2000-01-12 06:35:21 +08:00
|
|
|
=pod
|
|
|
|
|
|
|
|
=head1 NAME
|
|
|
|
|
|
|
|
rsa - RSA public key cryptosystem
|
|
|
|
|
|
|
|
=head1 SYNOPSIS
|
|
|
|
|
|
|
|
#include <openssl/rsa.h>
|
2000-10-27 05:07:28 +08:00
|
|
|
#include <openssl/engine.h>
|
2000-01-12 06:35:21 +08:00
|
|
|
|
|
|
|
RSA * RSA_new(void);
|
|
|
|
void RSA_free(RSA *rsa);
|
|
|
|
|
|
|
|
int RSA_public_encrypt(int flen, unsigned char *from,
|
|
|
|
unsigned char *to, RSA *rsa, int padding);
|
|
|
|
int RSA_private_decrypt(int flen, unsigned char *from,
|
|
|
|
unsigned char *to, RSA *rsa, int padding);
|
2002-08-05 05:08:36 +08:00
|
|
|
int RSA_private_encrypt(int flen, unsigned char *from,
|
|
|
|
unsigned char *to, RSA *rsa,int padding);
|
|
|
|
int RSA_public_decrypt(int flen, unsigned char *from,
|
|
|
|
unsigned char *to, RSA *rsa,int padding);
|
2000-01-12 06:35:21 +08:00
|
|
|
|
|
|
|
int RSA_sign(int type, unsigned char *m, unsigned int m_len,
|
|
|
|
unsigned char *sigret, unsigned int *siglen, RSA *rsa);
|
|
|
|
int RSA_verify(int type, unsigned char *m, unsigned int m_len,
|
|
|
|
unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
|
|
|
|
|
|
|
|
RSA *RSA_generate_key(int num, unsigned long e,
|
|
|
|
void (*callback)(int,int,void *), void *cb_arg);
|
|
|
|
|
|
|
|
int RSA_check_key(RSA *rsa);
|
|
|
|
|
|
|
|
int RSA_blinding_on(RSA *rsa, BN_CTX *ctx);
|
|
|
|
void RSA_blinding_off(RSA *rsa);
|
|
|
|
|
2002-08-05 05:08:36 +08:00
|
|
|
void RSA_set_default_method(const RSA_METHOD *meth);
|
|
|
|
const RSA_METHOD *RSA_get_default_method(void);
|
|
|
|
int RSA_set_method(RSA *rsa, const RSA_METHOD *meth);
|
|
|
|
const RSA_METHOD *RSA_get_method(const RSA *rsa);
|
2000-01-12 06:35:21 +08:00
|
|
|
RSA_METHOD *RSA_PKCS1_SSLeay(void);
|
|
|
|
RSA_METHOD *RSA_null_method(void);
|
2002-08-05 05:08:36 +08:00
|
|
|
int RSA_flags(const RSA *rsa);
|
2000-10-27 05:07:28 +08:00
|
|
|
RSA *RSA_new_method(ENGINE *engine);
|
2000-01-12 06:35:21 +08:00
|
|
|
|
|
|
|
int RSA_print(BIO *bp, RSA *x, int offset);
|
|
|
|
int RSA_print_fp(FILE *fp, RSA *x, int offset);
|
|
|
|
|
|
|
|
int RSA_get_ex_new_index(long argl, char *argp, int (*new_func)(),
|
|
|
|
int (*dup_func)(), void (*free_func)());
|
|
|
|
int RSA_set_ex_data(RSA *r,int idx,char *arg);
|
|
|
|
char *RSA_get_ex_data(RSA *r, int idx);
|
|
|
|
|
|
|
|
int RSA_sign_ASN1_OCTET_STRING(int dummy, unsigned char *m,
|
|
|
|
unsigned int m_len, unsigned char *sigret, unsigned int *siglen,
|
|
|
|
RSA *rsa);
|
|
|
|
int RSA_verify_ASN1_OCTET_STRING(int dummy, unsigned char *m,
|
|
|
|
unsigned int m_len, unsigned char *sigbuf, unsigned int siglen,
|
|
|
|
RSA *rsa);
|
|
|
|
|
|
|
|
=head1 DESCRIPTION
|
|
|
|
|
|
|
|
These functions implement RSA public key encryption and signatures
|
|
|
|
as defined in PKCS #1 v2.0 [RFC 2437].
|
|
|
|
|
|
|
|
The B<RSA> structure consists of several BIGNUM components. It can
|
|
|
|
contain public as well as private RSA keys:
|
|
|
|
|
|
|
|
struct
|
|
|
|
{
|
|
|
|
BIGNUM *n; // public modulus
|
|
|
|
BIGNUM *e; // public exponent
|
|
|
|
BIGNUM *d; // private exponent
|
|
|
|
BIGNUM *p; // secret prime factor
|
|
|
|
BIGNUM *q; // secret prime factor
|
|
|
|
BIGNUM *dmp1; // d mod (p-1)
|
|
|
|
BIGNUM *dmq1; // d mod (q-1)
|
|
|
|
BIGNUM *iqmp; // q^-1 mod p
|
|
|
|
// ...
|
|
|
|
};
|
|
|
|
RSA
|
|
|
|
|
|
|
|
In public keys, the private exponent and the related secret values are
|
|
|
|
B<NULL>.
|
|
|
|
|
2000-03-10 01:07:55 +08:00
|
|
|
B<p>, B<q>, B<dmp1>, B<dmq1> and B<iqmp> may be B<NULL> in private
|
|
|
|
keys, but the RSA operations are much faster when these values are
|
|
|
|
available.
|
2000-01-12 06:35:21 +08:00
|
|
|
|
2002-08-05 05:08:36 +08:00
|
|
|
Note that RSA keys may use non-standard B<RSA_METHOD> implementations,
|
|
|
|
either directly or by the use of B<ENGINE> modules. In some cases (eg. an
|
|
|
|
ENGINE providing support for hardware-embedded keys), these BIGNUM values
|
|
|
|
will not be used by the implementation or may be used for alternative data
|
|
|
|
storage. For this reason, applications should generally avoid using RSA
|
|
|
|
structure elements directly and instead use API functions to query or
|
|
|
|
modify keys.
|
|
|
|
|
2000-01-28 03:31:26 +08:00
|
|
|
=head1 CONFORMING TO
|
|
|
|
|
|
|
|
SSL, PKCS #1 v2.0
|
|
|
|
|
2000-01-12 06:35:21 +08:00
|
|
|
=head1 PATENTS
|
|
|
|
|
2000-09-20 11:25:33 +08:00
|
|
|
RSA was covered by a US patent which expired in September 2000.
|
2000-01-12 06:35:21 +08:00
|
|
|
|
|
|
|
=head1 SEE ALSO
|
|
|
|
|
2015-08-18 03:21:33 +08:00
|
|
|
L<rsa(1)>, L<bn(3)>, L<dsa(3)>, L<dh(3)>,
|
|
|
|
L<rand(3)>, L<engine(3)>, L<RSA_new(3)>,
|
|
|
|
L<RSA_public_encrypt(3)>,
|
|
|
|
L<RSA_sign(3)>, L<RSA_size(3)>,
|
|
|
|
L<RSA_generate_key(3)>,
|
|
|
|
L<RSA_check_key(3)>,
|
|
|
|
L<RSA_blinding_on(3)>,
|
|
|
|
L<RSA_set_method(3)>, L<RSA_print(3)>,
|
|
|
|
L<RSA_get_ex_new_index(3)>,
|
|
|
|
L<RSA_private_encrypt(3)>,
|
|
|
|
L<RSA_sign_ASN1_OCTET_STRING(3)>,
|
|
|
|
L<RSA_padding_add_PKCS1_type_1(3)>
|
2000-01-12 06:35:21 +08:00
|
|
|
|
|
|
|
=cut
|