Add ossl_provider symbols

Partial fix for #12964

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14473)

crypto/http/http_local.h

@@ -14,6 +14,7 @@
 # include <openssl/ocsp.h>
 
 BIO *ossl_http_asn1_item2bio(const ASN1_ITEM *it, const ASN1_VALUE *val);
+
 OSSL_HTTP_REQ_CTX
 *ossl_http_req_ctx_new(BIO *wbio, BIO *rbio, int use_http_proxy,
                        const char *server, const char *port,

crypto/provider_core.c

@@ -157,7 +157,7 @@ static void *provider_store_new(OSSL_LIB_CTX *ctx)
     }
     store->use_fallbacks = 1;
 
-    for (p = predefined_providers; p->name != NULL; p++) {
+    for (p = ossl_predefined_providers; p->name != NULL; p++) {
         OSSL_PROVIDER *prov = NULL;
 
         /*

crypto/provider_local.h

@@ -15,4 +15,4 @@ struct predefined_providers_st {
     unsigned int is_fallback:1;
 };
 
-extern const struct predefined_providers_st predefined_providers[];
+extern const struct predefined_providers_st ossl_predefined_providers[];

crypto/provider_predefined.c

@@ -13,13 +13,13 @@
 OSSL_provider_init_fn ossl_default_provider_init;
 OSSL_provider_init_fn ossl_base_provider_init;
 OSSL_provider_init_fn ossl_null_provider_init;
-OSSL_provider_init_fn fips_intern_provider_init;
+OSSL_provider_init_fn ossl_fips_intern_provider_init;
 #ifdef STATIC_LEGACY
 OSSL_provider_init_fn ossl_legacy_provider_init;
 #endif
-const struct predefined_providers_st predefined_providers[] = {
+const struct predefined_providers_st ossl_predefined_providers[] = {
 #ifdef FIPS_MODULE
-    { "fips", fips_intern_provider_init, 1 },
+    { "fips", ossl_fips_intern_provider_init, 1 },
 #else
     { "default", ossl_default_provider_init, 1 },
 # ifdef STATIC_LEGACY

providers/common/capabilities.c

@@ -214,8 +214,8 @@ static int tls_group_capability(OSSL_CALLBACK *cb, void *arg)
     return 1;
 }
 
-int provider_get_capabilities(void *provctx, const char *capability,
-                              OSSL_CALLBACK *cb, void *arg)
+int ossl_prov_get_capabilities(void *provctx, const char *capability,
+                               OSSL_CALLBACK *cb, void *arg)
 {
     if (strcasecmp(capability, "TLS-GROUP") == 0)
         return tls_group_capability(cb, arg);

providers/common/include/prov/providercommon.h

@@ -15,7 +15,7 @@ const OSSL_CORE_HANDLE *FIPS_get_core_handle(OSSL_LIB_CTX *ctx);
 int ossl_cipher_capable_aes_cbc_hmac_sha1(void);
 int ossl_cipher_capable_aes_cbc_hmac_sha256(void);
 
-OSSL_FUNC_provider_get_capabilities_fn provider_get_capabilities;
+OSSL_FUNC_provider_get_capabilities_fn ossl_prov_get_capabilities;
 
 /* Set the error state if this is a FIPS module */
 void ossl_set_error_state(const char *type);

providers/defltprov.c

@@ -512,7 +512,8 @@ static const OSSL_DISPATCH deflt_dispatch_table[] = {
     { OSSL_FUNC_PROVIDER_GETTABLE_PARAMS, (void (*)(void))deflt_gettable_params },
     { OSSL_FUNC_PROVIDER_GET_PARAMS, (void (*)(void))deflt_get_params },
     { OSSL_FUNC_PROVIDER_QUERY_OPERATION, (void (*)(void))deflt_query },
-    { OSSL_FUNC_PROVIDER_GET_CAPABILITIES, (void (*)(void))provider_get_capabilities },
+    { OSSL_FUNC_PROVIDER_GET_CAPABILITIES,
+      (void (*)(void))ossl_prov_get_capabilities },
     { 0, NULL }
 };
 

providers/fips/fipsprov.c

@@ -477,7 +477,7 @@ static const OSSL_DISPATCH fips_dispatch_table[] = {
     { OSSL_FUNC_PROVIDER_GET_PARAMS, (void (*)(void))fips_get_params },
     { OSSL_FUNC_PROVIDER_QUERY_OPERATION, (void (*)(void))fips_query },
     { OSSL_FUNC_PROVIDER_GET_CAPABILITIES,
-      (void (*)(void))provider_get_capabilities },
+      (void (*)(void))ossl_prov_get_capabilities },
     { OSSL_FUNC_PROVIDER_SELF_TEST, (void (*)(void))fips_self_test },
     { 0, NULL }
 };
@@ -647,11 +647,11 @@ int OSSL_provider_init(const OSSL_CORE_HANDLE *handle,
  * the provider context of this inner instance with the same library context
  * that was used in the EVP call that initiated this recursive call.
  */
-OSSL_provider_init_fn fips_intern_provider_init;
-int fips_intern_provider_init(const OSSL_CORE_HANDLE *handle,
-                              const OSSL_DISPATCH *in,
-                              const OSSL_DISPATCH **out,
-                              void **provctx)
+OSSL_provider_init_fn ossl_fips_intern_provider_init;
+int ossl_fips_intern_provider_init(const OSSL_CORE_HANDLE *handle,
+                                   const OSSL_DISPATCH *in,
+                                   const OSSL_DISPATCH **out,
+                                   void **provctx)
 {
     OSSL_FUNC_core_get_libctx_fn *c_internal_get_libctx = NULL;
 

providers/implementations/ciphers/cipher_aes_xts.c

@@ -54,7 +54,7 @@ static OSSL_FUNC_cipher_settable_ctx_params_fn aes_xts_settable_ctx_params;
 static int aes_xts_check_keys_differ(const unsigned char *key, size_t bytes,
                                      int enc)
 {
-    if ((!allow_insecure_decrypt || enc)
+    if ((!ossl_aes_xts_allow_insecure_decrypt || enc)
             && CRYPTO_memcmp(key, key + bytes, bytes) == 0) {
         ERR_raise(ERR_LIB_PROV, PROV_R_XTS_DUPLICATED_KEYS);
         return 0;

providers/implementations/ciphers/cipher_aes_xts.h

@@ -15,7 +15,7 @@
  * Available in cipher_fips.c, and compiled with different values depending
  * on we're in the FIPS module or not.
  */
-extern const int allow_insecure_decrypt;
+extern const int ossl_aes_xts_allow_insecure_decrypt;
 
 PROV_CIPHER_FUNC(void, xts_stream,
                  (const unsigned char *in, unsigned char *out, size_t len,

providers/implementations/ciphers/cipher_aes_xts_fips.c

@@ -17,7 +17,7 @@
 #include "cipher_aes_xts.h"
 
 #ifdef FIPS_MODULE
-const int allow_insecure_decrypt = 0;
+const int ossl_aes_xts_allow_insecure_decrypt = 0;
 #else
-const int allow_insecure_decrypt = 1;
+const int ossl_aes_xts_allow_insecure_decrypt = 1;
 #endif /* FIPS_MODULE */

test/curve448_internal_test.c

@@ -629,14 +629,16 @@ static int test_ed448(void)
             || !TEST_true(ossl_ed448_sign(NULL, outsig, msg9, sizeof(msg9),
                                           pubkey9, privkey9, NULL, 0, NULL))
             || !TEST_int_eq(memcmp(sig9, outsig, sizeof(sig9)), 0)
-            || !TEST_true(ossl_ed448ph_sign(NULL, outsig, dohash(hashctx, phmsg1,
-                                            sizeof(phmsg1)), phpubkey1,
-                                            phprivkey1, NULL, 0, NULL))
+            || !TEST_true(ossl_ed448ph_sign(NULL, outsig,
+                                            dohash(hashctx, phmsg1,
+                                                   sizeof(phmsg1)), phpubkey1,
+                                                   phprivkey1, NULL, 0, NULL))
             || !TEST_int_eq(memcmp(phsig1, outsig, sizeof(phsig1)), 0)
-            || !TEST_true(ossl_ed448ph_sign(NULL, outsig, dohash(hashctx, phmsg2,
-                                            sizeof(phmsg2)), phpubkey2,
-                                            phprivkey2, phcontext2,
-                                            sizeof(phcontext2), NULL))
+            || !TEST_true(ossl_ed448ph_sign(NULL, outsig,
+                                            dohash(hashctx, phmsg2,
+                                                   sizeof(phmsg2)), phpubkey2,
+                                                   phprivkey2, phcontext2,
+                                                   sizeof(phcontext2), NULL))
             || !TEST_int_eq(memcmp(phsig2, outsig, sizeof(phsig2)), 0)) {
         EVP_MD_CTX_free(hashctx);
         return 0;