1*e71b7053SJung-uk Kim=pod 2*e71b7053SJung-uk Kim 3*e71b7053SJung-uk Kim=head1 NAME 4*e71b7053SJung-uk Kim 5*e71b7053SJung-uk KimRSA_meth_get0_app_data, RSA_meth_set0_app_data, 6*e71b7053SJung-uk KimRSA_meth_new, RSA_meth_free, RSA_meth_dup, RSA_meth_get0_name, 7*e71b7053SJung-uk KimRSA_meth_set1_name, RSA_meth_get_flags, RSA_meth_set_flags, 8*e71b7053SJung-uk KimRSA_meth_get_pub_enc, 9*e71b7053SJung-uk KimRSA_meth_set_pub_enc, RSA_meth_get_pub_dec, RSA_meth_set_pub_dec, 10*e71b7053SJung-uk KimRSA_meth_get_priv_enc, RSA_meth_set_priv_enc, RSA_meth_get_priv_dec, 11*e71b7053SJung-uk KimRSA_meth_set_priv_dec, RSA_meth_get_mod_exp, RSA_meth_set_mod_exp, 12*e71b7053SJung-uk KimRSA_meth_get_bn_mod_exp, RSA_meth_set_bn_mod_exp, RSA_meth_get_init, 13*e71b7053SJung-uk KimRSA_meth_set_init, RSA_meth_get_finish, RSA_meth_set_finish, 14*e71b7053SJung-uk KimRSA_meth_get_sign, RSA_meth_set_sign, RSA_meth_get_verify, 15*e71b7053SJung-uk KimRSA_meth_set_verify, RSA_meth_get_keygen, RSA_meth_set_keygen, 16*e71b7053SJung-uk KimRSA_meth_get_multi_prime_keygen, RSA_meth_set_multi_prime_keygen 17*e71b7053SJung-uk Kim- Routines to build up RSA methods 18*e71b7053SJung-uk Kim 19*e71b7053SJung-uk Kim=head1 SYNOPSIS 20*e71b7053SJung-uk Kim 21*e71b7053SJung-uk Kim #include <openssl/rsa.h> 22*e71b7053SJung-uk Kim 23*e71b7053SJung-uk Kim RSA_METHOD *RSA_meth_new(const char *name, int flags); 24*e71b7053SJung-uk Kim void RSA_meth_free(RSA_METHOD *meth); 25*e71b7053SJung-uk Kim 26*e71b7053SJung-uk Kim RSA_METHOD *RSA_meth_dup(const RSA_METHOD *meth); 27*e71b7053SJung-uk Kim 28*e71b7053SJung-uk Kim const char *RSA_meth_get0_name(const RSA_METHOD *meth); 29*e71b7053SJung-uk Kim int RSA_meth_set1_name(RSA_METHOD *meth, const char *name); 30*e71b7053SJung-uk Kim 31*e71b7053SJung-uk Kim int RSA_meth_get_flags(const RSA_METHOD *meth); 32*e71b7053SJung-uk Kim int RSA_meth_set_flags(RSA_METHOD *meth, int flags); 33*e71b7053SJung-uk Kim 34*e71b7053SJung-uk Kim void *RSA_meth_get0_app_data(const RSA_METHOD *meth); 35*e71b7053SJung-uk Kim int RSA_meth_set0_app_data(RSA_METHOD *meth, void *app_data); 36*e71b7053SJung-uk Kim 37*e71b7053SJung-uk Kim int (*RSA_meth_get_pub_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from, 38*e71b7053SJung-uk Kim unsigned char *to, RSA *rsa, int padding); 39*e71b7053SJung-uk Kim int RSA_meth_set_pub_enc(RSA_METHOD *rsa, 40*e71b7053SJung-uk Kim int (*pub_enc)(int flen, const unsigned char *from, 41*e71b7053SJung-uk Kim unsigned char *to, RSA *rsa, 42*e71b7053SJung-uk Kim int padding)); 43*e71b7053SJung-uk Kim 44*e71b7053SJung-uk Kim int (*RSA_meth_get_pub_dec(const RSA_METHOD *meth)) 45*e71b7053SJung-uk Kim (int flen, const unsigned char *from, 46*e71b7053SJung-uk Kim unsigned char *to, RSA *rsa, int padding); 47*e71b7053SJung-uk Kim int RSA_meth_set_pub_dec(RSA_METHOD *rsa, 48*e71b7053SJung-uk Kim int (*pub_dec)(int flen, const unsigned char *from, 49*e71b7053SJung-uk Kim unsigned char *to, RSA *rsa, 50*e71b7053SJung-uk Kim int padding)); 51*e71b7053SJung-uk Kim 52*e71b7053SJung-uk Kim int (*RSA_meth_get_priv_enc(const RSA_METHOD *meth))(int flen, const unsigned char *from, 53*e71b7053SJung-uk Kim unsigned char *to, RSA *rsa, 54*e71b7053SJung-uk Kim int padding); 55*e71b7053SJung-uk Kim int RSA_meth_set_priv_enc(RSA_METHOD *rsa, 56*e71b7053SJung-uk Kim int (*priv_enc)(int flen, const unsigned char *from, 57*e71b7053SJung-uk Kim unsigned char *to, RSA *rsa, int padding)); 58*e71b7053SJung-uk Kim 59*e71b7053SJung-uk Kim int (*RSA_meth_get_priv_dec(const RSA_METHOD *meth))(int flen, const unsigned char *from, 60*e71b7053SJung-uk Kim unsigned char *to, RSA *rsa, 61*e71b7053SJung-uk Kim int padding); 62*e71b7053SJung-uk Kim int RSA_meth_set_priv_dec(RSA_METHOD *rsa, 63*e71b7053SJung-uk Kim int (*priv_dec)(int flen, const unsigned char *from, 64*e71b7053SJung-uk Kim unsigned char *to, RSA *rsa, int padding)); 65*e71b7053SJung-uk Kim 66*e71b7053SJung-uk Kim /* Can be null */ 67*e71b7053SJung-uk Kim int (*RSA_meth_get_mod_exp(const RSA_METHOD *meth))(BIGNUM *r0, const BIGNUM *I, 68*e71b7053SJung-uk Kim RSA *rsa, BN_CTX *ctx); 69*e71b7053SJung-uk Kim int RSA_meth_set_mod_exp(RSA_METHOD *rsa, 70*e71b7053SJung-uk Kim int (*mod_exp)(BIGNUM *r0, const BIGNUM *I, RSA *rsa, 71*e71b7053SJung-uk Kim BN_CTX *ctx)); 72*e71b7053SJung-uk Kim 73*e71b7053SJung-uk Kim /* Can be null */ 74*e71b7053SJung-uk Kim int (*RSA_meth_get_bn_mod_exp(const RSA_METHOD *meth))(BIGNUM *r, const BIGNUM *a, 75*e71b7053SJung-uk Kim const BIGNUM *p, const BIGNUM *m, 76*e71b7053SJung-uk Kim BN_CTX *ctx, BN_MONT_CTX *m_ctx); 77*e71b7053SJung-uk Kim int RSA_meth_set_bn_mod_exp(RSA_METHOD *rsa, 78*e71b7053SJung-uk Kim int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, 79*e71b7053SJung-uk Kim const BIGNUM *p, const BIGNUM *m, 80*e71b7053SJung-uk Kim BN_CTX *ctx, BN_MONT_CTX *m_ctx)); 81*e71b7053SJung-uk Kim 82*e71b7053SJung-uk Kim /* called at new */ 83*e71b7053SJung-uk Kim int (*RSA_meth_get_init(const RSA_METHOD *meth) (RSA *rsa); 84*e71b7053SJung-uk Kim int RSA_meth_set_init(RSA_METHOD *rsa, int (*init (RSA *rsa)); 85*e71b7053SJung-uk Kim 86*e71b7053SJung-uk Kim /* called at free */ 87*e71b7053SJung-uk Kim int (*RSA_meth_get_finish(const RSA_METHOD *meth))(RSA *rsa); 88*e71b7053SJung-uk Kim int RSA_meth_set_finish(RSA_METHOD *rsa, int (*finish)(RSA *rsa)); 89*e71b7053SJung-uk Kim 90*e71b7053SJung-uk Kim int (*RSA_meth_get_sign(const RSA_METHOD *meth))(int type, const unsigned char *m, 91*e71b7053SJung-uk Kim unsigned int m_length, 92*e71b7053SJung-uk Kim unsigned char *sigret, 93*e71b7053SJung-uk Kim unsigned int *siglen, const RSA *rsa); 94*e71b7053SJung-uk Kim int RSA_meth_set_sign(RSA_METHOD *rsa, 95*e71b7053SJung-uk Kim int (*sign)(int type, const unsigned char *m, 96*e71b7053SJung-uk Kim unsigned int m_length, unsigned char *sigret, 97*e71b7053SJung-uk Kim unsigned int *siglen, const RSA *rsa)); 98*e71b7053SJung-uk Kim 99*e71b7053SJung-uk Kim int (*RSA_meth_get_verify(const RSA_METHOD *meth))(int dtype, const unsigned char *m, 100*e71b7053SJung-uk Kim unsigned int m_length, 101*e71b7053SJung-uk Kim const unsigned char *sigbuf, 102*e71b7053SJung-uk Kim unsigned int siglen, const RSA *rsa); 103*e71b7053SJung-uk Kim int RSA_meth_set_verify(RSA_METHOD *rsa, 104*e71b7053SJung-uk Kim int (*verify)(int dtype, const unsigned char *m, 105*e71b7053SJung-uk Kim unsigned int m_length, 106*e71b7053SJung-uk Kim const unsigned char *sigbuf, 107*e71b7053SJung-uk Kim unsigned int siglen, const RSA *rsa)); 108*e71b7053SJung-uk Kim 109*e71b7053SJung-uk Kim int (*RSA_meth_get_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits, BIGNUM *e, 110*e71b7053SJung-uk Kim BN_GENCB *cb); 111*e71b7053SJung-uk Kim int RSA_meth_set_keygen(RSA_METHOD *rsa, 112*e71b7053SJung-uk Kim int (*keygen)(RSA *rsa, int bits, BIGNUM *e, 113*e71b7053SJung-uk Kim BN_GENCB *cb)); 114*e71b7053SJung-uk Kim 115*e71b7053SJung-uk Kim int (*RSA_meth_get_multi_prime_keygen(const RSA_METHOD *meth))(RSA *rsa, int bits, 116*e71b7053SJung-uk Kim int primes, BIGNUM *e, 117*e71b7053SJung-uk Kim BN_GENCB *cb); 118*e71b7053SJung-uk Kim 119*e71b7053SJung-uk Kim int RSA_meth_set_multi_prime_keygen(RSA_METHOD *meth, 120*e71b7053SJung-uk Kim int (*keygen) (RSA *rsa, int bits, 121*e71b7053SJung-uk Kim int primes, BIGNUM *e, 122*e71b7053SJung-uk Kim BN_GENCB *cb)); 123*e71b7053SJung-uk Kim 124*e71b7053SJung-uk Kim=head1 DESCRIPTION 125*e71b7053SJung-uk Kim 126*e71b7053SJung-uk KimThe B<RSA_METHOD> type is a structure used for the provision of custom 127*e71b7053SJung-uk KimRSA implementations. It provides a set of functions used by OpenSSL 128*e71b7053SJung-uk Kimfor the implementation of the various RSA capabilities. See the L<rsa> 129*e71b7053SJung-uk Kimpage for more information. 130*e71b7053SJung-uk Kim 131*e71b7053SJung-uk KimRSA_meth_new() creates a new B<RSA_METHOD> structure. It should be 132*e71b7053SJung-uk Kimgiven a unique B<name> and a set of B<flags>. The B<name> should be a 133*e71b7053SJung-uk KimNULL terminated string, which will be duplicated and stored in the 134*e71b7053SJung-uk KimB<RSA_METHOD> object. It is the callers responsibility to free the 135*e71b7053SJung-uk Kimoriginal string. The flags will be used during the construction of a 136*e71b7053SJung-uk Kimnew B<RSA> object based on this B<RSA_METHOD>. Any new B<RSA> object 137*e71b7053SJung-uk Kimwill have those flags set by default. 138*e71b7053SJung-uk Kim 139*e71b7053SJung-uk KimRSA_meth_dup() creates a duplicate copy of the B<RSA_METHOD> object 140*e71b7053SJung-uk Kimpassed as a parameter. This might be useful for creating a new 141*e71b7053SJung-uk KimB<RSA_METHOD> based on an existing one, but with some differences. 142*e71b7053SJung-uk Kim 143*e71b7053SJung-uk KimRSA_meth_free() destroys an B<RSA_METHOD> structure and frees up any 144*e71b7053SJung-uk Kimmemory associated with it. 145*e71b7053SJung-uk Kim 146*e71b7053SJung-uk KimRSA_meth_get0_name() will return a pointer to the name of this 147*e71b7053SJung-uk KimRSA_METHOD. This is a pointer to the internal name string and so 148*e71b7053SJung-uk Kimshould not be freed by the caller. RSA_meth_set1_name() sets the name 149*e71b7053SJung-uk Kimof the RSA_METHOD to B<name>. The string is duplicated and the copy is 150*e71b7053SJung-uk Kimstored in the RSA_METHOD structure, so the caller remains responsible 151*e71b7053SJung-uk Kimfor freeing the memory associated with the name. 152*e71b7053SJung-uk Kim 153*e71b7053SJung-uk KimRSA_meth_get_flags() returns the current value of the flags associated 154*e71b7053SJung-uk Kimwith this RSA_METHOD. RSA_meth_set_flags() provides the ability to set 155*e71b7053SJung-uk Kimthese flags. 156*e71b7053SJung-uk Kim 157*e71b7053SJung-uk KimThe functions RSA_meth_get0_app_data() and RSA_meth_set0_app_data() 158*e71b7053SJung-uk Kimprovide the ability to associate implementation specific data with the 159*e71b7053SJung-uk KimRSA_METHOD. It is the application's responsibility to free this data 160*e71b7053SJung-uk Kimbefore the RSA_METHOD is freed via a call to RSA_meth_free(). 161*e71b7053SJung-uk Kim 162*e71b7053SJung-uk KimRSA_meth_get_sign() and RSA_meth_set_sign() get and set the function 163*e71b7053SJung-uk Kimused for creating an RSA signature respectively. This function will be 164*e71b7053SJung-uk Kimcalled in response to the application calling RSA_sign(). The 165*e71b7053SJung-uk Kimparameters for the function have the same meaning as for RSA_sign(). 166*e71b7053SJung-uk Kim 167*e71b7053SJung-uk KimRSA_meth_get_verify() and RSA_meth_set_verify() get and set the 168*e71b7053SJung-uk Kimfunction used for verifying an RSA signature respectively. This 169*e71b7053SJung-uk Kimfunction will be called in response to the application calling 170*e71b7053SJung-uk KimRSA_verify(). The parameters for the function have the same meaning as 171*e71b7053SJung-uk Kimfor RSA_verify(). 172*e71b7053SJung-uk Kim 173*e71b7053SJung-uk KimRSA_meth_get_mod_exp() and RSA_meth_set_mod_exp() get and set the 174*e71b7053SJung-uk Kimfunction used for CRT computations. 175*e71b7053SJung-uk Kim 176*e71b7053SJung-uk KimRSA_meth_get_bn_mod_exp() and RSA_meth_set_bn_mod_exp() get and set 177*e71b7053SJung-uk Kimthe function used for CRT computations, specifically the following 178*e71b7053SJung-uk Kimvalue: 179*e71b7053SJung-uk Kim 180*e71b7053SJung-uk Kim r = a ^ p mod m 181*e71b7053SJung-uk Kim 182*e71b7053SJung-uk KimBoth the mod_exp() and bn_mod_exp() functions are called by the 183*e71b7053SJung-uk Kimdefault OpenSSL method during encryption, decryption, signing and 184*e71b7053SJung-uk Kimverification. 185*e71b7053SJung-uk Kim 186*e71b7053SJung-uk KimRSA_meth_get_init() and RSA_meth_set_init() get and set the function 187*e71b7053SJung-uk Kimused for creating a new RSA instance respectively. This function will 188*e71b7053SJung-uk Kimbe called in response to the application calling RSA_new() (if the 189*e71b7053SJung-uk Kimcurrent default RSA_METHOD is this one) or RSA_new_method(). The 190*e71b7053SJung-uk KimRSA_new() and RSA_new_method() functions will allocate the memory for 191*e71b7053SJung-uk Kimthe new RSA object, and a pointer to this newly allocated structure 192*e71b7053SJung-uk Kimwill be passed as a parameter to the function. This function may be 193*e71b7053SJung-uk KimNULL. 194*e71b7053SJung-uk Kim 195*e71b7053SJung-uk KimRSA_meth_get_finish() and RSA_meth_set_finish() get and set the 196*e71b7053SJung-uk Kimfunction used for destroying an instance of an RSA object respectively. 197*e71b7053SJung-uk KimThis function will be called in response to the application calling 198*e71b7053SJung-uk KimRSA_free(). A pointer to the RSA to be destroyed is passed as a 199*e71b7053SJung-uk Kimparameter. The destroy function should be used for RSA implementation 200*e71b7053SJung-uk Kimspecific clean up. The memory for the RSA itself should not be freed 201*e71b7053SJung-uk Kimby this function. This function may be NULL. 202*e71b7053SJung-uk Kim 203*e71b7053SJung-uk KimRSA_meth_get_keygen() and RSA_meth_set_keygen() get and set the 204*e71b7053SJung-uk Kimfunction used for generating a new RSA key pair respectively. This 205*e71b7053SJung-uk Kimfunction will be called in response to the application calling 206*e71b7053SJung-uk KimRSA_generate_key_ex(). The parameter for the function has the same 207*e71b7053SJung-uk Kimmeaning as for RSA_generate_key_ex(). 208*e71b7053SJung-uk Kim 209*e71b7053SJung-uk KimRSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() get 210*e71b7053SJung-uk Kimand set the function used for generating a new multi-prime RSA key pair 211*e71b7053SJung-uk Kimrespectively. This function will be called in response to the application calling 212*e71b7053SJung-uk KimRSA_generate_multi_prime_key(). The parameter for the function has the same 213*e71b7053SJung-uk Kimmeaning as for RSA_generate_multi_prime_key(). 214*e71b7053SJung-uk Kim 215*e71b7053SJung-uk KimRSA_meth_get_pub_enc(), RSA_meth_set_pub_enc(), 216*e71b7053SJung-uk KimRSA_meth_get_pub_dec(), RSA_meth_set_pub_dec(), 217*e71b7053SJung-uk KimRSA_meth_get_priv_enc(), RSA_meth_set_priv_enc(), 218*e71b7053SJung-uk KimRSA_meth_get_priv_dec(), RSA_meth_set_priv_dec() get and set the 219*e71b7053SJung-uk Kimfunctions used for public and private key encryption and decryption. 220*e71b7053SJung-uk KimThese functions will be called in response to the application calling 221*e71b7053SJung-uk KimRSA_public_encrypt(), RSA_private_decrypt(), RSA_private_encrypt() and 222*e71b7053SJung-uk KimRSA_public_decrypt() and take the same parameters as those. 223*e71b7053SJung-uk Kim 224*e71b7053SJung-uk Kim 225*e71b7053SJung-uk Kim=head1 RETURN VALUES 226*e71b7053SJung-uk Kim 227*e71b7053SJung-uk KimRSA_meth_new() and RSA_meth_dup() return the newly allocated 228*e71b7053SJung-uk KimRSA_METHOD object or NULL on failure. 229*e71b7053SJung-uk Kim 230*e71b7053SJung-uk KimRSA_meth_get0_name() and RSA_meth_get_flags() return the name and 231*e71b7053SJung-uk Kimflags associated with the RSA_METHOD respectively. 232*e71b7053SJung-uk Kim 233*e71b7053SJung-uk KimAll other RSA_meth_get_*() functions return the appropriate function 234*e71b7053SJung-uk Kimpointer that has been set in the RSA_METHOD, or NULL if no such 235*e71b7053SJung-uk Kimpointer has yet been set. 236*e71b7053SJung-uk Kim 237*e71b7053SJung-uk KimRSA_meth_set1_name and all RSA_meth_set_*() functions return 1 on 238*e71b7053SJung-uk Kimsuccess or 0 on failure. 239*e71b7053SJung-uk Kim 240*e71b7053SJung-uk Kim=head1 SEE ALSO 241*e71b7053SJung-uk Kim 242*e71b7053SJung-uk KimL<RSA_new(3)>, L<RSA_generate_key_ex(3)>, L<RSA_sign(3)>, 243*e71b7053SJung-uk KimL<RSA_set_method(3)>, L<RSA_size(3)>, L<RSA_get0_key(3)>, 244*e71b7053SJung-uk KimL<RSA_generate_multi_prime_key(3)> 245*e71b7053SJung-uk Kim 246*e71b7053SJung-uk Kim=head1 HISTORY 247*e71b7053SJung-uk Kim 248*e71b7053SJung-uk KimRSA_meth_get_multi_prime_keygen() and RSA_meth_set_multi_prime_keygen() were 249*e71b7053SJung-uk Kimadded in OpenSSL 1.1.1. 250*e71b7053SJung-uk Kim 251*e71b7053SJung-uk KimOther functions described here were added in OpenSSL 1.1.0. 252*e71b7053SJung-uk Kim 253*e71b7053SJung-uk Kim=head1 COPYRIGHT 254*e71b7053SJung-uk Kim 255*e71b7053SJung-uk KimCopyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. 256*e71b7053SJung-uk Kim 257*e71b7053SJung-uk KimLicensed under the OpenSSL license (the "License"). You may not use 258*e71b7053SJung-uk Kimthis file except in compliance with the License. You can obtain a copy 259*e71b7053SJung-uk Kimin the file LICENSE in the source distribution or at 260*e71b7053SJung-uk KimL<https://www.openssl.org/source/license.html>. 261*e71b7053SJung-uk Kim 262*e71b7053SJung-uk Kim=cut 263