=head1 NAME
RSA_set_default_method, RSA_get_default_method, RSA_set_method,
-RSA_get_method, RSA_PKCS1_SSLeay, RSA_null_method, RSA_flags,
+RSA_get_method, RSA_PKCS1_OpenSSL, RSA_null_method, RSA_flags,
RSA_new_method - select RSA method
=head1 SYNOPSIS
RSA_METHOD *RSA_get_method(const RSA *rsa);
- RSA_METHOD *RSA_PKCS1_SSLeay(void);
+ RSA_METHOD *RSA_PKCS1_OpenSSL(void);
RSA_METHOD *RSA_null_method(void);
int RSA_flags(const RSA *rsa);
- RSA *RSA_new_method(RSA_METHOD *method);
+ RSA *RSA_new_method(ENGINE *engine);
=head1 DESCRIPTION
use of B<ENGINE> API calls.
Initially, the default RSA_METHOD is the OpenSSL internal implementation,
-as returned by RSA_PKCS1_SSLeay().
+as returned by RSA_PKCS1_OpenSSL().
RSA_set_default_method() makes B<meth> the default method for all RSA
structures created later. B<NB>: This is true only whilst no ENGINE has
RSA_get_default_method() returns a pointer to the current default
RSA_METHOD. However, the meaningfulness of this result is dependent on
-whether the ENGINE API is being used, so this function is no longer
+whether the ENGINE API is being used, so this function is no longer
recommended.
RSA_set_method() selects B<meth> to perform all operations using the key
typedef struct rsa_meth_st
{
/* name of the implementation */
- const char *name;
+ const char *name;
/* encrypt */
- int (*rsa_pub_enc)(int flen, unsigned char *from,
+ int (*rsa_pub_enc)(int flen, unsigned char *from,
unsigned char *to, RSA *rsa, int padding);
/* verify arbitrary data */
- int (*rsa_pub_dec)(int flen, unsigned char *from,
+ int (*rsa_pub_dec)(int flen, unsigned char *from,
unsigned char *to, RSA *rsa, int padding);
/* sign arbitrary data */
- int (*rsa_priv_enc)(int flen, unsigned char *from,
+ int (*rsa_priv_enc)(int flen, unsigned char *from,
unsigned char *to, RSA *rsa, int padding);
/* decrypt */
- int (*rsa_priv_dec)(int flen, unsigned char *from,
+ int (*rsa_priv_dec)(int flen, unsigned char *from,
unsigned char *to, RSA *rsa, int padding);
/* compute r0 = r0 ^ I mod rsa->n (May be NULL for some
implementations) */
- int (*rsa_mod_exp)(BIGNUM *r0, BIGNUM *I, RSA *rsa);
+ int (*rsa_mod_exp)(BIGNUM *r0, BIGNUM *I, RSA *rsa);
/* compute r = a ^ p mod m (May be NULL for some implementations) */
- int (*bn_mod_exp)(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+ int (*bn_mod_exp)(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
/* called at RSA_new */
- int (*init)(RSA *rsa);
+ int (*init)(RSA *rsa);
/* called at RSA_free */
- int (*finish)(RSA *rsa);
+ int (*finish)(RSA *rsa);
/* RSA_FLAG_EXT_PKEY - rsa_mod_exp is called for private key
* operations, even if p,q,dmp1,dmq1,iqmp
* are NULL
- * RSA_FLAG_SIGN_VER - enable rsa_sign and rsa_verify
* RSA_METHOD_FLAG_NO_CHECK - don't check pub/private match
*/
- int flags;
+ int flags;
- char *app_data; /* ?? */
+ char *app_data; /* ?? */
- /* sign. For backward compatibility, this is used only
- * if (flags & RSA_FLAG_SIGN_VER)
- */
- int (*rsa_sign)(int type,
- const unsigned char *m, unsigned int m_length,
- unsigned char *sigret, unsigned int *siglen, const RSA *rsa);
- /* verify. For backward compatibility, this is used only
- * if (flags & RSA_FLAG_SIGN_VER)
- */
- int (*rsa_verify)(int dtype,
- const unsigned char *m, unsigned int m_length,
- const unsigned char *sigbuf, unsigned int siglen,
- const RSA *rsa);
+ int (*rsa_sign)(int type,
+ const unsigned char *m, unsigned int m_length,
+ unsigned char *sigret, unsigned int *siglen, const RSA *rsa);
+ int (*rsa_verify)(int dtype,
+ const unsigned char *m, unsigned int m_length,
+ const unsigned char *sigbuf, unsigned int siglen,
+ const RSA *rsa);
/* keygen. If NULL builtin RSA key generation will be used */
- int (*rsa_keygen)(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
+ int (*rsa_keygen)(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
} RSA_METHOD;
=head1 RETURN VALUES
-RSA_PKCS1_SSLeay(), RSA_PKCS1_null_method(), RSA_get_default_method()
+RSA_PKCS1_OpenSSL(), RSA_PKCS1_null_method(), RSA_get_default_method()
and RSA_get_method() return pointers to the respective RSA_METHODs.
RSA_set_default_method() returns no value.
declaration in a future release.
RSA_new_method() returns NULL and sets an error code that can be obtained
-by L<ERR_get_error(3)|ERR_get_error(3)> if the allocation fails. Otherwise
+by L<ERR_get_error(3)> if the allocation fails. Otherwise
it returns a pointer to the newly allocated structure.
-=head1 NOTES
-
-As of version 0.9.7, RSA_METHOD implementations are grouped together with
-other algorithmic APIs (eg. DSA_METHOD, EVP_CIPHER, etc) into B<ENGINE>
-modules. If a default ENGINE is specified for RSA functionality using an
-ENGINE API function, that will override any RSA defaults set using the RSA
-API (ie. RSA_set_default_method()). For this reason, the ENGINE API is the
-recommended way to control default implementations for use in RSA and other
-cryptographic algorithms.
-
=head1 BUGS
The behaviour of RSA_flags() is a mis-feature that is left as-is for now
=head1 SEE ALSO
-L<rsa(3)|rsa(3)>, L<RSA_new(3)|RSA_new(3)>
-
-=head1 HISTORY
-
-RSA_new_method() and RSA_set_default_method() appeared in SSLeay 0.8.
-RSA_get_default_method(), RSA_set_method() and RSA_get_method() as
-well as the rsa_sign and rsa_verify components of RSA_METHOD were
-added in OpenSSL 0.9.4.
-
-RSA_set_default_openssl_method() and RSA_get_default_openssl_method()
-replaced RSA_set_default_method() and RSA_get_default_method()
-respectively, and RSA_set_method() and RSA_new_method() were altered to use
-B<ENGINE>s rather than B<RSA_METHOD>s during development of the engine
-version of OpenSSL 0.9.6. For 0.9.7, the handling of defaults in the ENGINE
-API was restructured so that this change was reversed, and behaviour of the
-other functions resembled more closely the previous behaviour. The
-behaviour of defaults in the ENGINE API now transparently overrides the
-behaviour of defaults in the RSA API without requiring changing these
-function prototypes.
+L<RSA_new(3)>
+
+=head1 COPYRIGHT
+
+Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the OpenSSL license (the "License"). You may not use
+this file except in compliance with the License. You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
=cut
projects / cassiopeia.git / blobdiff