 |
Index for
Section 3 |
|
 |
Alphabetical
listing for R |
|
 |
Bottom of
page |
|
RSA_set_method(3)
NAME
RSA_set_method, RSA_get_method, RSA_set_default_openssl_method,
RSA_get_default_openssl_method, RSA_PKCS1_SSLeay, RSA_PKCS1_RSAref,
RSA_null_method, RSA_flags, RSA_new_method - Select RSA method
SYNOPSIS
#include <openssl/rsa.h>
#include <openssl/engine.h>
void RSA_set_default_openssl_method(
RSA_METHOD *meth );
RSA_METHOD *RSA_get_default_openssl_method(
void );
RSA_METHOD *RSA_set_method(
RSA *rsa, ENGINE *engine );
RSA_METHOD *RSA_get_method(
RSA *rsa );
RSA_METHOD *RSA_PKCS1_SSLeay(
void );
RSA_METHOD *RSA_PKCS1_RSAref(
void );
RSA_METHOD *RSA_null_method(
void );
int RSA_flags(
RSA *rsa );
RSA *RSA_new_method(
ENGINE *engine );
DESCRIPTION
An RSA_METHOD specifies the functions that OpenSSL uses for RSA operations.
By modifying the method, alternative implementations such as hardware
accelerators can be used.
Initially, the default is to use the OpenSSL internal implementation,
unless OpenSSL was configured with the rsaref or -DRSA_NULL options. The
RSA_PKCS1_SSLeay() function returns a pointer to that method.
The RSA_PKCS1_RSAref() function returns a pointer to a method that uses the
RSAref library. This is the default method in the rsaref configuration; the
function is not available in other configurations. The RSA_null_method()
function returns a pointer to a method that does not support the RSA
transformation. It is the default if OpenSSL is compiled with -DRSA_NULL.
These methods can be useful in the USA because of a patent on the RSA
cryptosystem.
The RSA_set_default_openssl_method() function makes meth the default method
for all RSA structures created later. However, this is true only when the
default engine for RSA operations remains as openssl. ENGINEs provide an
encapsulation for implementations of one or more algorithms at a time, and
all the RSA functions mentioned here operate within the scope of the
default openssl engine.
The RSA_get_default_openssl_method() function returns a pointer to the
current default method for the openssl engine.
The RSA_set_method() function selects engine for all operations using the
key rsa.
The RSA_get_method() function returns a pointer to the RSA_METHOD from the
currently selected ENGINE for rsa.
The RSA_flags() function returns the flags that are set for rsa's current
method.
The RSA_new_method() function allocates and initializes an RSA structure so
that engine will be used for the RSA operations. If engine is NULL, the
default engine for RSA operations is used.
RSA_METHOD Structure
typedef struct rsa_meth_st
{
/* name of the implementation */
const char *name;
/* encrypt */
int (*rsa_pub_enc)(int flen, unsigned char *from,
unsigned char *to, RSA *rsa, int padding);
/* verify arbitrary data */
int (*rsa_pub_dec)(int flen, unsigned char *from,
unsigned char *to, RSA *rsa, int padding);
/* sign arbitrary data */
int (*rsa_priv_enc)(int flen, unsigned char *from,
unsigned char *to, RSA *rsa, int padding);
/* decrypt */
int (*rsa_priv_dec)(int flen, unsigned char *from,
unsigned char *to, RSA *rsa, int padding);
/* compute r0 = r0 ^ I mod rsa->n (May be NULL for some
implementations) */
int (*rsa_mod_exp)(BIGNUM *r0, BIGNUM *I, RSA *rsa);
/* compute r = a ^ p mod m (May be NULL for some implementations) */
int (*bn_mod_exp)(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
/* called at RSA_new */
int (*init)(RSA *rsa);
/* called at RSA_free */
int (*finish)(RSA *rsa);
/* RSA_FLAG_EXT_PKEY - rsa_mod_exp is called for private key
* operations, even if p,q,dmp1,dmq1,iqmp
* are NULL
* RSA_FLAG_SIGN_VER - enable rsa_sign and rsa_verify
* RSA_METHOD_FLAG_NO_CHECK - don't check pub/private match
*/
int flags;
char *app_data; /* ?? */
/* sign. For backward compatibility, this is used only
* if (flags & RSA_FLAG_SIGN_VER)
*/
int (*rsa_sign)(int type, unsigned char *m, unsigned int m_len,
unsigned char *sigret, unsigned int *siglen, RSA *rsa);
/* verify. For backward compatibility, this is used only
* if (flags & RSA_FLAG_SIGN_VER)
*/
int (*rsa_verify)(int type, unsigned char *m, unsigned int m_len,
unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
} RSA_METHOD;
RETURN VALUES
The RSA_PKCS1_SSLeay(), RSA_PKCS1_RSAref(), RSA_PKCS1_null_method(),
RSA_get_default_openssl_method(), and RSA_get_method() functions return
pointers to the respective RSA_METHODs.
The RSA_set_default_openssl_method() function returns no value.
The RSA_set_method() function selects engine as the engine that will be
responsible for all operations using the structure rsa. If this function
completes successfully, then the rsa structure will have its own functional
reference of engine, so the caller should remember to free their own
reference to engine when they are finished with it. An ENGINE's RSA_METHOD
can be retrieved (or set) by the ENGINE_get_RSA() or ENGINE_set_RSA()
functions.
The RSA_new_method() function returns NULL and sets an error code that can
be obtained by using the ERR_get_error() function if the allocation fails.
Otherwise it returns a pointer to the newly allocated structure.
HISTORY
The RSA_new_method() and RSA_set_default_method() functions appeared in
SSLeay 0.8. The RSA_get_default_method(), RSA_set_method(), and
RSA_get_method() functions as well as the rsa_sign and rsa_verify
components of RSA_METHOD were added in OpenSSL 0.9.4.
The RSA_set_default_openssl_method() and RSA_get_default_openssl_method()
functions replaced RSA_set_default_method() and RSA_get_default_method()
respectively, and the RSA_set_method() and RSA_new_method() functions were
altered to use ENGINEs rather than DH_METHODs during development of OpenSSL
0.9.6.
SEE ALSO
Functions: rsa(3), RSA_new(3)
|
Index for
Section 3 |
|
|
Alphabetical
listing for R |
|
 |
Top of
page |
|