NetBSD/lib/libcrypto/man/RSA_public_encrypt.3

279 lines
7.1 KiB
Groff
Raw Normal View History

.rn '' }`
'''
'''
.de Sh
.br
.if t .Sp
.ne 5
.PP
\fB\\$1\fR
.PP
..
.de Sp
.if t .sp .5v
.if n .sp
..
.de Ip
.br
.ie \\n(.$>=3 .ne \\$3
.el .ne 3
.IP "\\$1" \\$2
..
.de Vb
.ft CW
.nf
.ne \\$1
..
.de Ve
.ft R
.fi
..
'''
'''
''' Set up \*(-- to give an unbreakable dash;
''' string Tr holds user defined translation string.
''' Bell System Logo is used as a dummy character.
'''
.tr \(*W-|\(bv\*(Tr
.ie n \{\
.ds -- \(*W-
.ds PI pi
.if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
.if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
.ds L" ""
.ds R" ""
''' \*(M", \*(S", \*(N" and \*(T" are the equivalent of
''' \*(L" and \*(R", except that they are used on ".xx" lines,
''' such as .IP and .SH, which do another additional levels of
''' double-quote interpretation
.ds M" """
.ds S" """
.ds N" """""
.ds T" """""
.ds L' '
.ds R' '
.ds M' '
.ds S' '
.ds N' '
.ds T' '
'br\}
.el\{\
.ds -- \(em\|
.tr \*(Tr
.ds L" ``
.ds R" ''
.ds M" ``
.ds S" ''
.ds N" ``
.ds T" ''
.ds L' `
.ds R' '
.ds M' `
.ds S' '
.ds N' `
.ds T' '
.ds PI \(*p
'br\}
.\" If the F register is turned on, we'll generate
.\" index entries out stderr for the following things:
.\" TH Title
.\" SH Header
.\" Sh Subsection
.\" Ip Item
.\" X<> Xref (embedded
.\" Of course, you have to process the output yourself
.\" in some meaninful fashion.
.if \nF \{
.de IX
.tm Index:\\$1\t\\n%\t"\\$2"
..
.nr % 0
.rr F
.\}
.TH RSA_public_encrypt 3 "0.9.5a" "22/Jul/2000" "OpenSSL"
.UC
.if n .hy 0
.if n .na
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.de CQ \" put $1 in typewriter font
.ft CW
'if n "\c
'if t \\&\\$1\c
'if n \\&\\$1\c
'if n \&"
\\&\\$2 \\$3 \\$4 \\$5 \\$6 \\$7
'.ft R
..
.\" @(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2
. \" AM - accent mark definitions
.bd B 3
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds ? ?
. ds ! !
. ds /
. ds q
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds ? \s-2c\h'-\w'c'u*7/10'\u\h'\*(#H'\zi\d\s+2\h'\w'c'u*8/10'
. ds ! \s-2\(or\s+2\h'-\w'\(or'u'\v'-.8m'.\v'.8m'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
. ds q o\h'-\w'o'u*8/10'\s-4\v'.4m'\z\(*i\v'-.4m'\s+4\h'\w'o'u*8/10'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds v \\k:\h'-(\\n(.wu*9/10-\*(#H)'\v'-\*(#V'\*(#[\s-4v\s0\v'\*(#V'\h'|\\n:u'\*(#]
.ds _ \\k:\h'-(\\n(.wu*9/10-\*(#H+(\*(#F*2/3))'\v'-.4m'\z\(hy\v'.4m'\h'|\\n:u'
.ds . \\k:\h'-(\\n(.wu*8/10)'\v'\*(#V*4/10'\z.\v'-\*(#V*4/10'\h'|\\n:u'
.ds 3 \*(#[\v'.2m'\s-2\&3\s0\v'-.2m'\*(#]
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
.ds oe o\h'-(\w'o'u*4/10)'e
.ds Oe O\h'-(\w'O'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds v \h'-1'\o'\(aa\(ga'
. ds _ \h'-1'^
. ds . \h'-1'.
. ds 3 3
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
. ds oe oe
. ds Oe OE
.\}
.rm #[ #] #H #V #F C
.SH "NAME"
RSA_public_encrypt, RSA_private_decrypt \- RSA public key cryptography
.SH "LIBRARY"
libcrypto, -lcrypto
.SH "SYNOPSIS"
.PP
.Vb 1
\& #include <openssl/rsa.h>
.Ve
.Vb 2
\& int RSA_public_encrypt(int flen, unsigned char *from,
\& unsigned char *to, RSA *rsa, int padding);
.Ve
.Vb 2
\& int RSA_private_decrypt(int flen, unsigned char *from,
\& unsigned char *to, RSA *rsa, int padding);
.Ve
.SH "DESCRIPTION"
\fIRSA_public_encrypt()\fR encrypts the \fBflen\fR bytes at \fBfrom\fR (usually a
session key) using the public key \fBrsa\fR and stores the ciphertext in
\fBto\fR. \fBto\fR must point to \fIRSA_size\fR\|(\fBrsa\fR) bytes of memory.
.PP
\fBpadding\fR denotes one of the following modes:
.Ip "\s-1RSA_PKCS1_PADDING\s0" 4
\s-1PKCS\s0 #1 v1.5 padding. This currently is the most widely used mode.
.Ip "\s-1RSA_PKCS1_OAEP_PADDING\s0" 4
\s-1EME\s0\-\s-1OAEP\s0 as defined in \s-1PKCS\s0 #1 v2.0 with \s-1SHA\s0\-1, \s-1MGF1\s0 and an empty
encoding parameter. This mode is recommended for all new applications.
.Ip "\s-1RSA_SSLV23_PADDING\s0" 4
\s-1PKCS\s0 #1 v1.5 padding with an \s-1SSL\s0\-specific modification that denotes
that the server is \s-1SSL3\s0 capable.
.Ip "\s-1RSA_NO_PADDING\s0" 4
Raw \s-1RSA\s0 encryption. This mode should \fIonly\fR be used to implement
cryptographically sound padding modes in the application code.
Encrypting user data directly with \s-1RSA\s0 is insecure.
.PP
\fBflen\fR must be less than \fIRSA_size\fR\|(\fBrsa\fR) \- 11 for the \s-1PKCS\s0 #1 v1.5
based padding modes, and less than \fIRSA_size\fR\|(\fBrsa\fR) \- 21 for
\s-1RSA_PKCS1_OAEP_PADDING\s0. The random number generator must be seeded
prior to calling \fIRSA_public_encrypt()\fR.
.PP
\fIRSA_private_decrypt()\fR decrypts the \fBflen\fR bytes at \fBfrom\fR using the
private key \fBrsa\fR and stores the plaintext in \fBto\fR. \fBto\fR must point
to a memory section large enough to hold the decrypted data (which is
smaller than \fIRSA_size\fR\|(\fBrsa\fR)). \fBpadding\fR is the padding mode that
was used to encrypt the data.
.SH "RETURN VALUES"
\fIRSA_public_encrypt()\fR returns the size of the encrypted data (i.e.,
\fIRSA_size\fR\|(\fBrsa\fR)). \fIRSA_private_decrypt()\fR returns the size of the
recovered plaintext.
.PP
On error, \-1 is returned; the error codes can be
obtained by the \fIERR_get_error(3)|ERR_get_error(3)\fR manpage.
.SH "CONFORMING TO"
SSL, PKCS #1 v2.0
.SH "SEE ALSO"
the \fIerr(3)|err(3)\fR manpage, the \fIrand(3)|rand(3)\fR manpage, the \fIrsa(3)|rsa(3)\fR manpage, the \fIRSA_size(3)|RSA_size(3)\fR manpage
.SH "NOTES"
The the \fIRSA_PKCS1_RSAref(3)|RSA_PKCS1_RSAref(3)\fR manpage method supports only the RSA_PKCS1_PADDING mode.
.SH "HISTORY"
The \fBpadding\fR argument was added in SSLeay 0.8. RSA_NO_PADDING is
available since SSLeay 0.9.0, OAEP was added in OpenSSL 0.9.2b.
.rn }` ''
.IX Title "RSA_public_encrypt 3"
.IX Name "RSA_public_encrypt, RSA_private_decrypt - RSA public key cryptography"
.IX Header "NAME"
.IX Header "SYNOPSIS"
.IX Header "DESCRIPTION"
.IX Item "\s-1RSA_PKCS1_PADDING\s0"
.IX Item "\s-1RSA_PKCS1_OAEP_PADDING\s0"
.IX Item "\s-1RSA_SSLV23_PADDING\s0"
.IX Item "\s-1RSA_NO_PADDING\s0"
.IX Header "RETURN VALUES"
.IX Header "CONFORMING TO"
.IX Header "SEE ALSO"
.IX Header "NOTES"
.IX Header "HISTORY"