|
RSA_set_method(3)
Contents
|
RSA_set_method, RSA_get_method,
RSA_set_default_openssl_method,
RSA_get_default_openssl_method, RSA_PKCS1_SSLeay,
RSA_PKCS1_RSAref, RSA_null_method, RSA_flags,
RSA_new_method - Select RSA method
#include <openssl/rsa.h> #include <openssl/engine.h>
void RSA_set_default_openssl_method(
RSA_METHOD *meth ); RSA_METHOD
*RSA_get_default_openssl_method(
void ); RSA_METHOD *RSA_set_method(
RSA *rsa, ENGINE *engine ); RSA_METHOD
*RSA_get_method(
RSA *rsa ); RSA_METHOD *RSA_PKCS1_SSLeay(
void ); RSA_METHOD *RSA_PKCS1_RSAref(
void ); RSA_METHOD *RSA_null_method(
void ); int RSA_flags(
RSA *rsa ); RSA *RSA_new_method(
ENGINE *engine );
An RSA_METHOD specifies the functions that OpenSSL uses
for RSA operations. By modifying the method, alternative
implementations such as hardware accelerators can be used.
Initially, the default is to use the OpenSSL internal
implementation, unless OpenSSL was configured with the
rsaref or -DRSA_NULL options. The RSA_PKCS1_SSLeay() function
returns a pointer to that method.
The RSA_PKCS1_RSAref() function returns a pointer to a
method that uses the RSAref library. This is the default
method in the rsaref configuration; the function is not
available in other configurations. The RSA_null_method()
function returns a pointer to a method that does not support
the RSA transformation. It is the default if OpenSSL
is compiled with -DRSA_NULL. These methods can be useful
in the USA because of a patent on the RSA cryptosystem.
The RSA_set_default_openssl_method() function makes meth
the default method for all RSA structures created later.
However, this is true only when the default engine for RSA
operations remains as openssl. ENGINEs provide an encapsulation
for implementations of one or more algorithms at a
time, and all the RSA functions mentioned here operate
within the scope of the default openssl engine.
The RSA_get_default_openssl_method() function returns a
pointer to the current default method for the openssl
engine.
The RSA_set_method() function selects engine for all operations
using the key rsa.
The RSA_get_method() function returns a pointer to the
RSA_METHOD from the currently selected ENGINE for rsa.
The RSA_flags() function returns the flags that are set
for rsa's current method.
The RSA_new_method() function allocates and initializes an
RSA structure so that engine will be used for the RSA
operations. If engine is NULL, the default engine for RSA
operations is used.
RSA_METHOD Structure [Toc] [Back]
typedef struct rsa_meth_st
{
/* name of the implementation */ const char
*name;
/* encrypt */ int (*rsa_pub_enc)(int flen,
unsigned char *from,
unsigned char *to, RSA *rsa, int padding);
/* verify arbitrary data */ int
(*rsa_pub_dec)(int flen, unsigned char *from,
unsigned char *to, RSA *rsa, int padding);
/* sign arbitrary data */ int
(*rsa_priv_enc)(int flen, unsigned char *from,
unsigned char *to, RSA *rsa, int padding);
/* decrypt */ int (*rsa_priv_dec)(int flen,
unsigned char *from,
unsigned char *to, RSA *rsa, int padding);
/* compute r0 = r0 ^ I mod rsa->n (May be NULL for
some
implementations)
*/ int (*rsa_mod_exp)(BIGNUM *r0, BIGNUM *I, RSA
*rsa);
/* compute r = a ^ p mod m (May be NULL for some
implementations) */ int (*bn_mod_exp)(BIGNUM *r,
BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX
*m_ctx);
/* called at RSA_new */ int (*init)(RSA *rsa);
/* called at RSA_free */ int (*finish)(RSA
*rsa);
/* RSA_FLAG_EXT_PKEY - rsa_mod_exp is called
for private key
* operations, even if
p,q,dmp1,dmq1,iqmp
* are NULL
* RSA_FLAG_SIGN_VER - enable rsa_sign and
rsa_verify
* RSA_METHOD_FLAG_NO_CHECK - don't check pub/private
match
*/ int flags;
char *app_data; /* ?? */
/* sign. For backward compatibility, this is used
only
* if (flags & RSA_FLAG_SIGN_VER)
*/ int (*rsa_sign)(int type, unsigned char *m,
unsigned int m_len,
unsigned char *sigret, unsigned int *siglen,
RSA *rsa);
/* verify. For backward compatibility, this is used
only
* if (flags & RSA_FLAG_SIGN_VER)
*/ int (*rsa_verify)(int type, unsigned char
*m, unsigned int m_len,
unsigned char *sigbuf, unsigned int siglen, RSA
*rsa);
} RSA_METHOD;
The RSA_PKCS1_SSLeay(), RSA_PKCS1_RSAref(),
RSA_PKCS1_null_method(), RSA_get_default_openssl_method(),
and RSA_get_method() functions return pointers to the
respective RSA_METHODs.
The RSA_set_default_openssl_method() function returns no
value.
The RSA_set_method() function selects engine as the engine
that will be responsible for all operations using the
structure rsa. If this function completes successfully,
then the rsa structure will have its own functional reference
of engine, so the caller should remember to free
their own reference to engine when they are finished with
it. An ENGINE's RSA_METHOD can be retrieved (or set) by
the ENGINE_get_RSA() or ENGINE_set_RSA() functions.
The RSA_new_method() function returns NULL and sets an
error code that can be obtained by using the
ERR_get_error() function if the allocation fails. Otherwise
it returns a pointer to the newly allocated structure.
The RSA_new_method() and RSA_set_default_method() functions
appeared in SSLeay 0.8. The
RSA_get_default_method(), RSA_set_method(), and
RSA_get_method() functions as well as the rsa_sign and
rsa_verify components of RSA_METHOD were added in OpenSSL
0.9.4.
The RSA_set_default_openssl_method() and
RSA_get_default_openssl_method() functions replaced
RSA_set_default_method() and RSA_get_default_method()
respectively, and the RSA_set_method() and
RSA_new_method() functions were altered to use ENGINEs
rather than DH_METHODs during development of OpenSSL
0.9.6.
Functions: rsa(3), RSA_new(3)
RSA_set_method(3)
[ Back ] |