Merge from vendor branch NTPD:

[dragonfly.git] / secure / lib / libcrypto / man / rsa.3

.rn '' }`
''' $RCSfile$$Revision$$Date$
'''
''' $Log$
'''
.de Sh
.br
.if t .Sp
.ne 5
.PP
\fB\\$1\fR
.PP
..
.de Sp
.if t .sp .5v
.if n .sp
..
.de Ip
.br
.ie \\n(.$>=3 .ne \\$3
.el .ne 3
.IP "\\$1" \\$2
..
.de Vb
.ft CW
.nf
.ne \\$1
..
.de Ve
.ft R

.fi
..
'''
'''
'''     Set up \*(-- to give an unbreakable dash;
'''     string Tr holds user defined translation string.
'''     Bell System Logo is used as a dummy character.
'''
.tr \(*W-|\(bv\*(Tr
.ie n \{\
.ds -- \(*W-
.ds PI pi
.if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
.if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
.ds L" ""
.ds R" ""
'''   \*(M", \*(S", \*(N" and \*(T" are the equivalent of
'''   \*(L" and \*(R", except that they are used on ".xx" lines,
'''   such as .IP and .SH, which do another additional levels of
'''   double-quote interpretation
.ds M" """
.ds S" """
.ds N" """""
.ds T" """""
.ds L' '
.ds R' '
.ds M' '
.ds S' '
.ds N' '
.ds T' '
'br\}
.el\{\
.ds -- \(em\|
.tr \*(Tr
.ds L" ``
.ds R" ''
.ds M" ``
.ds S" ''
.ds N" ``
.ds T" ''
.ds L' `
.ds R' '
.ds M' `
.ds S' '
.ds N' `
.ds T' '
.ds PI \(*p
'br\}
.\"     If the F register is turned on, we'll generate
.\"     index entries out stderr for the following things:
.\"             TH      Title 
.\"             SH      Header
.\"             Sh      Subsection 
.\"             Ip      Item
.\"             X<>     Xref  (embedded
.\"     Of course, you have to process the output yourself
.\"     in some meaninful fashion.
.if \nF \{
.de IX
.tm Index:\\$1\t\\n%\t"\\$2"
..
.nr % 0
.rr F
.\}
.TH rsa 3 "0.9.7d" "2/Sep/2004" "OpenSSL"
.UC
.if n .hy 0
.if n .na
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.de CQ          \" put $1 in typewriter font
.ft CW
'if n "\c
'if t \\&\\$1\c
'if n \\&\\$1\c
'if n \&"
\\&\\$2 \\$3 \\$4 \\$5 \\$6 \\$7
'.ft R
..
.\" @(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2
.       \" AM - accent mark definitions
.bd B 3
.       \" fudge factors for nroff and troff
.if n \{\
.       ds #H 0
.       ds #V .8m
.       ds #F .3m
.       ds #[ \f1
.       ds #] \fP
.\}
.if t \{\
.       ds #H ((1u-(\\\\n(.fu%2u))*.13m)
.       ds #V .6m
.       ds #F 0
.       ds #[ \&
.       ds #] \&
.\}
.       \" simple accents for nroff and troff
.if n \{\
.       ds ' \&
.       ds ` \&
.       ds ^ \&
.       ds , \&
.       ds ~ ~
.       ds ? ?
.       ds ! !
.       ds /
.       ds q
.\}
.if t \{\
.       ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
.       ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
.       ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
.       ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
.       ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
.       ds ? \s-2c\h'-\w'c'u*7/10'\u\h'\*(#H'\zi\d\s+2\h'\w'c'u*8/10'
.       ds ! \s-2\(or\s+2\h'-\w'\(or'u'\v'-.8m'.\v'.8m'
.       ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.       ds q o\h'-\w'o'u*8/10'\s-4\v'.4m'\z\(*i\v'-.4m'\s+4\h'\w'o'u*8/10'
.\}
.       \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds v \\k:\h'-(\\n(.wu*9/10-\*(#H)'\v'-\*(#V'\*(#[\s-4v\s0\v'\*(#V'\h'|\\n:u'\*(#]
.ds _ \\k:\h'-(\\n(.wu*9/10-\*(#H+(\*(#F*2/3))'\v'-.4m'\z\(hy\v'.4m'\h'|\\n:u'
.ds . \\k:\h'-(\\n(.wu*8/10)'\v'\*(#V*4/10'\z.\v'-\*(#V*4/10'\h'|\\n:u'
.ds 3 \*(#[\v'.2m'\s-2\&3\s0\v'-.2m'\*(#]
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
.ds oe o\h'-(\w'o'u*4/10)'e
.ds Oe O\h'-(\w'O'u*4/10)'E
.       \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
.       \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
.       ds : e
.       ds 8 ss
.       ds v \h'-1'\o'\(aa\(ga'
.       ds _ \h'-1'^
.       ds . \h'-1'.
.       ds 3 3
.       ds o a
.       ds d- d\h'-1'\(ga
.       ds D- D\h'-1'\(hy
.       ds th \o'bp'
.       ds Th \o'LP'
.       ds ae ae
.       ds Ae AE
.       ds oe oe
.       ds Oe OE
.\}
.rm #[ #] #H #V #F C
.SH "NAME"
rsa \- RSA public key cryptosystem
.SH "SYNOPSIS"
.PP
.Vb 2
\& #include <openssl/rsa.h>
\& #include <openssl/engine.h>
.Ve
.Vb 2
\& RSA * RSA_new(void);
\& void RSA_free(RSA *rsa);
.Ve
.Vb 8
\& int RSA_public_encrypt(int flen, unsigned char *from,
\&    unsigned char *to, RSA *rsa, int padding);
\& int RSA_private_decrypt(int flen, unsigned char *from,
\&    unsigned char *to, RSA *rsa, int padding);
\& int RSA_private_encrypt(int flen, unsigned char *from,
\&    unsigned char *to, RSA *rsa,int padding);
\& int RSA_public_decrypt(int flen, unsigned char *from, 
\&    unsigned char *to, RSA *rsa,int padding);
.Ve
.Vb 4
\& int RSA_sign(int type, unsigned char *m, unsigned int m_len,
\&    unsigned char *sigret, unsigned int *siglen, RSA *rsa);
\& int RSA_verify(int type, unsigned char *m, unsigned int m_len,
\&    unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
.Ve
.Vb 1
\& int RSA_size(const RSA *rsa);
.Ve
.Vb 2
\& RSA *RSA_generate_key(int num, unsigned long e,
\&    void (*callback)(int,int,void *), void *cb_arg);
.Ve
.Vb 1
\& int RSA_check_key(RSA *rsa);
.Ve
.Vb 2
\& int RSA_blinding_on(RSA *rsa, BN_CTX *ctx);
\& void RSA_blinding_off(RSA *rsa);
.Ve
.Vb 8
\& void RSA_set_default_method(const RSA_METHOD *meth);
\& const RSA_METHOD *RSA_get_default_method(void);
\& int RSA_set_method(RSA *rsa, const RSA_METHOD *meth);
\& const RSA_METHOD *RSA_get_method(const RSA *rsa);
\& RSA_METHOD *RSA_PKCS1_SSLeay(void);
\& RSA_METHOD *RSA_null_method(void);
\& int RSA_flags(const RSA *rsa);
\& RSA *RSA_new_method(ENGINE *engine);
.Ve
.Vb 2
\& int RSA_print(BIO *bp, RSA *x, int offset);
\& int RSA_print_fp(FILE *fp, RSA *x, int offset);
.Ve
.Vb 4
\& int RSA_get_ex_new_index(long argl, char *argp, int (*new_func)(),
\&    int (*dup_func)(), void (*free_func)());
\& int RSA_set_ex_data(RSA *r,int idx,char *arg);
\& char *RSA_get_ex_data(RSA *r, int idx);
.Ve
.Vb 6
\& int RSA_sign_ASN1_OCTET_STRING(int dummy, unsigned char *m,
\&    unsigned int m_len, unsigned char *sigret, unsigned int *siglen,
\&    RSA *rsa);
\& int RSA_verify_ASN1_OCTET_STRING(int dummy, unsigned char *m,
\&    unsigned int m_len, unsigned char *sigbuf, unsigned int siglen,
\&    RSA *rsa);
.Ve
.SH "DESCRIPTION"
These functions implement RSA public key encryption and signatures
as defined in PKCS #1 v2.0 [RFC 2437].
.PP
The \fBRSA\fR structure consists of several BIGNUM components. It can
contain public as well as private RSA keys:
.PP
.Vb 13
\& struct
\&        {
\&        BIGNUM *n;              // public modulus
\&        BIGNUM *e;              // public exponent
\&        BIGNUM *d;              // private exponent
\&        BIGNUM *p;              // secret prime factor
\&        BIGNUM *q;              // secret prime factor
\&        BIGNUM *dmp1;           // d mod (p-1)
\&        BIGNUM *dmq1;           // d mod (q-1)
\&        BIGNUM *iqmp;           // q^-1 mod p
\&        // ...
\&        };
\& RSA
.Ve
In public keys, the private exponent and the related secret values are
\fBNULL\fR.
.PP
\fBp\fR, \fBq\fR, \fBdmp1\fR, \fBdmq1\fR and \fBiqmp\fR may be \fBNULL\fR in private
keys, but the RSA operations are much faster when these values are
available.
.PP
Note that RSA keys may use non-standard \fBRSA_METHOD\fR implementations,
either directly or by the use of \fBENGINE\fR modules. In some cases (eg. an
ENGINE providing support for hardware-embedded keys), these BIGNUM values
will not be used by the implementation or may be used for alternative data
storage. For this reason, applications should generally avoid using RSA
structure elements directly and instead use API functions to query or
modify keys.
.SH "CONFORMING TO"
SSL, PKCS #1 v2.0
.SH "PATENTS"
RSA was covered by a US patent which expired in September 2000.
.SH "SEE ALSO"
rsa(1), bn(3), dsa(3), dh(3),
rand(3), engine(3), RSA_new(3),
RSA_public_encrypt(3),
RSA_sign(3), RSA_size(3),
RSA_generate_key(3),
RSA_check_key(3),
RSA_blinding_on(3),
RSA_set_method(3), RSA_print(3),
RSA_get_ex_new_index(3),
RSA_private_encrypt(3),
RSA_sign_ASN1_OCTET_STRING(3),
RSA_padding_add_PKCS1_type_1(3) 

.rn }` ''
.IX Title "rsa 3"
.IX Name "rsa - RSA public key cryptosystem"

.IX Header "NAME"

.IX Header "SYNOPSIS"

.IX Header "DESCRIPTION"

.IX Header "CONFORMING TO"

.IX Header "PATENTS"

.IX Header "SEE ALSO"