1=pod 2 3=head1 NAME 4 5RSA_set0_key, RSA_set0_factors, RSA_set0_crt_params, RSA_get0_key, 6RSA_get0_factors, RSA_get0_crt_params, 7RSA_get0_n, RSA_get0_e, RSA_get0_d, RSA_get0_p, RSA_get0_q, 8RSA_get0_dmp1, RSA_get0_dmq1, RSA_get0_iqmp, RSA_get0_pss_params, 9RSA_clear_flags, 10RSA_test_flags, RSA_set_flags, RSA_get0_engine, RSA_get_multi_prime_extra_count, 11RSA_get0_multi_prime_factors, RSA_get0_multi_prime_crt_params, 12RSA_set0_multi_prime_params, RSA_get_version 13- Routines for getting and setting data in an RSA object 14 15=head1 SYNOPSIS 16 17 #include <openssl/rsa.h> 18 19 int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d); 20 int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q); 21 int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp); 22 void RSA_get0_key(const RSA *r, 23 const BIGNUM **n, const BIGNUM **e, const BIGNUM **d); 24 void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q); 25 void RSA_get0_crt_params(const RSA *r, 26 const BIGNUM **dmp1, const BIGNUM **dmq1, 27 const BIGNUM **iqmp); 28 const BIGNUM *RSA_get0_n(const RSA *d); 29 const BIGNUM *RSA_get0_e(const RSA *d); 30 const BIGNUM *RSA_get0_d(const RSA *d); 31 const BIGNUM *RSA_get0_p(const RSA *d); 32 const BIGNUM *RSA_get0_q(const RSA *d); 33 const BIGNUM *RSA_get0_dmp1(const RSA *r); 34 const BIGNUM *RSA_get0_dmq1(const RSA *r); 35 const BIGNUM *RSA_get0_iqmp(const RSA *r); 36 const RSA_PSS_PARAMS *RSA_get0_pss_params(const RSA *r); 37 void RSA_clear_flags(RSA *r, int flags); 38 int RSA_test_flags(const RSA *r, int flags); 39 void RSA_set_flags(RSA *r, int flags); 40 ENGINE *RSA_get0_engine(RSA *r); 41 int RSA_get_multi_prime_extra_count(const RSA *r); 42 int RSA_get0_multi_prime_factors(const RSA *r, const BIGNUM *primes[]); 43 int RSA_get0_multi_prime_crt_params(const RSA *r, const BIGNUM *exps[], 44 const BIGNUM *coeffs[]); 45 int RSA_set0_multi_prime_params(RSA *r, BIGNUM *primes[], BIGNUM *exps[], 46 BIGNUM *coeffs[], int pnum); 47 int RSA_get_version(RSA *r); 48 49=head1 DESCRIPTION 50 51An RSA object contains the components for the public and private key, 52B<n>, B<e>, B<d>, B<p>, B<q>, B<dmp1>, B<dmq1> and B<iqmp>. B<n> is 53the modulus common to both public and private key, B<e> is the public 54exponent and B<d> is the private exponent. B<p>, B<q>, B<dmp1>, 55B<dmq1> and B<iqmp> are the factors for the second representation of a 56private key (see PKCS#1 section 3 Key Types), where B<p> and B<q> are 57the first and second factor of B<n> and B<dmp1>, B<dmq1> and B<iqmp> 58are the exponents and coefficient for CRT calculations. 59 60For multi-prime RSA (defined in RFC 8017), there are also one or more 61'triplet' in an RSA object. A triplet contains three members, B<r>, B<d> 62and B<t>. B<r> is the additional prime besides B<p> and B<q>. B<d> and 63B<t> are the exponent and coefficient for CRT calculations. 64 65The B<n>, B<e> and B<d> parameters can be obtained by calling 66RSA_get0_key(). If they have not been set yet, then B<*n>, B<*e> and 67B<*d> will be set to NULL. Otherwise, they are set to pointers to 68their respective values. These point directly to the internal 69representations of the values and therefore should not be freed 70by the caller. 71 72The B<n>, B<e> and B<d> parameter values can be set by calling 73RSA_set0_key() and passing the new values for B<n>, B<e> and B<d> as 74parameters to the function. The values B<n> and B<e> must be non-NULL 75the first time this function is called on a given RSA object. The 76value B<d> may be NULL. On subsequent calls any of these values may be 77NULL which means the corresponding RSA field is left untouched. 78Calling this function transfers the memory management of the values to 79the RSA object, and therefore the values that have been passed in 80should not be freed by the caller after this function has been called. 81 82In a similar fashion, the B<p> and B<q> parameters can be obtained and 83set with RSA_get0_factors() and RSA_set0_factors(), and the B<dmp1>, 84B<dmq1> and B<iqmp> parameters can be obtained and set with 85RSA_get0_crt_params() and RSA_set0_crt_params(). 86 87For RSA_get0_key(), RSA_get0_factors(), and RSA_get0_crt_params(), 88NULL value BIGNUM ** output parameters are permitted. The functions 89ignore NULL parameters but return values for other, non-NULL, parameters. 90 91For multi-prime RSA, RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params() 92can be used to obtain other primes and related CRT parameters. The 93return values are stored in an array of B<BIGNUM *>. RSA_set0_multi_prime_params() 94sets a collect of multi-prime 'triplet' members (prime, exponent and coefficient) 95into an RSA object. 96 97Any of the values B<n>, B<e>, B<d>, B<p>, B<q>, B<dmp1>, B<dmq1>, and B<iqmp> can also be 98retrieved separately by the corresponding function 99RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), 100RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp(), respectively. 101 102RSA_get0_pss_params() is used to retrieve the RSA-PSS parameters. 103 104RSA_set_flags() sets the flags in the B<flags> parameter on the RSA 105object. Multiple flags can be passed in one go (bitwise ORed together). 106Any flags that are already set are left set. RSA_test_flags() tests to 107see whether the flags passed in the B<flags> parameter are currently 108set in the RSA object. Multiple flags can be tested in one go. All 109flags that are currently set are returned, or zero if none of the 110flags are set. RSA_clear_flags() clears the specified flags within the 111RSA object. 112 113RSA_get0_engine() returns a handle to the ENGINE that has been set for 114this RSA object, or NULL if no such ENGINE has been set. 115 116RSA_get_version() returns the version of an RSA object B<r>. 117 118=head1 NOTES 119 120Values retrieved with RSA_get0_key() are owned by the RSA object used 121in the call and may therefore I<not> be passed to RSA_set0_key(). If 122needed, duplicate the received value using BN_dup() and pass the 123duplicate. The same applies to RSA_get0_factors() and RSA_set0_factors() 124as well as RSA_get0_crt_params() and RSA_set0_crt_params(). 125 126The caller should obtain the size by calling RSA_get_multi_prime_extra_count() 127in advance and allocate sufficient buffer to store the return values before 128calling RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params(). 129 130RSA_set0_multi_prime_params() always clears the original multi-prime 131triplets in RSA object B<r> and assign the new set of triplets into it. 132 133=head1 RETURN VALUES 134 135RSA_set0_key(), RSA_set0_factors(), RSA_set0_crt_params() and 136RSA_set0_multi_prime_params() return 1 on success or 0 on failure. 137 138RSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), 139RSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp() 140return the respective value. 141 142RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_crt_params() return 1431 on success or 0 on failure. 144 145RSA_get_multi_prime_extra_count() returns two less than the number of primes 146in use, which is 0 for traditional RSA and the number of extra primes for 147multi-prime RSA. 148 149RSA_get_version() returns B<RSA_ASN1_VERSION_MULTI> for multi-prime RSA and 150B<RSA_ASN1_VERSION_DEFAULT> for normal two-prime RSA, as defined in RFC 8017. 151 152RSA_test_flags() returns the current state of the flags in the RSA object. 153 154RSA_get0_engine() returns the ENGINE set for the RSA object or NULL if no 155ENGINE has been set. 156 157=head1 SEE ALSO 158 159L<RSA_new(3)>, L<RSA_size(3)> 160 161=head1 HISTORY 162 163The RSA_get0_pss_params() function was added in OpenSSL 1.1.1e. 164 165The 166RSA_get_multi_prime_extra_count(), RSA_get0_multi_prime_factors(), 167RSA_get0_multi_prime_crt_params(), RSA_set0_multi_prime_params(), 168and RSA_get_version() functions were added in OpenSSL 1.1.1. 169 170Other functions described here were added in OpenSSL 1.1.0. 171 172=head1 COPYRIGHT 173 174Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. 175 176Licensed under the OpenSSL license (the "License"). You may not use 177this file except in compliance with the License. You can obtain a copy 178in the file LICENSE in the source distribution or at 179L<https://www.openssl.org/source/license.html>. 180 181=cut 182