Update files for OpenSSL-1.0.0f import.
[dragonfly.git] / secure / lib / libcrypto / man / RSA_set_method.3
CommitLineData
e3261593 1.\" Automatically generated by Pod::Man 2.25 (Pod::Simple 3.19)
8b0cefbb
JR
2.\"
3.\" Standard preamble:
4.\" ========================================================================
8b0cefbb 5.de Sp \" Vertical space (when we can't use .PP)
984263bc
MD
6.if t .sp .5v
7.if n .sp
8..
8b0cefbb 9.de Vb \" Begin verbatim text
984263bc
MD
10.ft CW
11.nf
12.ne \\$1
13..
8b0cefbb 14.de Ve \" End verbatim text
984263bc 15.ft R
984263bc
MD
16.fi
17..
8b0cefbb
JR
18.\" Set up some character translations and predefined strings. \*(-- will
19.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
e257b235
PA
20.\" double quote, and \*(R" will give a right double quote. \*(C+ will
21.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
22.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
23.\" nothing in troff, for use with C<>.
24.tr \(*W-
8b0cefbb 25.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
984263bc 26.ie n \{\
8b0cefbb
JR
27. ds -- \(*W-
28. ds PI pi
29. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
30. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
31. ds L" ""
32. ds R" ""
33. ds C` ""
34. ds C' ""
984263bc
MD
35'br\}
36.el\{\
8b0cefbb
JR
37. ds -- \|\(em\|
38. ds PI \(*p
39. ds L" ``
40. ds R" ''
984263bc 41'br\}
8b0cefbb 42.\"
e257b235
PA
43.\" Escape single quotes in literal strings from groff's Unicode transform.
44.ie \n(.g .ds Aq \(aq
45.el .ds Aq '
46.\"
8b0cefbb 47.\" If the F register is turned on, we'll generate index entries on stderr for
01185282 48.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
8b0cefbb
JR
49.\" entries marked with X<> in POD. Of course, you'll have to process the
50.\" output yourself in some meaningful fashion.
e257b235 51.ie \nF \{\
8b0cefbb
JR
52. de IX
53. tm Index:\\$1\t\\n%\t"\\$2"
984263bc 54..
8b0cefbb
JR
55. nr % 0
56. rr F
984263bc 57.\}
e257b235
PA
58.el \{\
59. de IX
60..
61.\}
aac4ff6f 62.\"
8b0cefbb
JR
63.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
64.\" Fear. Run. Save yourself. No user-serviceable parts.
65. \" fudge factors for nroff and troff
984263bc 66.if n \{\
8b0cefbb
JR
67. ds #H 0
68. ds #V .8m
69. ds #F .3m
70. ds #[ \f1
71. ds #] \fP
984263bc
MD
72.\}
73.if t \{\
8b0cefbb
JR
74. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
75. ds #V .6m
76. ds #F 0
77. ds #[ \&
78. ds #] \&
984263bc 79.\}
8b0cefbb 80. \" simple accents for nroff and troff
984263bc 81.if n \{\
8b0cefbb
JR
82. ds ' \&
83. ds ` \&
84. ds ^ \&
85. ds , \&
86. ds ~ ~
87. ds /
984263bc
MD
88.\}
89.if t \{\
8b0cefbb
JR
90. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
91. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
92. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
93. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
94. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
95. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
984263bc 96.\}
8b0cefbb 97. \" troff and (daisy-wheel) nroff accents
984263bc
MD
98.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
99.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
100.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
101.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
102.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
103.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
104.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
105.ds ae a\h'-(\w'a'u*4/10)'e
106.ds Ae A\h'-(\w'A'u*4/10)'E
8b0cefbb 107. \" corrections for vroff
984263bc
MD
108.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
109.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
8b0cefbb 110. \" for low resolution devices (crt and lpr)
984263bc
MD
111.if \n(.H>23 .if \n(.V>19 \
112\{\
8b0cefbb
JR
113. ds : e
114. ds 8 ss
115. ds o a
116. ds d- d\h'-1'\(ga
117. ds D- D\h'-1'\(hy
118. ds th \o'bp'
119. ds Th \o'LP'
120. ds ae ae
121. ds Ae AE
984263bc
MD
122.\}
123.rm #[ #] #H #V #F C
8b0cefbb
JR
124.\" ========================================================================
125.\"
126.IX Title "RSA_set_method 3"
e3261593 127.TH RSA_set_method 3 "2012-01-04" "1.0.0f" "OpenSSL"
e257b235
PA
128.\" For nroff, turn off justification. Always turn off hyphenation; it makes
129.\" way too many mistakes in technical documents.
130.if n .ad l
131.nh
984263bc
MD
132.SH "NAME"
133RSA_set_default_method, RSA_get_default_method, RSA_set_method,
134RSA_get_method, RSA_PKCS1_SSLeay, RSA_null_method, RSA_flags,
74dab6c2 135RSA_new_method \- select RSA method
984263bc 136.SH "SYNOPSIS"
8b0cefbb 137.IX Header "SYNOPSIS"
984263bc
MD
138.Vb 1
139\& #include <openssl/rsa.h>
e257b235 140\&
984263bc 141\& void RSA_set_default_method(const RSA_METHOD *meth);
e257b235 142\&
984263bc 143\& RSA_METHOD *RSA_get_default_method(void);
e257b235 144\&
984263bc 145\& int RSA_set_method(RSA *rsa, const RSA_METHOD *meth);
e257b235 146\&
984263bc 147\& RSA_METHOD *RSA_get_method(const RSA *rsa);
e257b235 148\&
984263bc 149\& RSA_METHOD *RSA_PKCS1_SSLeay(void);
e257b235 150\&
984263bc 151\& RSA_METHOD *RSA_null_method(void);
e257b235 152\&
984263bc 153\& int RSA_flags(const RSA *rsa);
e257b235 154\&
984263bc
MD
155\& RSA *RSA_new_method(RSA_METHOD *method);
156.Ve
157.SH "DESCRIPTION"
8b0cefbb
JR
158.IX Header "DESCRIPTION"
159An \fB\s-1RSA_METHOD\s0\fR specifies the functions that OpenSSL uses for \s-1RSA\s0
984263bc 160operations. By modifying the method, alternative implementations such as
8b0cefbb
JR
161hardware accelerators may be used. \s-1IMPORTANT:\s0 See the \s-1NOTES\s0 section for
162important information about how these \s-1RSA\s0 \s-1API\s0 functions are affected by the
163use of \fB\s-1ENGINE\s0\fR \s-1API\s0 calls.
984263bc 164.PP
8b0cefbb 165Initially, the default \s-1RSA_METHOD\s0 is the OpenSSL internal implementation,
984263bc
MD
166as returned by \fIRSA_PKCS1_SSLeay()\fR.
167.PP
8b0cefbb
JR
168\&\fIRSA_set_default_method()\fR makes \fBmeth\fR the default method for all \s-1RSA\s0
169structures created later. \fB\s-1NB\s0\fR: This is true only whilst no \s-1ENGINE\s0 has
170been set as a default for \s-1RSA\s0, so this function is no longer recommended.
984263bc 171.PP
8b0cefbb 172\&\fIRSA_get_default_method()\fR returns a pointer to the current default
aac4ff6f 173\&\s-1RSA_METHOD\s0. However, the meaningfulness of this result is dependent on
8b0cefbb 174whether the \s-1ENGINE\s0 \s-1API\s0 is being used, so this function is no longer
984263bc
MD
175recommended.
176.PP
8b0cefbb
JR
177\&\fIRSA_set_method()\fR selects \fBmeth\fR to perform all operations using the key
178\&\fBrsa\fR. This will replace the \s-1RSA_METHOD\s0 used by the \s-1RSA\s0 key and if the
179previous method was supplied by an \s-1ENGINE\s0, the handle to that \s-1ENGINE\s0 will
180be released during the change. It is possible to have \s-1RSA\s0 keys that only
181work with certain \s-1RSA_METHOD\s0 implementations (eg. from an \s-1ENGINE\s0 module
984263bc 182that supports embedded hardware-protected keys), and in such cases
8b0cefbb 183attempting to change the \s-1RSA_METHOD\s0 for the key can have unexpected
984263bc
MD
184results.
185.PP
8b0cefbb
JR
186\&\fIRSA_get_method()\fR returns a pointer to the \s-1RSA_METHOD\s0 being used by \fBrsa\fR.
187This method may or may not be supplied by an \s-1ENGINE\s0 implementation, but if
984263bc 188it is, the return value can only be guaranteed to be valid as long as the
8b0cefbb
JR
189\&\s-1RSA\s0 key itself is valid and does not have its implementation changed by
190\&\fIRSA_set_method()\fR.
984263bc 191.PP
8b0cefbb
JR
192\&\fIRSA_flags()\fR returns the \fBflags\fR that are set for \fBrsa\fR's current
193\&\s-1RSA_METHOD\s0. See the \s-1BUGS\s0 section.
984263bc 194.PP
8b0cefbb
JR
195\&\fIRSA_new_method()\fR allocates and initializes an \s-1RSA\s0 structure so that
196\&\fBengine\fR will be used for the \s-1RSA\s0 operations. If \fBengine\fR is \s-1NULL\s0, the
197default \s-1ENGINE\s0 for \s-1RSA\s0 operations is used, and if no default \s-1ENGINE\s0 is set,
198the \s-1RSA_METHOD\s0 controlled by \fIRSA_set_default_method()\fR is used.
984263bc 199.PP
8b0cefbb 200\&\fIRSA_flags()\fR returns the \fBflags\fR that are set for \fBrsa\fR's current method.
984263bc 201.PP
8b0cefbb
JR
202\&\fIRSA_new_method()\fR allocates and initializes an \fB\s-1RSA\s0\fR structure so that
203\&\fBmethod\fR will be used for the \s-1RSA\s0 operations. If \fBmethod\fR is \fB\s-1NULL\s0\fR,
984263bc
MD
204the default method is used.
205.SH "THE RSA_METHOD STRUCTURE"
8b0cefbb 206.IX Header "THE RSA_METHOD STRUCTURE"
984263bc
MD
207.Vb 4
208\& typedef struct rsa_meth_st
209\& {
210\& /* name of the implementation */
211\& const char *name;
e257b235 212\&
984263bc
MD
213\& /* encrypt */
214\& int (*rsa_pub_enc)(int flen, unsigned char *from,
215\& unsigned char *to, RSA *rsa, int padding);
e257b235 216\&
984263bc
MD
217\& /* verify arbitrary data */
218\& int (*rsa_pub_dec)(int flen, unsigned char *from,
219\& unsigned char *to, RSA *rsa, int padding);
e257b235 220\&
984263bc
MD
221\& /* sign arbitrary data */
222\& int (*rsa_priv_enc)(int flen, unsigned char *from,
223\& unsigned char *to, RSA *rsa, int padding);
e257b235 224\&
984263bc
MD
225\& /* decrypt */
226\& int (*rsa_priv_dec)(int flen, unsigned char *from,
227\& unsigned char *to, RSA *rsa, int padding);
e257b235
PA
228\&
229\& /* compute r0 = r0 ^ I mod rsa\->n (May be NULL for some
984263bc
MD
230\& implementations) */
231\& int (*rsa_mod_exp)(BIGNUM *r0, BIGNUM *I, RSA *rsa);
e257b235 232\&
984263bc
MD
233\& /* compute r = a ^ p mod m (May be NULL for some implementations) */
234\& int (*bn_mod_exp)(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
235\& const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
e257b235 236\&
984263bc
MD
237\& /* called at RSA_new */
238\& int (*init)(RSA *rsa);
e257b235 239\&
984263bc
MD
240\& /* called at RSA_free */
241\& int (*finish)(RSA *rsa);
e257b235
PA
242\&
243\& /* RSA_FLAG_EXT_PKEY \- rsa_mod_exp is called for private key
984263bc
MD
244\& * operations, even if p,q,dmp1,dmq1,iqmp
245\& * are NULL
e257b235
PA
246\& * RSA_FLAG_SIGN_VER \- enable rsa_sign and rsa_verify
247\& * RSA_METHOD_FLAG_NO_CHECK \- don\*(Aqt check pub/private match
984263bc
MD
248\& */
249\& int flags;
e257b235 250\&
984263bc 251\& char *app_data; /* ?? */
e257b235 252\&
984263bc
MD
253\& /* sign. For backward compatibility, this is used only
254\& * if (flags & RSA_FLAG_SIGN_VER)
255\& */
256\& int (*rsa_sign)(int type, unsigned char *m, unsigned int m_len,
257\& unsigned char *sigret, unsigned int *siglen, RSA *rsa);
e257b235 258\&
984263bc
MD
259\& /* verify. For backward compatibility, this is used only
260\& * if (flags & RSA_FLAG_SIGN_VER)
261\& */
262\& int (*rsa_verify)(int type, unsigned char *m, unsigned int m_len,
263\& unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
e257b235 264\&
984263bc
MD
265\& } RSA_METHOD;
266.Ve
267.SH "RETURN VALUES"
8b0cefbb
JR
268.IX Header "RETURN VALUES"
269\&\fIRSA_PKCS1_SSLeay()\fR, \fIRSA_PKCS1_null_method()\fR, \fIRSA_get_default_method()\fR
984263bc
MD
270and \fIRSA_get_method()\fR return pointers to the respective RSA_METHODs.
271.PP
8b0cefbb 272\&\fIRSA_set_default_method()\fR returns no value.
984263bc 273.PP
8b0cefbb 274\&\fIRSA_set_method()\fR returns a pointer to the old \s-1RSA_METHOD\s0 implementation
984263bc 275that was replaced. However, this return value should probably be ignored
8b0cefbb
JR
276because if it was supplied by an \s-1ENGINE\s0, the pointer could be invalidated
277at any time if the \s-1ENGINE\s0 is unloaded (in fact it could be unloaded as a
984263bc 278result of the \fIRSA_set_method()\fR function releasing its handle to the
8b0cefbb 279\&\s-1ENGINE\s0). For this reason, the return type may be replaced with a \fBvoid\fR
984263bc
MD
280declaration in a future release.
281.PP
8b0cefbb
JR
282\&\fIRSA_new_method()\fR returns \s-1NULL\s0 and sets an error code that can be obtained
283by \fIERR_get_error\fR\|(3) if the allocation fails. Otherwise
984263bc
MD
284it returns a pointer to the newly allocated structure.
285.SH "NOTES"
8b0cefbb
JR
286.IX Header "NOTES"
287As of version 0.9.7, \s-1RSA_METHOD\s0 implementations are grouped together with
288other algorithmic APIs (eg. \s-1DSA_METHOD\s0, \s-1EVP_CIPHER\s0, etc) into \fB\s-1ENGINE\s0\fR
289modules. If a default \s-1ENGINE\s0 is specified for \s-1RSA\s0 functionality using an
290\&\s-1ENGINE\s0 \s-1API\s0 function, that will override any \s-1RSA\s0 defaults set using the \s-1RSA\s0
291\&\s-1API\s0 (ie. \fIRSA_set_default_method()\fR). For this reason, the \s-1ENGINE\s0 \s-1API\s0 is the
292recommended way to control default implementations for use in \s-1RSA\s0 and other
984263bc
MD
293cryptographic algorithms.
294.SH "BUGS"
8b0cefbb 295.IX Header "BUGS"
984263bc 296The behaviour of \fIRSA_flags()\fR is a mis-feature that is left as-is for now
8b0cefbb
JR
297to avoid creating compatibility problems. \s-1RSA\s0 functionality, such as the
298encryption functions, are controlled by the \fBflags\fR value in the \s-1RSA\s0 key
299itself, not by the \fBflags\fR value in the \s-1RSA_METHOD\s0 attached to the \s-1RSA\s0 key
300(which is what this function returns). If the flags element of an \s-1RSA\s0 key
301is changed, the changes will be honoured by \s-1RSA\s0 functionality but will not
984263bc 302be reflected in the return value of the \fIRSA_flags()\fR function \- in effect
8b0cefbb 303\&\fIRSA_flags()\fR behaves more like an \fIRSA_default_flags()\fR function (which does
984263bc
MD
304not currently exist).
305.SH "SEE ALSO"
8b0cefbb
JR
306.IX Header "SEE ALSO"
307\&\fIrsa\fR\|(3), \fIRSA_new\fR\|(3)
984263bc 308.SH "HISTORY"
8b0cefbb
JR
309.IX Header "HISTORY"
310\&\fIRSA_new_method()\fR and \fIRSA_set_default_method()\fR appeared in SSLeay 0.8.
311\&\fIRSA_get_default_method()\fR, \fIRSA_set_method()\fR and \fIRSA_get_method()\fR as
312well as the rsa_sign and rsa_verify components of \s-1RSA_METHOD\s0 were
984263bc
MD
313added in OpenSSL 0.9.4.
314.PP
8b0cefbb 315\&\fIRSA_set_default_openssl_method()\fR and \fIRSA_get_default_openssl_method()\fR
984263bc
MD
316replaced \fIRSA_set_default_method()\fR and \fIRSA_get_default_method()\fR
317respectively, and \fIRSA_set_method()\fR and \fIRSA_new_method()\fR were altered to use
8b0cefbb
JR
318\&\fB\s-1ENGINE\s0\fRs rather than \fB\s-1RSA_METHOD\s0\fRs during development of the engine
319version of OpenSSL 0.9.6. For 0.9.7, the handling of defaults in the \s-1ENGINE\s0
320\&\s-1API\s0 was restructured so that this change was reversed, and behaviour of the
984263bc 321other functions resembled more closely the previous behaviour. The
8b0cefbb
JR
322behaviour of defaults in the \s-1ENGINE\s0 \s-1API\s0 now transparently overrides the
323behaviour of defaults in the \s-1RSA\s0 \s-1API\s0 without requiring changing these
984263bc 324function prototypes.