
The CMS_EncryptedData_encrypt_ex() method was added in OpenSSL 3.0.
=head1 COPYRIGHT

24
doc/man3/CMS_EnvelopedData_create.pod
View File

@ -2,8 +2,8 @@
=head1 NAME
CMS_EnvelopedData_create_with_libctx, CMS_EnvelopedData_create,
CMS_AuthEnvelopedData_create, CMS_AuthEnvelopedData_create_with_libctx
CMS_EnvelopedData_create_ex, CMS_EnvelopedData_create,
CMS_AuthEnvelopedData_create, CMS_AuthEnvelopedData_create_ex
- Create CMS envelope
=head1 SYNOPSIS
@ -11,25 +11,23 @@ CMS_AuthEnvelopedData_create, CMS_AuthEnvelopedData_create_with_libctx
#include <openssl/cms.h>
CMS_ContentInfo *
CMS_EnvelopedData_create_with_libctx(const EVP_CIPHER *cipher,
OPENSSL_CTX *libctx,
const char *propq);
CMS_EnvelopedData_create_ex(const EVP_CIPHER *cipher, OPENSSL_CTX *libctx,
const char *propq);
CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher);
CMS_ContentInfo *
CMS_AuthEnvelopedData_create_with_libctx(const EVP_CIPHER *cipher,
OPENSSL_CTX *libctx,
const char *propq);
CMS_AuthEnvelopedData_create_ex(const EVP_CIPHER *cipher, OPENSSL_CTX *libctx,
const char *propq);
CMS_ContentInfo *CMS_AuthEnvelopedData_create(const EVP_CIPHER *cipher);
=head1 DESCRIPTION
CMS_EnvelopedData_create_with_libctx() creates a B<CMS_ContentInfo> structure
CMS_EnvelopedData_create_ex() creates a B<CMS_ContentInfo> structure
with a type B<NID_pkcs7_enveloped>. I<cipher> is the symmetric cipher to use.
The library context I<libctx> and the property query I<propq> are used when
retrieving algorithms from providers.
CMS_AuthEnvelopedData_create_with_libctx() creates a B<CMS_ContentInfo>
CMS_AuthEnvelopedData_create_ex() creates a B<CMS_ContentInfo>
structure with a type B<NID_id_smime_ct_authEnvelopedData>. B<cipher> is the
symmetric AEAD cipher to use. Currently only AES variants with GCM mode are
supported. The library context I<libctx> and the property query I<propq> are
@ -45,8 +43,8 @@ The B<CMS_ContentInfo> structure needs to be finalized using L<CMS_final(3)>
and then freed using L<CMS_ContentInfo_free(3)>.
CMS_EnvelopedData_create() and CMS_AuthEnvelopedData_create are similar to
CMS_EnvelopedData_create_with_libctx() and
CMS_AuthEnvelopedData_create_with_libctx() but use default values of NULL for
CMS_EnvelopedData_create_ex() and
CMS_AuthEnvelopedData_create_ex() but use default values of NULL for
the library context I<libctx> and the property query I<propq>.
=head1 NOTES
@ -68,7 +66,7 @@ L<ERR_get_error(3)>, L<CMS_encrypt(3)>, L<CMS_decrypt(3)>, L<CMS_final(3)>
head1 HISTORY
The CMS_EnvelopedData_create_with_libctx() method was added in OpenSSL 3.0.
The CMS_EnvelopedData_create_ex() method was added in OpenSSL 3.0.
=head1 COPYRIGHT

15
doc/man3/CMS_data_create.pod
View File

@ -2,21 +2,20 @@
=head1 NAME
CMS_data_create_with_libctx, CMS_data_create
CMS_data_create_ex, CMS_data_create
- Create CMS Data object
=head1 SYNOPSIS
#include <openssl/cms.h>
CMS_ContentInfo *CMS_data_create_with_libctx(BIO *in, unsigned int flags,
OPENSSL_CTX *libctx,
const char *propq);
CMS_ContentInfo *CMS_data_create_ex(BIO *in, unsigned int flags,
OPENSSL_CTX *libctx, const char *propq);
CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags);
=head1 DESCRIPTION
CMS_data_create_with_libctx() creates a B<CMS_ContentInfo> structure
CMS_data_create_ex() creates a B<CMS_ContentInfo> structure
with a type B<NID_pkcs7_data>. The data is supplied via the I<in> BIO.
The library context I<libctx> and the property query I<propq> are used when
retrieving algorithms from providers. The I<flags> field supports the
@ -25,13 +24,13 @@ specified.
The B<CMS_ContentInfo> structure can be freed using L<CMS_ContentInfo_free(3)>.
CMS_data_create() is similar to CMS_data_create_with_libctx()
CMS_data_create() is similar to CMS_data_create_ex()
but uses default values of NULL for the library context I<libctx> and the
property query I<propq>.
=head1 RETURN VALUES
If the allocation fails, CMS_data_create_with_libctx() and CMS_data_create()
If the allocation fails, CMS_data_create_ex() and CMS_data_create()
return NULL and set an error code that can be obtained by L<ERR_get_error(3)>.
Otherwise they return a pointer to the newly allocated structure.
@ -41,7 +40,7 @@ L<ERR_get_error(3)>, L<CMS_final(3)>
head1 HISTORY
The CMS_data_create_with_libctx() method was added in OpenSSL 3.0.
The CMS_data_create_ex() method was added in OpenSSL 3.0.
=head1 COPYRIGHT

16
doc/man3/CMS_digest_create.pod
View File

@ -2,23 +2,23 @@
=head1 NAME
CMS_digest_create_with_libctx, CMS_digest_create
CMS_digest_create_ex, CMS_digest_create
- Create CMS DigestedData object
=head1 SYNOPSIS
#include <openssl/cms.h>
CMS_ContentInfo *CMS_digest_create_with_libctx(BIO *in,
const EVP_MD *md, unsigned int flags,
OPENSSL_CTX *ctx, const char *propq);
CMS_ContentInfo *CMS_digest_create_ex(BIO *in, const EVP_MD *md,
unsigned int flags, OPENSSL_CTX *ctx,
const char *propq);
CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md,
unsigned int flags);
=head1 DESCRIPTION
CMS_digest_create_with_libctx() creates a B<CMS_ContentInfo> structure
CMS_digest_create_ex() creates a B<CMS_ContentInfo> structure
with a type B<NID_pkcs7_digest>. The data supplied via the I<in> BIO is digested
using I<md>. The library context I<libctx> and the property query I<propq> are
used when retrieving algorithms from providers.
@ -27,14 +27,14 @@ Internally CMS_final() is called unless B<CMS_STREAM> is specified.
The B<CMS_ContentInfo> structure can be freed using L<CMS_ContentInfo_free(3)>.
CMS_digest_create() is similar to CMS_digest_create_with_libctx()
CMS_digest_create() is similar to CMS_digest_create_ex()
but uses default values of NULL for the library context I<libctx> and the
property query I<propq>.
=head1 RETURN VALUES
If the allocation fails, CMS_digest_create_with_libctx() and CMS_digest_create()
If the allocation fails, CMS_digest_create_ex() and CMS_digest_create()
return NULL and set an error code that can be obtained by L<ERR_get_error(3)>.
Otherwise they return a pointer to the newly allocated structure.
@ -44,7 +44,7 @@ L<ERR_get_error(3)>, L<CMS_final(3)>>
head1 HISTORY
The CMS_digest_create_with_libctx() method was added in OpenSSL 3.0.
The CMS_digest_create_ex() method was added in OpenSSL 3.0.
=head1 COPYRIGHT

18
doc/man3/CMS_encrypt.pod
View File

@ -2,23 +2,21 @@
=head1 NAME
CMS_encrypt_with_libctx, CMS_encrypt - create a CMS envelopedData structure
CMS_encrypt_ex, CMS_encrypt - create a CMS envelopedData structure
=head1 SYNOPSIS
#include <openssl/cms.h>
CMS_ContentInfo *CMS_encrypt_with_libctx(STACK_OF(X509) *certs,
BIO *in, const EVP_CIPHER *cipher,
unsigned int flags,
OPENSSL_CTX *libctx,
const char *propq);
CMS_ContentInfo *CMS_encrypt_ex(STACK_OF(X509) *certs, BIO *in,
const EVP_CIPHER *cipher, unsigned int flags,
OPENSSL_CTX *libctx, const char *propq);
CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *in,
const EVP_CIPHER *cipher, unsigned int flags);
=head1 DESCRIPTION
CMS_encrypt_with_libctx() creates and returns a CMS EnvelopedData or
CMS_encrypt_ex() creates and returns a CMS EnvelopedData or
AuthEnvelopedData structure. I<certs> is a list of recipient certificates.
I<in> is the content to be encrypted. I<cipher> is the symmetric cipher to use.
I<flags> is an optional set of flags. The library context I<libctx> and the
@ -85,12 +83,12 @@ and CMS_add0_recipient_key().
The parameter B<certs> may be NULL if B<CMS_PARTIAL> is set and recipients
added later using CMS_add1_recipient_cert() or CMS_add0_recipient_key().
CMS_encrypt() is similar to CMS_encrypt_with_libctx() but uses default values
CMS_encrypt() is similar to CMS_encrypt_ex() but uses default values
of NULL for the library context I<libctx> and the property query I<propq>.
=head1 RETURN VALUES
CMS_encrypt_with_libctx() and CMS_encrypt() return either a CMS_ContentInfo
CMS_encrypt_ex() and CMS_encrypt() return either a CMS_ContentInfo
structure or NULL if an error occurred. The error can be obtained from
ERR_get_error(3).
@ -100,7 +98,7 @@ L<ERR_get_error(3)>, L<CMS_decrypt(3)>
=head1 HISTORY
The function CMS_encrypt_with_libctx() was added in OpenSSL 3.0.
The function CMS_encrypt_ex() was added in OpenSSL 3.0.
The B<CMS_STREAM> flag was first supported in OpenSSL 1.0.0.

12
doc/man3/CMS_get1_ReceiptRequest.pod
View File

@ -2,7 +2,7 @@
=head1 NAME
CMS_ReceiptRequest_create0_with_libctx, CMS_ReceiptRequest_create0,
CMS_ReceiptRequest_create0_ex, CMS_ReceiptRequest_create0,
CMS_add1_ReceiptRequest, CMS_get1_ReceiptRequest, CMS_ReceiptRequest_get0_values
- CMS signed receipt request functions
@ -10,7 +10,7 @@ CMS_add1_ReceiptRequest, CMS_get1_ReceiptRequest, CMS_ReceiptRequest_get0_values
#include <openssl/cms.h>
CMS_ReceiptRequest *CMS_ReceiptRequest_create0_with_libctx(
CMS_ReceiptRequest *CMS_ReceiptRequest_create0_ex(
unsigned char *id, int idlen, int allorfirst,
STACK_OF(GENERAL_NAMES) *receiptList, STACK_OF(GENERAL_NAMES) *receiptsTo,
OPENSSL_CTX *libctx, const char *propq);
@ -26,7 +26,7 @@ CMS_add1_ReceiptRequest, CMS_get1_ReceiptRequest, CMS_ReceiptRequest_get0_values
=head1 DESCRIPTION
CMS_ReceiptRequest_create0_with_libctx() creates a signed receipt request
CMS_ReceiptRequest_create0_ex() creates a signed receipt request
structure. The B<signedContentIdentifier> field is set using I<id> and I<idlen>,
or it is set to 32 bytes of pseudo random data if I<id> is NULL.
If I<receiptList> is NULL the allOrFirstTier option in I<receiptsFrom> is used
@ -36,7 +36,7 @@ parameter specifies the I<receiptsTo> field value. The library context I<libctx>
and the property query I<propq> are used when retrieving algorithms from providers.
CMS_ReceiptRequest_create0() is similar to
CMS_ReceiptRequest_create0_with_libctx() but uses default values of NULL for the
CMS_ReceiptRequest_create0_ex() but uses default values of NULL for the
library context I<libctx> and the property query I<propq>.
The CMS_add1_ReceiptRequest() function adds a signed receipt request B<rr>
@ -61,7 +61,7 @@ CMS_verify().
=head1 RETURN VALUES
CMS_ReceiptRequest_create0_with_libctx() and CMS_ReceiptRequest_create0() return
CMS_ReceiptRequest_create0_ex() and CMS_ReceiptRequest_create0() return
a signed receipt request structure or NULL if an error occurred.
CMS_add1_ReceiptRequest() returns 1 for success or 0 if an error occurred.
@ -78,7 +78,7 @@ L<CMS_verify_receipt(3)>
=head1 HISTORY
The function CMS_ReceiptRequest_create0_with_libctx() was added in OpenSSL 3.0.
The function CMS_ReceiptRequest_create0_ex() was added in OpenSSL 3.0.
=head1 COPYRIGHT

18
doc/man3/CMS_sign.pod
View File

@ -2,22 +2,22 @@
=head1 NAME
CMS_sign, CMS_sign_with_libctx - create a CMS SignedData structure
CMS_sign, CMS_sign_ex - create a CMS SignedData structure
=head1 SYNOPSIS
#include <openssl/cms.h>
CMS_ContentInfo *CMS_sign_with_libctx(X509 *signcert, EVP_PKEY *pkey,
STACK_OF(X509) *certs, BIO *data,
unsigned int flags,
OPENSSL_CTX *ctx, const char *propq);
CMS_ContentInfo *CMS_sign_ex(X509 *signcert, EVP_PKEY *pkey,
STACK_OF(X509) *certs, BIO *data,
unsigned int flags, OPENSSL_CTX *ctx,
const char *propq);
CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
BIO *data, unsigned int flags);
=head1 DESCRIPTION
CMS_sign_with_libctx() creates and returns a CMS SignedData structure.
CMS_sign_ex() creates and returns a CMS SignedData structure.
I<signcert> is the certificate to sign with, I<pkey> is the corresponding
private key. I<certs> is an optional additional set of certificates to include
in the CMS structure (for example any intermediate CAs in the chain). The
@ -29,7 +29,7 @@ The data to be signed is read from BIO B<data>.
B<flags> is an optional set of flags.
CMS_sign() is similar to CMS_sign_with_libctx() but uses default values of NULL
CMS_sign() is similar to CMS_sign_ex() but uses default values of NULL
for the library context I<libctx> and the property query I<propq>.
=head1 NOTES
@ -115,7 +115,7 @@ Some attributes such as counter signatures are not supported.
=head1 RETURN VALUES
CMS_sign_with_libctx() and CMS_sign() return either a valid CMS_ContentInfo
CMS_sign_ex() and CMS_sign() return either a valid CMS_ContentInfo
structure or NULL if an error occurred. The error can be obtained from
ERR_get_error(3).
@ -128,7 +128,7 @@ L<ERR_get_error(3)>, L<CMS_verify(3)>
The B<CMS_STREAM> flag is only supported for detached data in OpenSSL 0.9.8,
it is supported for embedded data in OpenSSL 1.0.0 and later.
The CMS_sign_with_libctx() method was added in OpenSSL 3.0.
The CMS_sign_ex() method was added in OpenSSL 3.0.
=head1 COPYRIGHT

2
doc/man3/CONF_modules_free.pod
View File

@ -39,7 +39,7 @@ None of the functions return a value.
=head1 SEE ALSO
L<config(5)>, L<OPENSSL_config(3)>,
L<CONF_modules_load_file_with_libctx(3)>
L<CONF_modules_load_file_ex(3)>
=head1 HISTORY

29
doc/man3/CONF_modules_load_file.pod
View File

@ -2,16 +2,15 @@
=head1 NAME
CONF_modules_load_file_with_libctx, CONF_modules_load_file, CONF_modules_load
CONF_modules_load_file_ex, CONF_modules_load_file, CONF_modules_load
- OpenSSL configuration functions
=head1 SYNOPSIS
#include <openssl/conf.h>
int CONF_modules_load_file_with_libctx(OPENSSL_CTX *libctx,
const char *filename,
const char *appname, unsigned long flags);
int CONF_modules_load_file_ex(OPENSSL_CTX *libctx, const char *filename,
const char *appname, unsigned long flags);
int CONF_modules_load_file(const char *filename, const char *appname,
unsigned long flags);
int CONF_modules_load(const CONF *cnf, const char *appname,
@ -19,7 +18,7 @@ CONF_modules_load_file_with_libctx, CONF_modules_load_file, CONF_modules_load
=head1 DESCRIPTION
The function CONF_modules_load_file_with_libctx() configures OpenSSL using
The function CONF_modules_load_file_ex() configures OpenSSL using
library context B<libctx> file B<filename> and application name B<appname>.
If B<filename> is NULL the standard OpenSSL configuration file is used.
If B<appname> is NULL the standard OpenSSL application name B<openssl_conf> is
@ -27,7 +26,7 @@ used.
The behaviour can be customized using B<flags>. Note that, the error suppressing
can be overriden by B<config_diagnostics> as described in L<config(5)>.
CONF_modules_load_file() is the same as CONF_modules_load_file_with_libctx() but
CONF_modules_load_file() is the same as CONF_modules_load_file_ex() but
has a NULL library context.
CONF_modules_load() is identical to CONF_modules_load_file() except it
@ -49,7 +48,7 @@ returns success.
This is used by default in L<OPENSSL_init_crypto(3)> to ignore any errors in
the default system-wide configuration file, as having all OpenSSL applications
fail to start when there are potentially minor issues in the file is too risky.
Applications calling B<CONF_modules_load_file_with_libctx> explicitly should not
Applications calling B<CONF_modules_load_file_ex> explicitly should not
generally set this flag.
If B<CONF_MFLAGS_NO_DSO> is set configuration module loading from DSOs is
@ -62,7 +61,7 @@ return an error.
B<CONF_MFLAGS_DEFAULT_SECTION> if set and B<appname> is not NULL will use the
default section pointed to by B<openssl_conf> if B<appname> does not exist.
By using CONF_modules_load_file_with_libctx() with appropriate flags an
By using CONF_modules_load_file_ex() with appropriate flags an
application can customise application configuration to best suit its needs.
In some cases the use of a configuration file is optional and its absence is not
an error: in this case B<CONF_MFLAGS_IGNORE_MISSING_FILE> would be set.
@ -87,7 +86,7 @@ return value of the failing module (this will always be zero or negative).
Load a configuration file and print out any errors and exit (missing file
considered fatal):
if (CONF_modules_load_file_with_libctx(libctx, NULL, NULL, 0) <= 0) {
if (CONF_modules_load_file_ex(libctx, NULL, NULL, 0) <= 0) {
fprintf(stderr, "FATAL: error loading configuration file\n");
ERR_print_errors_fp(stderr);
exit(1);
@ -96,8 +95,8 @@ considered fatal):
Load default configuration file using the section indicated by "myapp",
tolerate missing files, but exit on other errors:
if (CONF_modules_load_file_with_libctx(NULL, NULL, "myapp",
CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0) {
if (CONF_modules_load_file_ex(NULL, NULL, "myapp",
CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0) {
fprintf(stderr, "FATAL: error loading configuration file\n");
ERR_print_errors_fp(stderr);
exit(1);
@ -106,8 +105,8 @@ tolerate missing files, but exit on other errors:
Load custom configuration file and section, only print warnings on error,
missing configuration file ignored:
if (CONF_modules_load_file_with_libctx(NULL, "/something/app.cnf", "myapp",
CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0) {
if (CONF_modules_load_file_ex(NULL, "/something/app.cnf", "myapp",
CONF_MFLAGS_IGNORE_MISSING_FILE) <= 0) {
fprintf(stderr, "WARNING: error loading configuration file\n");
ERR_print_errors_fp(stderr);
}
@ -123,7 +122,7 @@ Load and parse configuration file manually, custom error handling:
fprintf(stderr, "Error opening configuration file\n");
/* Other missing configuration file behaviour */
} else {
cnf = NCONF_new_with_libctx(libctx, NULL);
cnf = NCONF_new_ex(libctx, NULL);
if (NCONF_load_fp(cnf, fp, &eline) == 0) {
fprintf(stderr, "Error on line %ld of configuration file\n", eline);
ERR_print_errors_fp(stderr);
@ -141,7 +140,7 @@ Load and parse configuration file manually, custom error handling:
L<config(5)>,
L<OPENSSL_config(3)>,
L<NCONF_new_with_libctx(3)>
L<NCONF_new_ex(3)>
=head1 COPYRIGHT

11
doc/man3/CTLOG_STORE_new.pod
View File

@ -2,7 +2,7 @@
=head1 NAME
CTLOG_STORE_new_with_libctx,
CTLOG_STORE_new_ex,
CTLOG_STORE_new, CTLOG_STORE_free,
CTLOG_STORE_load_default_file, CTLOG_STORE_load_file -
Create and populate a Certificate Transparency log list
@ -11,8 +11,7 @@ Create and populate a Certificate Transparency log list
#include <openssl/ct.h>
CTLOG_STORE *CTLOG_STORE_new_with_libctx(OPENSSL_CTX *libctx,
const char *propq);
CTLOG_STORE *CTLOG_STORE_new_ex(OPENSSL_CTX *libctx, const char *propq);
CTLOG_STORE *CTLOG_STORE_new(void);
void CTLOG_STORE_free(CTLOG_STORE *store);
@ -25,10 +24,10 @@ A CTLOG_STORE is a container for a list of CTLOGs (Certificate Transparency
logs). The list can be loaded from one or more files and then searched by LogID
(see RFC 6962, Section 3.2, for the definition of a LogID).
CTLOG_STORE_new_with_libctx() creates an empty list of CT logs associated with
CTLOG_STORE_new_ex() creates an empty list of CT logs associated with
the library context I<libctx> and the property query string I<propq>.
CTLOG_STORE_new() does the same thing as CTLOG_STORE_new_with_libctx() but with
CTLOG_STORE_new() does the same thing as CTLOG_STORE_new_ex() but with
the default library context and property query string.
The CTLOG_STORE is then populated by CTLOG_STORE_load_default_file() or
@ -74,7 +73,7 @@ L<SSL_CTX_set_ctlog_list_file(3)>
=head1 HISTORY
CTLOG_STORE_new_with_libctx was added in OpenSSL 3.0. All other functions were
CTLOG_STORE_new_ex was added in OpenSSL 3.0. All other functions were
added in OpenSSL 1.1.0.
=head1 COPYRIGHT

24
doc/man3/CTLOG_new.pod
View File

@ -2,8 +2,8 @@
=head1 NAME
CTLOG_new_with_libctx, CTLOG_new, CTLOG_new_from_base64,
CTLOG_new_from_base64_with_libctx, CTLOG_free,
CTLOG_new_ex, CTLOG_new, CTLOG_new_from_base64,
CTLOG_new_from_base64_ex, CTLOG_free,
CTLOG_get0_name, CTLOG_get0_log_id, CTLOG_get0_public_key -
encapsulates information about a Certificate Transparency log
@ -11,13 +11,13 @@ encapsulates information about a Certificate Transparency log
#include <openssl/ct.h>
CTLOG *CTLOG_new_with_libctx(EVP_PKEY *public_key, const char *name,
OPENSSL_CTX *libctx, const char *propq);
CTLOG *CTLOG_new_ex(EVP_PKEY *public_key, const char *name,
OPENSSL_CTX *libctx, const char *propq);
CTLOG *CTLOG_new(EVP_PKEY *public_key, const char *name);
int CTLOG_new_from_base64_with_libctx(CTLOG **ct_log, const char *pkey_base64,
const char *name, OPENSSL_CTX *libctx,
const char *propq);
int CTLOG_new_from_base64_ex(CTLOG **ct_log, const char *pkey_base64,
const char *name, OPENSSL_CTX *libctx,
const char *propq);
int CTLOG_new_from_base64(CTLOG ** ct_log,
const char *pkey_base64, const char *name);
void CTLOG_free(CTLOG *log);
@ -28,23 +28,23 @@ encapsulates information about a Certificate Transparency log
=head1 DESCRIPTION
CTLOG_new_with_libctx() returns a new CTLOG that represents the Certificate
CTLOG_new_ex() returns a new CTLOG that represents the Certificate
Transparency (CT) log with the given public key and associates it with the
library context I<libctx> and property query string I<propq>. A name must also
be provided that can be used to help users identify this log. Ownership of the
public key is transferred.
CTLOG_new() does the same thing as CTLOG_new_with_libctx() but with the default
CTLOG_new() does the same thing as CTLOG_new_ex() but with the default
library context and the default property query string.
CTLOG_new_from_base64_with_libctx() also creates a new CTLOG, but takes the
CTLOG_new_from_base64_ex() also creates a new CTLOG, but takes the
public key in base64-encoded DER form and sets the ct_log pointer to point to
the new CTLOG. The base64 will be decoded and the public key parsed. The CTLOG
will be associated with the given library context I<libctx> and property query
string I<propq>.
CTLOG_new_from_base64() does the same thing as
CTLOG_new_from_base64_with_libctx() except that the default library context and
CTLOG_new_from_base64_ex() except that the default library context and
property query string are used.
Regardless of whether CTLOG_new() or CTLOG_new_from_base64() is used, it is the
@ -75,7 +75,7 @@ L<ct(7)>
=head1 HISTORY
The functions CTLOG_new_with_libctx() and CTLOG_new_from_base64_with_libctx()
The functions CTLOG_new_with_libctx() and CTLOG_new_from_base64_ex()
were added in OpenSSL 3.0. All other functions were added in OpenSSL 1.1.0.
=head1 COPYRIGHT

14
doc/man3/CT_POLICY_EVAL_CTX_new.pod
View File

@ -2,7 +2,7 @@
=head1 NAME
CT_POLICY_EVAL_CTX_new_with_libctx,
CT_POLICY_EVAL_CTX_new_ex,
CT_POLICY_EVAL_CTX_new, CT_POLICY_EVAL_CTX_free,
CT_POLICY_EVAL_CTX_get0_cert, CT_POLICY_EVAL_CTX_set1_cert,
CT_POLICY_EVAL_CTX_get0_issuer, CT_POLICY_EVAL_CTX_set1_issuer,
@ -14,8 +14,8 @@ Encapsulates the data required to evaluate whether SCTs meet a Certificate Trans
#include <openssl/ct.h>
CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new_with_libctx(OPENSSL_CTX *libctx,
const char *propq);
CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new_ex(OPENSSL_CTX *libctx,
const char *propq);
CT_POLICY_EVAL_CTX *CT_POLICY_EVAL_CTX_new(void);
void CT_POLICY_EVAL_CTX_free(CT_POLICY_EVAL_CTX *ctx);
X509* CT_POLICY_EVAL_CTX_get0_cert(const CT_POLICY_EVAL_CTX *ctx);
@ -58,12 +58,12 @@ the current time
The above requirements are met using the setters described below.
CT_POLICY_EVAL_CTX_new_with_libctx() creates an empty policy evaluation context
CT_POLICY_EVAL_CTX_new_ex() creates an empty policy evaluation context
and associates it with the given library context I<libctx> and property query
string I<propq>.
CT_POLICY_EVAL_CTX_new() does the same thing as
CT_POLICY_EVAL_CTX_new_with_libctx() except that it uses the default library
CT_POLICY_EVAL_CTX_new_ex() except that it uses the default library
context and property query string.
The CT_POLICY_EVAL_CTX should then be populated using:
@ -116,7 +116,7 @@ found in the TLS SCT extension or OCSP response.
=head1 RETURN VALUES
CT_POLICY_EVAL_CTX_new_with_libctx() and CT_POLICY_EVAL_CTX_new() will return
CT_POLICY_EVAL_CTX_new_ex() and CT_POLICY_EVAL_CTX_new() will return
NULL if malloc fails.
=head1 SEE ALSO
@ -125,7 +125,7 @@ L<ct(7)>
=head1 HISTORY
CT_POLICY_EVAL_CTX_new_with_libctx was added in OpenSSL 3.0. All other
CT_POLICY_EVAL_CTX_new_ex was added in OpenSSL 3.0. All other
functions were added in OpenSSL 1.1.0.
=head1 COPYRIGHT

12
doc/man3/EC_GROUP_new.pod
View File

@ -12,7 +12,7 @@ EC_GROUP_free,
EC_GROUP_clear_free,
EC_GROUP_new_curve_GFp,
EC_GROUP_new_curve_GF2m,
EC_GROUP_new_by_curve_name_with_libctx,
EC_GROUP_new_by_curve_name_ex,
EC_GROUP_new_by_curve_name,
EC_GROUP_set_curve,
EC_GROUP_get_curve,
@ -37,8 +37,8 @@ objects
const BIGNUM *b, BN_CTX *ctx);
EC_GROUP *EC_GROUP_new_curve_GF2m(const BIGNUM *p, const BIGNUM *a,
const BIGNUM *b, BN_CTX *ctx);
EC_GROUP *EC_GROUP_new_by_curve_name_with_libctx(OPENSSL_CTX *libctx,
const char *propq, int nid);
EC_GROUP *EC_GROUP_new_by_curve_name_ex(OPENSSL_CTX *libctx, const char *propq,
int nid);
EC_GROUP *EC_GROUP_new_by_curve_name(int nid);
int EC_GROUP_set_curve(EC_GROUP *group, const BIGNUM *p, const BIGNUM *a,
@ -153,14 +153,14 @@ Each EC_builtin_curve item has a unique integer id (I<nid>), and a human
readable comment string describing the curve.
In order to construct a built-in curve use the function
EC_GROUP_new_by_curve_name_with_libctx() and provide the I<nid> of the curve to
EC_GROUP_new_by_curve_name_ex() and provide the I<nid> of the curve to
be constructed, the associated library context to be used in I<ctx> (see
L<OPENSSL_CTX(3)>) and any property query string in I<propq>. The I<ctx> value
may be NULL in which case the default library context is used. The I<propq>
value may also be NULL.
EC_GROUP_new_by_curve_name() is the same as
EC_GROUP_new_by_curve_name_with_libctx() except that the default library context
EC_GROUP_new_by_curve_name_ex() except that the default library context
is always used along with a NULL property query string.
EC_GROUP_free() frees the memory associated with the EC_GROUP.
@ -198,7 +198,7 @@ L<OPENSSL_CTX(3)>, L<EVP_PKEY-EC(7)>
EC_GROUP_new() was deprecated in OpenSSL 3.0.
EC_GROUP_new_by_curve_name_with_libctx() and EC_GROUP_new_from_params() were
EC_GROUP_new_by_curve_name_ex() and EC_GROUP_new_from_params() were
added in OpenSSL 3.0.
=item *

18
doc/man3/EC_KEY_new.pod
View File

@ -2,9 +2,9 @@
=head1 NAME
EC_KEY_get_method, EC_KEY_set_method, EC_KEY_new_with_libctx,
EC_KEY_get_method, EC_KEY_set_method, EC_KEY_new_ex,
EC_KEY_new, EC_KEY_get_flags, EC_KEY_set_flags, EC_KEY_clear_flags,
EC_KEY_new_by_curve_name_with_libctx, EC_KEY_new_by_curve_name, EC_KEY_free,
EC_KEY_new_by_curve_name_ex, EC_KEY_new_by_curve_name, EC_KEY_free,
EC_KEY_copy, EC_KEY_dup, EC_KEY_up_ref, EC_KEY_get0_engine,
EC_KEY_get0_group, EC_KEY_set_group, EC_KEY_get0_private_key,
EC_KEY_set_private_key, EC_KEY_get0_public_key, EC_KEY_set_public_key,
@ -20,13 +20,13 @@ EC_KEY objects
#include <openssl/ec.h>
EC_KEY *EC_KEY_new_with_libctx(OPENSSL_CTX *ctx, const char *propq);
EC_KEY *EC_KEY_new_ex(OPENSSL_CTX *ctx, const char *propq);
EC_KEY *EC_KEY_new(void);
int EC_KEY_get_flags(const EC_KEY *key);
void EC_KEY_set_flags(EC_KEY *key, int flags);
void EC_KEY_clear_flags(EC_KEY *key, int flags);
EC_KEY *EC_KEY_new_by_curve_name_with_libctx(OPENSSL_CTX *ctx,
const char *propq, int nid);
EC_KEY *EC_KEY_new_by_curve_name_ex(OPENSSL_CTX *ctx, const char *propq,
int nid);
EC_KEY *EC_KEY_new_by_curve_name(int nid);
void EC_KEY_free(EC_KEY *key);
EC_KEY *EC_KEY_copy(EC_KEY *dst, const EC_KEY *src);
@ -80,16 +80,16 @@ EC_KEY_new() is the same as EC_KEY_new_ex() except that the default library
context is always used.
Alternatively a new EC_KEY can be constructed by calling
EC_KEY_new_by_curve_name_with_libctx() and supplying the nid of the associated
EC_KEY_new_by_curve_name_ex() and supplying the nid of the associated
curve, the library context to be used I<ctx> (see L<OPENSSL_CTX(3)>) and any
property query string I<propq>.
The I<ctx> parameter may be NULL in which case the default library context is
used. The I<propq> value may also be NULL.
See L<EC_GROUP_new(3)> for a description of curve names.
This function simply wraps calls to EC_KEY_new_ex() and
EC_GROUP_new_by_curve_name_with_libctx().
EC_GROUP_new_by_curve_name_ex().
EC_KEY_new_by_curve_name() is the same as EC_KEY_new_by_curve_name_with_libctx()
EC_KEY_new_by_curve_name() is the same as EC_KEY_new_by_curve_name_ex()
except that the default library context is always used and a NULL property query
string.
@ -177,7 +177,7 @@ EC_KEY_priv2buf() converts an EC_KEY private key into an allocated buffer.
=head1 RETURN VALUES
EC_KEY_new_with_libctx(), EC_KEY_new(), EC_KEY_new_by_curve_name_with_libctx(),
EC_KEY_new_with_libctx(), EC_KEY_new(), EC_KEY_new_by_curve_name_ex(),
EC_KEY_new_by_curve_name() and EC_KEY_dup() return a pointer to the newly
created EC_KEY object, or NULL on error.

23
doc/man3/EVP_DigestSignInit.pod
View File

@ -2,17 +2,16 @@
=head1 NAME
EVP_DigestSignInit_with_libctx, EVP_DigestSignInit, EVP_DigestSignUpdate,
EVP_DigestSignInit_ex, EVP_DigestSignInit, EVP_DigestSignUpdate,
EVP_DigestSignFinal, EVP_DigestSign - EVP signing functions
=head1 SYNOPSIS
#include <openssl/evp.h>
int EVP_DigestSignInit_with_libctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const char *mdname,
OPENSSL_CTX *libctx, const char *props,
EVP_PKEY *pkey);
int EVP_DigestSignInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const char *mdname, OPENSSL_CTX *libctx,
const char *props, EVP_PKEY *pkey);
int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
@ -27,7 +26,7 @@ EVP_DigestSignFinal, EVP_DigestSign - EVP signing functions
The EVP signature routines are a high-level interface to digital signatures.
Input data is digested first before the signing takes place.
EVP_DigestSignInit_with_libctx() sets up signing context I<ctx> to use a digest
EVP_DigestSignInit_ex() sets up signing context I<ctx> to use a digest
with the name I<mdname> and private key I<pkey>. The name of the digest to be
used is passed to the provider of the signature algorithm in use. How that
provider interprets the digest name is provider specific. The provider may
@ -50,17 +49,17 @@ I<pctx> is not NULL, the EVP_PKEY_CTX of the signing operation will be written
to I<*pctx>: this can be used to set alternative signing options. Note that any
existing value in I<*pctx> is overwritten. The EVP_PKEY_CTX value returned must
not be freed directly by the application if I<ctx> is not assigned an
EVP_PKEY_CTX value before being passed to EVP_DigestSignInit_with_libctx()
(which means the EVP_PKEY_CTX is created inside EVP_DigestSignInit_with_libctx()
EVP_PKEY_CTX value before being passed to EVP_DigestSignInit_ex()
(which means the EVP_PKEY_CTX is created inside EVP_DigestSignInit_ex()
and it will be freed automatically when the EVP_MD_CTX is freed). If the
EVP_PKEY_CTX to be used is created by EVP_DigestSignInit_with_libctx then it
EVP_PKEY_CTX to be used is created by EVP_DigestSignInit_ex then it
will use the B<OPENSSL_CTX> specified in I<libctx> and the property query string
specified in I<props>.
The digest I<mdname> may be NULL if the signing algorithm supports it. The
I<props> argument can always be NULL.
No B<EVP_PKEY_CTX> will be created by EVP_DigestSignInit_with_libctx() if the
No B<EVP_PKEY_CTX> will be created by EVP_DigestSignInit_ex() if the
passed I<ctx> has already been assigned one via L<EVP_MD_CTX_set_pkey_ctx(3)>.
See also L<SM2(7)>.
@ -110,7 +109,7 @@ Will ignore any digest provided.
If RSA-PSS is used and restrictions apply then the digest must match.
EVP_DigestSignInit() works in the same way as EVP_DigestSignInit_with_libctx()
EVP_DigestSignInit() works in the same way as EVP_DigestSignInit_ex()
except that the I<mdname> parameter will be inferred from the supplied
digest I<type>, and I<props> will be NULL. Where supplied the ENGINE I<e> will
be used for the signing and digest algorithm implementations. I<e> may be NULL.
@ -184,7 +183,7 @@ L<RAND(7)>
EVP_DigestSignInit(), EVP_DigestSignUpdate() and EVP_DigestSignFinal()
were added in OpenSSL 1.0.0.
EVP_DigestSignInit_with_libctx() was added in OpenSSL 3.0.
EVP_DigestSignInit_ex() was added in OpenSSL 3.0.
EVP_DigestSignUpdate() was converted from a macro to a function in OpenSSL 3.0.

23
doc/man3/EVP_DigestVerifyInit.pod
View File

@ -2,17 +2,16 @@
=head1 NAME
EVP_DigestVerifyInit_with_libctx, EVP_DigestVerifyInit, EVP_DigestVerifyUpdate,
EVP_DigestVerifyInit_ex, EVP_DigestVerifyInit, EVP_DigestVerifyUpdate,
EVP_DigestVerifyFinal, EVP_DigestVerify - EVP signature verification functions
=head1 SYNOPSIS
#include <openssl/evp.h>
int EVP_DigestVerifyInit_with_libctx(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const char *mdname,
OPENSSL_CTX *libctx, const char *props,
EVP_PKEY *pkey);
int EVP_DigestVerifyInit_ex(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const char *mdname, OPENSSL_CTX *libctx,
const char *props, EVP_PKEY *pkey);
int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
@ -26,7 +25,7 @@ EVP_DigestVerifyFinal, EVP_DigestVerify - EVP signature verification functions
The EVP signature routines are a high-level interface to digital signatures.
Input data is digested first before the signature verification takes place.
EVP_DigestVerifyInit_with_libctx() sets up verification context B<ctx> to use a
EVP_DigestVerifyInit_ex() sets up verification context B<ctx> to use a
digest with the name B<mdname> and public key B<pkey>. The name of the digest to
be used is passed to the provider of the signature algorithm in use. How that
provider interprets the digest name is provider specific. The provider may
@ -49,14 +48,14 @@ B<pctx> is not NULL, the EVP_PKEY_CTX of the verification operation will be
written to B<*pctx>: this can be used to set alternative verification options.
Note that any existing value in B<*pctx> is overwritten. The EVP_PKEY_CTX value
returned must not be freed directly by the application if B<ctx> is not assigned
an EVP_PKEY_CTX value before being passed to EVP_DigestVerifyInit_with_libctx()
an EVP_PKEY_CTX value before being passed to EVP_DigestVerifyInit_ex()
(which means the EVP_PKEY_CTX is created inside
EVP_DigestVerifyInit_with_libctx() and it will be freed automatically when the
EVP_DigestVerifyInit_ex() and it will be freed automatically when the
EVP_MD_CTX is freed). If the EVP_PKEY_CTX to be used is created by
EVP_DigestVerifyInit_with_libctx then it will use the B<OPENSSL_CTX> specified
EVP_DigestVerifyInit_ex then it will use the B<OPENSSL_CTX> specified
in I<libctx> and the property query string specified in I<props>.
No B<EVP_PKEY_CTX> will be created by EVP_DigestSignInit_with_libctx() if the
No B<EVP_PKEY_CTX> will be created by EVP_DigestSignInit_ex() if the
passed B<ctx> has already been assigned one via L<EVP_MD_CTX_set_pkey_ctx(3)>.
See also L<SM2(7)>.
@ -102,7 +101,7 @@ Will ignore any digest provided.
If RSA-PSS is used and restrictions apply then the digest must match.
EVP_DigestVerifyInit() works in the same way as
EVP_DigestVerifyInit_with_libctx() except that the B<mdname> parameter will be
EVP_DigestVerifyInit_ex() except that the B<mdname> parameter will be
inferred from the supplied digest B<type>, and B<props> will be NULL. Where
supplied the ENGINE B<e> will be used for the signature verification and digest
algorithm implementations. B<e> may be NULL.
@ -173,7 +172,7 @@ L<RAND(7)>
EVP_DigestVerifyInit(), EVP_DigestVerifyUpdate() and EVP_DigestVerifyFinal()
were added in OpenSSL 1.0.0.
EVP_DigestVerifyInit_with_libctx() was added in OpenSSL 3.0.
EVP_DigestVerifyInit_ex() was added in OpenSSL 3.0.
EVP_DigestVerifyUpdate() was converted from a macro to a function in OpenSSL
3.0.

54
doc/man3/EVP_PKEY_new.pod
View File

@ -5,11 +5,11 @@
EVP_PKEY_new,
EVP_PKEY_up_ref,
EVP_PKEY_free,
EVP_PKEY_new_raw_private_key_with_libctx,
EVP_PKEY_new_raw_private_key_ex,
EVP_PKEY_new_raw_private_key,
EVP_PKEY_new_raw_public_key_with_libctx,
EVP_PKEY_new_raw_public_key_ex,
EVP_PKEY_new_raw_public_key,
EVP_PKEY_new_CMAC_key_with_libctx,
EVP_PKEY_new_CMAC_key_ex,
EVP_PKEY_new_CMAC_key,
EVP_PKEY_new_mac_key,
EVP_PKEY_get_raw_private_key,
@ -24,25 +24,23 @@ EVP_PKEY_get_raw_public_key
int EVP_PKEY_up_ref(EVP_PKEY *key);
void EVP_PKEY_free(EVP_PKEY *key);
EVP_PKEY *EVP_PKEY_new_raw_private_key_with_libctx(OPENSSL_CTX *libctx,
const char *keytype,
const char *propq,
const unsigned char *key,
size_t keylen);
EVP_PKEY *EVP_PKEY_new_raw_private_key_ex(OPENSSL_CTX *libctx,
const char *keytype,
const char *propq,
const unsigned char *key,
size_t keylen);
EVP_PKEY *EVP_PKEY_new_raw_private_key(int type, ENGINE *e,
const unsigned char *key, size_t keylen);
EVP_PKEY *EVP_PKEY_new_raw_public_key_with_libctx(OPENSSL_CTX *libctx,
const char *keytype,
const char *propq,
const unsigned char *key,
size_t keylen);
EVP_PKEY *EVP_PKEY_new_raw_public_key_ex(OPENSSL_CTX *libctx,
const char *keytype,
const char *propq,
const unsigned char *key,
size_t keylen);
EVP_PKEY *EVP_PKEY_new_raw_public_key(int type, ENGINE *e,
const unsigned char *key, size_t keylen);
EVP_PKEY *EVP_PKEY_new_CMAC_key_with_libctx(const unsigned char *priv,
size_t len,
const char *cipher_name,
OPENSSL_CTX *libctx,
const char *propq);
EVP_PKEY *EVP_PKEY_new_CMAC_key_ex(const unsigned char *priv, size_t len,
const char *cipher_name,
OPENSSL_CTX *libctx, const char *propq);
EVP_PKEY *EVP_PKEY_new_CMAC_key(ENGINE *e, const unsigned char *priv,
size_t len, const EVP_CIPHER *cipher);
EVP_PKEY *EVP_PKEY_new_mac_key(int type, ENGINE *e, const unsigned char *key,
@ -64,7 +62,7 @@ EVP_PKEY_up_ref() increments the reference count of I<key>.
EVP_PKEY_free() decrements the reference count of I<key> and, if the reference
count is zero, frees it up. If I<key> is NULL, nothing is done.
EVP_PKEY_new_raw_private_key_with_libctx() allocates a new B<EVP_PKEY>. Unless
EVP_PKEY_new_raw_private_key_ex() allocates a new B<EVP_PKEY>. Unless
an engine should be used for the key type, a provider for the key is found using
the library context I<libctx> and the property query string I<propq>. The
I<keytype> argument indicates what kind of key this is. The value should be a
@ -78,17 +76,17 @@ appropriate for the type of the key. The public key data will be automatically
derived from the given private key data (if appropriate for the algorithm type).
EVP_PKEY_new_raw_private_key() does the same as
EVP_PKEY_new_raw_private_key_with_libctx() except that the default library
EVP_PKEY_new_raw_private_key_ex() except that the default library
context and default property query are used instead. If I<e> is non-NULL then
the new B<EVP_PKEY> structure is associated with the engine I<e>. The I<type>
argument indicates what kind of key this is. The value should be a NID for a
public key algorithm that supports raw private keys, i.e. one of
B<EVP_PKEY_POLY1305>, B<EVP_PKEY_SIPHASH>, B<EVP_PKEY_X25519>,
B<EVP_PKEY_ED25519>, B<EVP_PKEY_X448> or B<EVP_PKEY_ED448>. As for
EVP_PKEY_new_raw_private_key_with_libctx() you may also use B<EVP_PKEY_HMAC>.
EVP_PKEY_new_raw_private_key_ex() you may also use B<EVP_PKEY_HMAC>.
EVP_PKEY_new_raw_public_key_with_libctx() works in the same way as
EVP_PKEY_new_raw_private_key_with_libctx() except that I<key> points to the raw
EVP_PKEY_new_raw_public_key_ex() works in the same way as
EVP_PKEY_new_raw_private_key_ex() except that I<key> points to the raw
public key data. The B<EVP_PKEY> structure will be initialised without any
private key information. Algorithm types that support raw public keys are
"X25519", "ED25519", "X448" or "ED448".
@ -99,7 +97,7 @@ data. The B<EVP_PKEY> structure will be initialised without any private key
information. Algorithm types that support raw public keys are
B<EVP_PKEY_X25519>, B<EVP_PKEY_ED25519>, B<EVP_PKEY_X448> or B<EVP_PKEY_ED448>.
EVP_PKEY_new_CMAC_key_with_libctx() works in the same way as
EVP_PKEY_new_CMAC_key_ex() works in the same way as
EVP_PKEY_new_raw_private_key() except it is only for the B<EVP_PKEY_CMAC>
algorithm type. In addition to the raw private key data, it also takes a cipher
algorithm to be used during creation of a CMAC in the I<cipher> argument. The
@ -108,7 +106,7 @@ ciphers should not be used. Finally it also takes a library context I<libctx>
and property query I<propq> which are used when fetching any cryptographic
algorithms which may be NULL to use the default values.
EVP_PKEY_new_CMAC_key() is the same as EVP_PKEY_new_CMAC_key_with_libctx()
EVP_PKEY_new_CMAC_key() is the same as EVP_PKEY_new_CMAC_key_ex()
except that the default values are used for I<libctx> and I<propq>.
EVP_PKEY_new_mac_key() works in the same way as EVP_PKEY_new_raw_private_key().
@ -170,9 +168,9 @@ EVP_PKEY_new_raw_private_key(), EVP_PKEY_new_raw_public_key(),
EVP_PKEY_new_CMAC_key(), EVP_PKEY_new_raw_private_key() and
EVP_PKEY_get_raw_public_key() functions were added in OpenSSL 1.1.1.
The EVP_PKEY_new_raw_private_key_with_libctx(),
EVP_PKEY_new_raw_public_key_with_libctx() and
EVP_PKEY_new_CMAC_key_with_libctx() functions were added in OpenSSL 3.0.
The EVP_PKEY_new_raw_private_key_ex(),
EVP_PKEY_new_raw_public_key_ex() and
EVP_PKEY_new_CMAC_key_ex() functions were added in OpenSSL 3.0.
=head1 COPYRIGHT

15
doc/man3/EVP_SignInit.pod
View File

@ -3,7 +3,7 @@
=head1 NAME
EVP_SignInit, EVP_SignInit_ex, EVP_SignUpdate,
EVP_SignFinal_with_libctx, EVP_SignFinal
EVP_SignFinal_ex, EVP_SignFinal
- EVP signing functions
=head1 SYNOPSIS
@ -12,9 +12,8 @@ EVP_SignFinal_with_libctx, EVP_SignFinal
int EVP_SignInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
int EVP_SignUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
int EVP_SignFinal_with_libctx(EVP_MD_CTX *ctx, unsigned char *md,
unsigned int *s, EVP_PKEY *pkey,
OPENSSL_CTX *libctx, const char *propq);
int EVP_SignFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s,
EVP_PKEY *pkey, OPENSSL_CTX *libctx, const char *propq);
int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sig, unsigned int *s,
EVP_PKEY *pkey);
@ -33,7 +32,7 @@ EVP_SignUpdate() hashes I<cnt> bytes of data at I<d> into the
signature context I<ctx>. This function can be called several times on the
same I<ctx> to include additional data.
EVP_SignFinal_with_libctx() signs the data in I<ctx> using the private key
EVP_SignFinal_ex() signs the data in I<ctx> using the private key
I<pkey> and places the signature in I<sig>. The library context I<libctx> and
property query I<propq> are used when creating a context to use with the key
I<pkey>. I<sig> must be at least C<EVP_PKEY_size(pkey)> bytes in size. I<s> is
@ -42,7 +41,7 @@ The number of bytes of data written (i.e. the length of the signature)
will be written to the integer at I<s>, at most C<EVP_PKEY_size(pkey)> bytes
will be written.
EVP_SignFinal() is similar to EVP_SignFinal_with_libctx() but uses default
EVP_SignFinal() is similar to EVP_SignFinal_ex() but uses default
values of NULL for the library context I<libctx> and the property query I<propq>.
EVP_SignInit() initializes a signing context I<ctx> to use the default
@ -50,7 +49,7 @@ implementation of digest I<type>.
=head1 RETURN VALUES
EVP_SignInit_ex(), EVP_SignUpdate(), EVP_SignFinal_with_libctx() and
EVP_SignInit_ex(), EVP_SignUpdate(), EVP_SignFinal_ex() and
EVP_SignFinal() return 1 for success and 0 for failure.
The error codes can be obtained by L<ERR_get_error(3)>.
@ -99,7 +98,7 @@ L<SHA1(3)>, L<openssl-dgst(1)>
=head1 HISTORY
The function EVP_SignFinal_with_libctx() was added in OpenSSL 3.0.
The function EVP_SignFinal_ex() was added in OpenSSL 3.0.
=head1 COPYRIGHT

16
doc/man3/EVP_VerifyInit.pod
View File

@ -3,7 +3,7 @@
=head1 NAME
EVP_VerifyInit_ex,
EVP_VerifyInit, EVP_VerifyUpdate, EVP_VerifyFinal_with_libctx, EVP_VerifyFinal
EVP_VerifyInit, EVP_VerifyUpdate, EVP_VerifyFinal_ex, EVP_VerifyFinal
- EVP signature verification functions
=head1 SYNOPSIS
@ -12,9 +12,9 @@ EVP_VerifyInit, EVP_VerifyUpdate, EVP_VerifyFinal_with_libctx, EVP_VerifyFinal
int EVP_VerifyInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
int EVP_VerifyUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
int EVP_VerifyFinal_with_libctx(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
unsigned int siglen, EVP_PKEY *pkey,
OPENSSL_CTX *libctx, const char *propq);
int EVP_VerifyFinal_ex(EVP_MD_CTX *ctx, const unsigned char *sigbuf,
unsigned int siglen, EVP_PKEY *pkey,
OPENSSL_CTX *libctx, const char *propq);
int EVP_VerifyFinal(EVP_MD_CTX *ctx, unsigned char *sigbuf, unsigned int siglen,
EVP_PKEY *pkey);
@ -33,12 +33,12 @@ EVP_VerifyUpdate() hashes I<cnt> bytes of data at I<d> into the
verification context I<ctx>. This function can be called several times on the
same I<ctx> to include additional data.
EVP_VerifyFinal_with_libctx() verifies the data in I<ctx> using the public key
EVP_VerifyFinal_ex() verifies the data in I<ctx> using the public key
I<pkey> and I<siglen> bytes in I<sigbuf>.
The library context I<libctx> and property query I<propq> are used when creating
a context to use with the key I<pkey>.
EVP_VerifyFinal() is similar to EVP_VerifyFinal_with_libctx() but uses default
EVP_VerifyFinal() is similar to EVP_VerifyFinal_ex() but uses default
values of NULL for the library context I<libctx> and the property query I<propq>.
EVP_VerifyInit() initializes verification context I<ctx> to use the default
@ -49,7 +49,7 @@ implementation of digest I<type>.
EVP_VerifyInit_ex() and EVP_VerifyUpdate() return 1 for success and 0 for
failure.
EVP_VerifyFinal()_with_libctx() and EVP_VerifyFinal() return 1 for a correct
EVP_VerifyFinal()_ex() and EVP_VerifyFinal() return 1 for a correct
signature, 0 for failure and -1 if some other error occurred.
The error codes can be obtained by L<ERR_get_error(3)>.
@ -93,7 +93,7 @@ L<SHA1(3)>, L<openssl-dgst(1)>
head1 HISTORY
The function EVP_VerifyFinal_with_libctx() was added in OpenSSL 3.0.
The function EVP_VerifyFinal_ex() was added in OpenSSL 3.0.
=head1 COPYRIGHT

12
doc/man3/NCONF_new_with_libctx.pod
View File

@ -2,14 +2,14 @@
=head1 NAME
NCONF_new_with_libctx, NCONF_new, NCONF_free, NCONF_default, NCONF_load
NCONF_new_ex, NCONF_new, NCONF_free, NCONF_default, NCONF_load
- functionality to Load and parse configuration files manually
=head1 SYNOPSIS
#include <openssl/conf.h>
CONF *NCONF_new_with_libctx(OPENSSL_CTX *libctx, CONF_METHOD *meth);
CONF *NCONF_new_ex(OPENSSL_CTX *libctx, CONF_METHOD *meth);
CONF *NCONF_new(CONF_METHOD *meth);
void NCONF_free(CONF *conf);
CONF_METHOD *NCONF_default(void);
@ -17,11 +17,11 @@ NCONF_new_with_libctx, NCONF_new, NCONF_free, NCONF_default, NCONF_load
=head1 DESCRIPTION
NCONF_new_with_libctx() creates a new CONF object in heap memory and assigns to
NCONF_new_ex() creates a new CONF object in heap memory and assigns to
it a context I<libctx> that can be used during loading. If the method table
I<meth> is set to NULL then the default value of NCONF_default() is used.
NCONF_new() is similar to NCONF_new_with_libctx() but sets the I<libctx> to NULL.
NCONF_new() is similar to NCONF_new_ex() but sets the I<libctx> to NULL.
NCONF_free() frees the data associated with I<conf> and then frees the I<conf>
object.
@ -36,7 +36,7 @@ NCONF_default() gets the default method table for processing a configuration fil
NCONF_load() returns 1 on success or 0 on error.
NCONF_new_with_libctx() and NCONF_new() return a newly created I<CONF> object
NCONF_new_ex() and NCONF_new() return a newly created I<CONF> object
or NULL if an error occurs.
=head1 SEE ALSO
@ -45,7 +45,7 @@ L<CONF_modules_load_file(3)>,
=head1 HISTORY
NCONF_new_with_libctx() was added in OpenSSL 3.0.
NCONF_new_ex() was added in OpenSSL 3.0.
=head1 COPYRIGHT

34
doc/man3/OSSL_STORE_LOADER.pod
View File

@ -14,13 +14,13 @@ OSSL_STORE_LOADER_do_all_provided,
OSSL_STORE_LOADER_names_do_all,
OSSL_STORE_LOADER_CTX, OSSL_STORE_LOADER_new,
OSSL_STORE_LOADER_get0_engine, OSSL_STORE_LOADER_get0_scheme,
OSSL_STORE_LOADER_set_open, OSSL_STORE_LOADER_set_open_with_libctx,
OSSL_STORE_LOADER_set_open, OSSL_STORE_LOADER_set_open_ex,
OSSL_STORE_LOADER_set_attach, OSSL_STORE_LOADER_set_ctrl,
OSSL_STORE_LOADER_set_expect, OSSL_STORE_LOADER_set_find,
OSSL_STORE_LOADER_set_load, OSSL_STORE_LOADER_set_eof,
OSSL_STORE_LOADER_set_error, OSSL_STORE_LOADER_set_close,
OSSL_STORE_register_loader, OSSL_STORE_unregister_loader,
OSSL_STORE_open_fn, OSSL_STORE_open_with_libctx_fn,
OSSL_STORE_open_fn, OSSL_STORE_open_ex_fn,
OSSL_STORE_attach_fn, OSSL_STORE_ctrl_fn,
OSSL_STORE_expect_fn, OSSL_STORE_find_fn,
OSSL_STORE_load_fn, OSSL_STORE_eof_fn, OSSL_STORE_error_fn,
@ -69,11 +69,11 @@ L<openssl_user_macros(7)>:
const char *uri, const UI_METHOD *ui_method, void *ui_data);
int OSSL_STORE_LOADER_set_open(OSSL_STORE_LOADER *store_loader,
OSSL_STORE_open_fn store_open_function);
typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_with_libctx_fn)(
typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_ex_fn)(
const char *uri, const UI_METHOD *ui_method, void *ui_data);
int OSSL_STORE_LOADER_set_open_with_libctx
int OSSL_STORE_LOADER_set_open_ex
(OSSL_STORE_LOADER *store_loader,
OSSL_STORE_open_with_libctx_fn store_open_with_libctx_function);
OSSL_STORE_open_ex_fn store_open_ex_function);
typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_attach_fn)
(const OSSL_STORE_LOADER *loader, BIO *bio,
OPENSSL_CTX *libctx, const char *propq,
@ -113,7 +113,7 @@ L<openssl_user_macros(7)>:
=head1 DESCRIPTION
B<OSSL_STORE_LOADER> is a method for OSSL_STORE loaders, which implement
OSSL_STORE_open(), OSSL_STORE_open_with_libctx(), OSSL_STORE_load(),
OSSL_STORE_open(), OSSL_STORE_open_ex(), OSSL_STORE_load(),
OSSL_STORE_eof(), OSSL_STORE_error() and OSSL_STORE_close() for specific
storage schemes.
@ -156,7 +156,7 @@ provider implementations, see L<provider-storemgmt(7)>.
B<OSSL_STORE_LOADER_CTX> is a type template, to be defined by each loader
using C<struct ossl_store_loader_ctx_st { ... }>.
B<OSSL_STORE_open_fn>, B<OSSL_STORE_open_with_libctx_fn>,
B<OSSL_STORE_open_fn>, B<OSSL_STORE_open_ex_fn>,
B<OSSL_STORE_ctrl_fn>, B<OSSL_STORE_expect_fn>, B<OSSL_STORE_find_fn>,
B<OSSL_STORE_load_fn>, B<OSSL_STORE_eof_fn>, and B<OSSL_STORE_close_fn>
are the function pointer types used within a STORE loader.
@ -164,9 +164,9 @@ The functions pointed at define the functionality of the given loader.
=over 4
=item B<OSSL_STORE_open_fn> and B<OSSL_STORE_open_with_libctx_fn>
=item B<OSSL_STORE_open_fn> and B<OSSL_STORE_open_ex_fn>
B<OSSL_STORE_open_with_libctx_fn> takes a URI and is expected to
B<OSSL_STORE_open_ex_fn> takes a URI and is expected to
interpret it in the best manner possible according to the scheme the
loader implements. It also takes a B<UI_METHOD> and associated data,
to be used any time something needs to be prompted for, as well as a
@ -178,13 +178,13 @@ see above), and to return it.
If something goes wrong, this function is expected to return NULL.
B<OSSL_STORE_open_fn> does the same thing as
B<OSSL_STORE_open_with_libctx_fn> but uses NULL for the library
B<OSSL_STORE_open_ex_fn> but uses NULL for the library
context I<libctx> and property query I<propq>.
=item B<OSSL_STORE_attach_fn>
This function takes a B<BIO>, otherwise works like
B<OSSL_STORE_open_with_libctx_fn>.
B<OSSL_STORE_open_ex_fn>.
=item B<OSSL_STORE_ctrl_fn>
@ -274,7 +274,7 @@ OSSL_STORE_LOADER_get0_scheme() returns the scheme of the I<store_loader>.
OSSL_STORE_LOADER_set_open() sets the opener function for the
I<store_loader>.
OSSL_STORE_LOADER_set_open_with_libctx() sets the opener with library context
OSSL_STORE_LOADER_set_open_ex() sets the opener with library context
function for the I<store_loader>.
OSSL_STORE_LOADER_set_attach() sets the attacher function for the
@ -299,7 +299,7 @@ OSSL_STORE_LOADER_free() frees the given I<store_loader>.
OSSL_STORE_register_loader() register the given I<store_loader> and
thereby makes it available for use with OSSL_STORE_open(),
OSSL_STORE_open_with_libctx(), OSSL_STORE_load(), OSSL_STORE_eof()
OSSL_STORE_open_ex(), OSSL_STORE_load(), OSSL_STORE_eof()
and OSSL_STORE_close().
OSSL_STORE_unregister_loader() unregister the store loader for the given
@ -326,16 +326,16 @@ otherwise 0.
OSSL_STORE_LOADER_number() returns an integer.
The functions with the types B<OSSL_STORE_open_fn>,
B<OSSL_STORE_open_with_libctx_fn>, B<OSSL_STORE_ctrl_fn>,
B<OSSL_STORE_open_ex_fn>, B<OSSL_STORE_ctrl_fn>,
B<OSSL_STORE_expect_fn>, B<OSSL_STORE_load_fn>, B<OSSL_STORE_eof_fn>
and B<OSSL_STORE_close_fn> have the same return values as OSSL_STORE_open(),
OSSL_STORE_open_with_libctx(), OSSL_STORE_ctrl(), OSSL_STORE_expect(),
OSSL_STORE_open_ex(), OSSL_STORE_ctrl(), OSSL_STORE_expect(),
OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close(), respectively.
OSSL_STORE_LOADER_new() returns a pointer to a B<OSSL_STORE_LOADER> on success,
or NULL on failure.
OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_open_with_libctx(),
OSSL_STORE_LOADER_set_open(), OSSL_STORE_LOADER_set_open_ex(),
OSSL_STORE_LOADER_set_ctrl(), OSSL_STORE_LOADER_set_load(),
OSSL_STORE_LOADER_set_eof() and OSSL_STORE_LOADER_set_close() return 1
on success, or 0 on failure.
@ -358,7 +358,7 @@ OSSL_STORE_LOADER_properties(), OSSL_STORE_LOADER_is_a(),
OSSL_STORE_LOADER_number(), OSSL_STORE_LOADER_do_all_provided() and
OSSL_STORE_LOADER_names_do_all() were added in OpenSSL 3.0.
OSSL_STORE_open_with_libctx_fn() was added in OpenSSL 3.0.
OSSL_STORE_open_ex_fn() was added in OpenSSL 3.0.
B<OSSL_STORE_LOADER>, B<OSSL_STORE_LOADER_CTX>, OSSL_STORE_LOADER_new(),
OSSL_STORE_LOADER_set0_scheme(), OSSL_STORE_LOADER_set_open(),

21
doc/man3/OSSL_STORE_open.pod
View File

@ -3,7 +3,7 @@
=head1 NAME
OSSL_STORE_CTX, OSSL_STORE_post_process_info_fn,
OSSL_STORE_open, OSSL_STORE_open_with_libctx,
OSSL_STORE_open, OSSL_STORE_open_ex,
OSSL_STORE_ctrl, OSSL_STORE_load, OSSL_STORE_eof,
OSSL_STORE_error, OSSL_STORE_close
- Types and functions to read objects from a URI
@ -22,11 +22,10 @@ OSSL_STORE_error, OSSL_STORE_close
OSSL_STORE_post_process_info_fn post_process,
void *post_process_data);
OSSL_STORE_CTX *
OSSL_STORE_open_with_libctx(const char *uri,
OPENSSL_CTX *libctx, const char *propq,
const UI_METHOD *ui_method, void *ui_data,
OSSL_STORE_post_process_info_fn post_process,
void *post_process_data);
OSSL_STORE_open_ex(const char *uri, OPENSSL_CTX *libctx, const char *propq,
const UI_METHOD *ui_method, void *ui_data,
OSSL_STORE_post_process_info_fn post_process,
void *post_process_data);
OSSL_STORE_INFO *OSSL_STORE_load(OSSL_STORE_CTX *ctx);
int OSSL_STORE_eof(OSSL_STORE_CTX *ctx);
@ -54,13 +53,13 @@ described in L<OSSL_STORE_INFO(3)>.
=head2 Types
B<OSSL_STORE_CTX> is a context variable that holds all the internal
information for OSSL_STORE_open(), OSSL_STORE_open_with_libctx(),
information for OSSL_STORE_open(), OSSL_STORE_open_ex(),
OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close() to work
together.
=head2 Functions
OSSL_STORE_open_with_libctx() takes a uri or path I<uri>, password UI method
OSSL_STORE_open_ex() takes a uri or path I<uri>, password UI method
I<ui_method> with associated data I<ui_data>, and post processing
callback I<post_process> with associated data I<post_process_data>,
a library context I<libctx> with an associated property query I<propq>,
@ -76,7 +75,7 @@ will cause OSSL_STORE_load() to start its process over with loading
the next object, until I<post_process> returns something other than
NULL, or the end of data is reached as indicated by OSSL_STORE_eof().
OSSL_STORE_open() is similar to OSSL_STORE_open_with_libctx() but uses NULL for
OSSL_STORE_open() is similar to OSSL_STORE_open_ex() but uses NULL for
the library context I<libctx> and property query I<propq>.
OSSL_STORE_ctrl() takes a B<OSSL_STORE_CTX>, and command number I<cmd> and
@ -159,7 +158,7 @@ L<passphrase-encoding(7)>
=head1 HISTORY
OSSL_STORE_open_with_libctx() was added in OpenSSL 3.0.
OSSL_STORE_open_ex() was added in OpenSSL 3.0.
B<OSSL_STORE_CTX>, OSSL_STORE_post_process_info_fn(), OSSL_STORE_open(),
OSSL_STORE_ctrl(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close()
@ -168,7 +167,7 @@ were added in OpenSSL 1.1.1.
Handling of NULL I<ctx> argument for OSSL_STORE_close()
was introduced in OpenSSL 1.1.1h.
OSSL_STORE_open_with_libctx() was added in OpenSSL 3.0.
OSSL_STORE_open_ex() was added in OpenSSL 3.0.
OSSL_STORE_ctrl() and OSSL_STORE_vctrl() were deprecated in OpenSSL 3.0.

33
doc/man3/PEM_X509_INFO_read_bio_with_libctx.pod
View File

@ -2,7 +2,7 @@
=head1 NAME
PEM_X509_INFO_read_bio_with_libctx, PEM_X509_INFO_read_with_libctx
PEM_X509_INFO_read_bio_ex, PEM_X509_INFO_read_ex
- read a PEM-encoded data structure from a bio into one or more B<X509_INFO>
object's
@ -10,37 +10,34 @@ object's
#include <openssl/pem.h>
STACK_OF(X509_INFO) *PEM_X509_INFO_read_with_libctx(FILE *fp,
STACK_OF(X509_INFO) *sk,
pem_password_cb *cb,
void *u,
OPENSSL_CTX *libctx,
const char *propq);
STACK_OF(X509_INFO) *PEM_X509_INFO_read_ex(FILE *fp, STACK_OF(X509_INFO) *sk,
pem_password_cb *cb, void *u,
OPENSSL_CTX *libctx,
const char *propq);
STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio_with_libctx(BIO *bio,
STACK_OF(X509_INFO) *sk,
pem_password_cb *cb,
void *u,
OPENSSL_CTX *libctx,
const char *propq);
STACK_OF(X509_INFO) *PEM_X509_INFO_read_bio_ex(BIO *bio,
STACK_OF(X509_INFO) *sk,
pem_password_cb *cb, void *u,
OPENSSL_CTX *libctx,
const char *propq);
=head1 DESCRIPTION
The loaded B<X509_INFO> object's can contain a CRL, a certificate and a
corresponding private key.
PEM_X509_INFO_read_with_libctx() loads the B<X509_INFO> objects from a file I<fp>.
PEM_X509_INFO_read_ex() loads the B<X509_INFO> objects from a file I<fp>.
The library context I<libctx> and property query <propq> are used for fetching
algorithms from providers.
PEM_X509_INFO_read_bio_with_libctx loads the B<X509_INFO> objects using a bio
PEM_X509_INFO_read_bio_ex loads the B<X509_INFO> objects using a bio
I<bp>. The library context I<libctx> and property query <propq> are used for
fetching algorithms from providers.
=head1 RETURN VALUES
PEM_X509_INFO_read_with_libctx() and PEM_X509_INFO_read_bio_with_libctx() return
PEM_X509_INFO_read_with_libctx() and PEM_X509_INFO_read_bio_ex() return
a stack of B<X509_INFO> objects or NULL on failure.
=head1 SEE ALSO
@ -50,8 +47,8 @@ L<passphrase-encoding(7)>
=head1 HISTORY
The functions PEM_X509_INFO_read_with_libctx() and
PEM_X509_INFO_read_bio_with_libctx() were added in OpenSSL 3.0.
The functions PEM_X509_INFO_read_ex() and
PEM_X509_INFO_read_bio_ex() were added in OpenSSL 3.0.
=head1 COPYRIGHT

2
doc/man3/PEM_read_bio_PrivateKey.pod
View File

@ -436,7 +436,7 @@ most of them are set to 0 or NULL.
To read a certificate with a library context in PEM format from a BIO:
X509 *x = X509_new_with_libctx(libctx, NULL);
X509 *x = X509_new_ex(libctx, NULL);
if (x == NULL)
/* Error */

Some files were not shown because too many files have changed in this diff Show More