NetBSD/lib/libcrypto/man/RSA_set_method.3

376 lines
9.8 KiB
Groff

.rn '' }`
'''
'''
.de Sh
.br
.if t .Sp
.ne 5
.PP
\fB\\$1\fR
.PP
..
.de Sp
.if t .sp .5v
.if n .sp
..
.de Ip
.br
.ie \\n(.$>=3 .ne \\$3
.el .ne 3
.IP "\\$1" \\$2
..
.de Vb
.ft CW
.nf
.ne \\$1
..
.de Ve
.ft R
.fi
..
'''
'''
''' Set up \*(-- to give an unbreakable dash;
''' string Tr holds user defined translation string.
''' Bell System Logo is used as a dummy character.
'''
.tr \(*W-|\(bv\*(Tr
.ie n \{\
.ds -- \(*W-
.ds PI pi
.if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
.if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
.ds L" ""
.ds R" ""
''' \*(M", \*(S", \*(N" and \*(T" are the equivalent of
''' \*(L" and \*(R", except that they are used on ".xx" lines,
''' such as .IP and .SH, which do another additional levels of
''' double-quote interpretation
.ds M" """
.ds S" """
.ds N" """""
.ds T" """""
.ds L' '
.ds R' '
.ds M' '
.ds S' '
.ds N' '
.ds T' '
'br\}
.el\{\
.ds -- \(em\|
.tr \*(Tr
.ds L" ``
.ds R" ''
.ds M" ``
.ds S" ''
.ds N" ``
.ds T" ''
.ds L' `
.ds R' '
.ds M' `
.ds S' '
.ds N' `
.ds T' '
.ds PI \(*p
'br\}
.\" If the F register is turned on, we'll generate
.\" index entries out stderr for the following things:
.\" TH Title
.\" SH Header
.\" Sh Subsection
.\" Ip Item
.\" X<> Xref (embedded
.\" Of course, you have to process the output yourself
.\" in some meaninful fashion.
.if \nF \{
.de IX
.tm Index:\\$1\t\\n%\t"\\$2"
..
.nr % 0
.rr F
.\}
.TH RSA_set_method 3 "0.9.5a" "22/Jul/100" "OpenSSL"
.UC
.if n .hy 0
.if n .na
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.de CQ \" put $1 in typewriter font
.ft CW
'if n "\c
'if t \\&\\$1\c
'if n \\&\\$1\c
'if n \&"
\\&\\$2 \\$3 \\$4 \\$5 \\$6 \\$7
'.ft R
..
.\" @(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2
. \" AM - accent mark definitions
.bd B 3
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds ? ?
. ds ! !
. ds /
. ds q
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds ? \s-2c\h'-\w'c'u*7/10'\u\h'\*(#H'\zi\d\s+2\h'\w'c'u*8/10'
. ds ! \s-2\(or\s+2\h'-\w'\(or'u'\v'-.8m'.\v'.8m'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
. ds q o\h'-\w'o'u*8/10'\s-4\v'.4m'\z\(*i\v'-.4m'\s+4\h'\w'o'u*8/10'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds v \\k:\h'-(\\n(.wu*9/10-\*(#H)'\v'-\*(#V'\*(#[\s-4v\s0\v'\*(#V'\h'|\\n:u'\*(#]
.ds _ \\k:\h'-(\\n(.wu*9/10-\*(#H+(\*(#F*2/3))'\v'-.4m'\z\(hy\v'.4m'\h'|\\n:u'
.ds . \\k:\h'-(\\n(.wu*8/10)'\v'\*(#V*4/10'\z.\v'-\*(#V*4/10'\h'|\\n:u'
.ds 3 \*(#[\v'.2m'\s-2\&3\s0\v'-.2m'\*(#]
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
.ds oe o\h'-(\w'o'u*4/10)'e
.ds Oe O\h'-(\w'O'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds v \h'-1'\o'\(aa\(ga'
. ds _ \h'-1'^
. ds . \h'-1'.
. ds 3 3
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
. ds oe oe
. ds Oe OE
.\}
.rm #[ #] #H #V #F C
.SH "NAME"
RSA_set_default_method, RSA_get_default_method, RSA_set_method,
RSA_get_method, RSA_PKCS1_SSLeay, RSA_PKCS1_RSAref,
RSA_PKCS1_null_method, RSA_flags, RSA_new_method \- select RSA method
.SH "LIBRARY"
libcrypto, -lcrypto
.SH "SYNOPSIS"
.PP
.Vb 1
\& #include <openssl/rsa.h>
.Ve
.Vb 1
\& void RSA_set_default_method(RSA_METHOD *meth);
.Ve
.Vb 1
\& RSA_METHOD *RSA_get_default_method(void);
.Ve
.Vb 1
\& RSA_METHOD *RSA_set_method(RSA *rsa, RSA_METHOD *meth);
.Ve
.Vb 1
\& RSA_METHOD *RSA_get_method(RSA *rsa);
.Ve
.Vb 1
\& RSA_METHOD *RSA_PKCS1_SSLeay(void);
.Ve
.Vb 1
\& RSA_METHOD *RSA_PKCS1_RSAref(void);
.Ve
.Vb 1
\& RSA_METHOD *RSA_null_method(void);
.Ve
.Vb 1
\& int RSA_flags(RSA *rsa);
.Ve
.Vb 1
\& RSA *RSA_new_method(RSA_METHOD *method);
.Ve
.SH "DESCRIPTION"
An \fBRSA_METHOD\fR specifies the functions that OpenSSL uses for RSA
operations. By modifying the method, alternative implementations
such as hardware accelerators may be used.
.PP
Initially, the default is to use the OpenSSL internal implementation,
unless OpenSSL was configured with the \f(CWrsaref\fR or \f(CW-DRSA_NULL\fR
options. \fIRSA_PKCS1_SSLeay()\fR returns a pointer to that method.
.PP
\fIRSA_PKCS1_RSAref()\fR returns a pointer to a method that uses the RSAref
library. This is the default method in the \f(CWrsaref\fR configuration;
the function is not available in other configurations.
\fIRSA_null_method()\fR returns a pointer to a method that does not support
the RSA transformation. It is the default if OpenSSL is compiled with
\f(CW-DRSA_NULL\fR. These methods may be useful in the USA because of a
patent on the RSA cryptosystem.
.PP
\fIRSA_set_default_method()\fR makes \fBmeth\fR the default method for all \fBRSA\fR
structures created later.
.PP
\fIRSA_get_default_method()\fR returns a pointer to the current default
method.
.PP
\fIRSA_set_method()\fR selects \fBmeth\fR for all operations using the key
\fBrsa\fR.
.PP
\fIRSA_get_method()\fR returns a pointer to the method currently selected
for \fBrsa\fR.
.PP
\fIRSA_flags()\fR returns the \fBflags\fR that are set for \fBrsa\fR's current method.
.PP
\fIRSA_new_method()\fR allocates and initializes an \fBRSA\fR structure so that
\fBmethod\fR will be used for the RSA operations. If \fBmethod\fR is \fBNULL\fR,
the default method is used.
.SH "THE RSA_METHOD STRUCTURE"
.PP
.Vb 4
\& typedef struct rsa_meth_st
\& {
\& /* name of the implementation */
\& const char *name;
.Ve
.Vb 3
\& /* encrypt */
\& int (*rsa_pub_enc)(int flen, unsigned char *from,
\& unsigned char *to, RSA *rsa, int padding);
.Ve
.Vb 3
\& /* verify arbitrary data */
\& int (*rsa_pub_dec)(int flen, unsigned char *from,
\& unsigned char *to, RSA *rsa, int padding);
.Ve
.Vb 3
\& /* sign arbitrary data */
\& int (*rsa_priv_enc)(int flen, unsigned char *from,
\& unsigned char *to, RSA *rsa, int padding);
.Ve
.Vb 3
\& /* decrypt */
\& int (*rsa_priv_dec)(int flen, unsigned char *from,
\& unsigned char *to, RSA *rsa, int padding);
.Ve
.Vb 3
\& /* compute r0 = r0 ^ I mod rsa->n (May be NULL for some
\& implementations) */
\& int (*rsa_mod_exp)(BIGNUM *r0, BIGNUM *I, RSA *rsa);
.Ve
.Vb 3
\& /* compute r = a ^ p mod m (May be NULL for some implementations) */
\& int (*bn_mod_exp)(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
\& const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
.Ve
.Vb 2
\& /* called at RSA_new */
\& int (*init)(RSA *rsa);
.Ve
.Vb 2
\& /* called at RSA_free */
\& int (*finish)(RSA *rsa);
.Ve
.Vb 7
\& /* RSA_FLAG_EXT_PKEY - rsa_mod_exp is called for private key
\& * operations, even if p,q,dmp1,dmq1,iqmp
\& * are NULL
\& * RSA_FLAG_SIGN_VER - enable rsa_sign and rsa_verify
\& * RSA_METHOD_FLAG_NO_CHECK - don't check pub/private match
\& */
\& int flags;
.Ve
.Vb 1
\& char *app_data; /* ?? */
.Ve
.Vb 5
\& /* sign. For backward compatibility, this is used only
\& * if (flags & RSA_FLAG_SIGN_VER)
\& */
\& int (*rsa_sign)(int type, unsigned char *m, unsigned int m_len,
\& unsigned char *sigret, unsigned int *siglen, RSA *rsa);
.Ve
.Vb 5
\& /* verify. For backward compatibility, this is used only
\& * if (flags & RSA_FLAG_SIGN_VER)
\& */
\& int (*rsa_verify)(int type, unsigned char *m, unsigned int m_len,
\& unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
.Ve
.Vb 1
\& } RSA_METHOD;
.Ve
.SH "RETURN VALUES"
\fIRSA_PKCS1_SSLeay()\fR, \fIRSA_PKCS1_RSAref()\fR, \fIRSA_PKCS1_null_method()\fR,
\fIRSA_get_default_method()\fR and \fIRSA_get_method()\fR return pointers to the
respective \fBRSA_METHOD\fRs.
.PP
\fIRSA_set_default_method()\fR returns no value.
.PP
\fIRSA_set_method()\fR returns a pointer to the \fBRSA_METHOD\fR previously
associated with \fBrsa\fR.
.PP
\fIRSA_new_method()\fR returns \fBNULL\fR and sets an error code that can be
obtained by the \fIERR_get_error(3)|ERR_get_error(3)\fR manpage if the allocation fails. Otherwise it
returns a pointer to the newly allocated structure.
.SH "SEE ALSO"
the \fIrsa(3)|rsa(3)\fR manpage, the \fIRSA_new(3)|RSA_new(3)\fR manpage
.SH "HISTORY"
\fIRSA_new_method()\fR and \fIRSA_set_default_method()\fR appeared in SSLeay 0.8.
\fIRSA_get_default_method()\fR, \fIRSA_set_method()\fR and \fIRSA_get_method()\fR as
well as the rsa_sign and rsa_verify components of RSA_METHOD were
added in OpenSSL 0.9.4.
.rn }` ''
.IX Title "RSA_set_method 3"
.IX Name "RSA_set_default_method, RSA_get_default_method, RSA_set_method,
RSA_get_method, RSA_PKCS1_SSLeay, RSA_PKCS1_RSAref,
RSA_PKCS1_null_method, RSA_flags, RSA_new_method - select RSA method"
.IX Header "NAME"
.IX Header "SYNOPSIS"
.IX Header "DESCRIPTION"
.IX Header "THE RSA_METHOD STRUCTURE"
.IX Header "RETURN VALUES"
.IX Header "SEE ALSO"
.IX Header "HISTORY"