Standard preamble:
========================================================================
..
.... Set up some character translations and predefined strings. \*(-- will
give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
double quote, and \*(R" will give a right double quote. \*(C+ will
give a nicer C++. Capital omega is used to do unbreakable dashes and
therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
nothing in troff, for use with C<>.
.tr \(*W- . ds -- \(*W- . ds PI pi . if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch . if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch . ds L" "" . ds R" "" . ds C` "" . ds C' "" 'br\} . ds -- \|\(em\| . ds PI \(*p . ds L" `` . ds R" '' . ds C` . ds C' 'br\}
Escape single quotes in literal strings from groff's Unicode transform.
If the F register is >0, we'll generate index entries on stderr for
titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
entries marked with X<> in POD. Of course, you'll have to process the
output yourself in some meaningful fashion.
Avoid warning from groff about undefined register 'F'.
.. .nr rF 0 . if \nF \{\ . de IX . tm Index:\\$1\t\\n%\t"\\$2" .. . if !\nF==2 \{\ . nr % 0 . nr F 2 . \} . \} .\} .rr rF Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff . ds #H 0 . ds #V .8m . ds #F .3m . ds #[ \f1 . ds #] .\} . ds #H ((1u-(\\\\n(.fu%2u))*.13m) . ds #V .6m . ds #F 0 . ds #[ \& . ds #] \& .\} . \" simple accents for nroff and troff . ds ' \& . ds ` \& . ds ^ \& . ds , \& . ds ~ ~ . ds / .\} . ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" . ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' . ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' . ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' . ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' . ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' .\} . \" troff and (daisy-wheel) nroff accents . \" corrections for vroff . \" for low resolution devices (crt and lpr) \{\ . ds : e . ds 8 ss . ds o a . ds d- d\h'-1'\(ga . ds D- D\h'-1'\(hy . ds th \o'bp' . ds Th \o'LP' . ds ae ae . ds Ae AE .\} ========================================================================
Title "RSA_GET0_KEY 3ossl"
way too many mistakes in technical documents.
The following functions have been deprecated since OpenSSL 3.0, and can be hidden entirely by defining \s-1OPENSSL_API_COMPAT\s0 with a suitable version value, see openssl_user_macros\|(7):
.Vb 10 int RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d); int RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q); int RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp); void RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d); void RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q); void RSA_get0_crt_params(const RSA *r, const BIGNUM **dmp1, const BIGNUM **dmq1, const BIGNUM **iqmp); const BIGNUM *RSA_get0_n(const RSA *d); const BIGNUM *RSA_get0_e(const RSA *d); const BIGNUM *RSA_get0_d(const RSA *d); const BIGNUM *RSA_get0_p(const RSA *d); const BIGNUM *RSA_get0_q(const RSA *d); const BIGNUM *RSA_get0_dmp1(const RSA *r); const BIGNUM *RSA_get0_dmq1(const RSA *r); const BIGNUM *RSA_get0_iqmp(const RSA *r); const RSA_PSS_PARAMS *RSA_get0_pss_params(const RSA *r); void RSA_clear_flags(RSA *r, int flags); int RSA_test_flags(const RSA *r, int flags); void RSA_set_flags(RSA *r, int flags); ENGINE *RSA_get0_engine(RSA *r); int RSA_get_multi_prime_extra_count(const RSA *r); int RSA_get0_multi_prime_factors(const RSA *r, const BIGNUM *primes[]); int RSA_get0_multi_prime_crt_params(const RSA *r, const BIGNUM *exps[], const BIGNUM *coeffs[]); int RSA_set0_multi_prime_params(RSA *r, BIGNUM *primes[], BIGNUM *exps[], BIGNUM *coeffs[], int pnum); int RSA_get_version(RSA *r); .Ve
An \s-1RSA\s0 object contains the components for the public and private key, \fBn, e, d, p, q, dmp1, dmq1 and iqmp. n is the modulus common to both public and private key, e is the public exponent and d is the private exponent. p, q, dmp1, \fBdmq1 and iqmp are the factors for the second representation of a private key (see PKCS#1 section 3 Key Types), where p and q are the first and second factor of n and dmp1, dmq1 and iqmp are the exponents and coefficient for \s-1CRT\s0 calculations.
For multi-prime \s-1RSA\s0 (defined in \s-1RFC 8017\s0), there are also one or more 'triplet' in an \s-1RSA\s0 object. A triplet contains three members, r, d and t. r is the additional prime besides p and q. d and \fBt are the exponent and coefficient for \s-1CRT\s0 calculations.
The n, e and d parameters can be obtained by calling \fBRSA_get0_key(). If they have not been set yet, then *n, *e and \fB*d will be set to \s-1NULL.\s0 Otherwise, they are set to pointers to their respective values. These point directly to the internal representations of the values and therefore should not be freed by the caller.
The n, e and d parameter values can be set by calling \fBRSA_set0_key() and passing the new values for n, e and d as parameters to the function. The values n and e must be non-NULL the first time this function is called on a given \s-1RSA\s0 object. The value d may be \s-1NULL.\s0 On subsequent calls any of these values may be \s-1NULL\s0 which means the corresponding \s-1RSA\s0 field is left untouched. Calling this function transfers the memory management of the values to the \s-1RSA\s0 object, and therefore the values that have been passed in should not be freed by the caller after this function has been called.
In a similar fashion, the p and q parameters can be obtained and set with RSA_get0_factors() and RSA_set0_factors(), and the dmp1, \fBdmq1 and iqmp parameters can be obtained and set with \fBRSA_get0_crt_params() and RSA_set0_crt_params().
For RSA_get0_key(), RSA_get0_factors(), and RSA_get0_crt_params(), \s-1NULL\s0 value \s-1BIGNUM\s0 ** output parameters are permitted. The functions ignore \s-1NULL\s0 parameters but return values for other, non-NULL, parameters.
For multi-prime \s-1RSA,\s0 RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params() can be used to obtain other primes and related \s-1CRT\s0 parameters. The return values are stored in an array of \s-1BIGNUM\s0 *. RSA_set0_multi_prime_params() sets a collect of multi-prime 'triplet' members (prime, exponent and coefficient) into an \s-1RSA\s0 object.
Any of the values n, e, d, p, q, dmp1, dmq1, and iqmp can also be retrieved separately by the corresponding function \fBRSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), \fBRSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp(), respectively.
\fBRSA_get0_pss_params() is used to retrieve the RSA-PSS parameters.
\fBRSA_set_flags() sets the flags in the flags parameter on the \s-1RSA\s0 object. Multiple flags can be passed in one go (bitwise ORed together). Any flags that are already set are left set. RSA_test_flags() tests to see whether the flags passed in the flags parameter are currently set in the \s-1RSA\s0 object. Multiple flags can be tested in one go. All flags that are currently set are returned, or zero if none of the flags are set. RSA_clear_flags() clears the specified flags within the \s-1RSA\s0 object.
\fBRSA_get0_engine() returns a handle to the \s-1ENGINE\s0 that has been set for this \s-1RSA\s0 object, or \s-1NULL\s0 if no such \s-1ENGINE\s0 has been set.
\fBRSA_get_version() returns the version of an \s-1RSA\s0 object r.
The caller should obtain the size by calling RSA_get_multi_prime_extra_count() in advance and allocate sufficient buffer to store the return values before calling RSA_get0_multi_prime_factors() and RSA_get0_multi_prime_params().
\fBRSA_set0_multi_prime_params() always clears the original multi-prime triplets in \s-1RSA\s0 object r and assign the new set of triplets into it.
\fBRSA_get0_n(), RSA_get0_e(), RSA_get0_d(), RSA_get0_p(), RSA_get0_q(), \fBRSA_get0_dmp1(), RSA_get0_dmq1(), and RSA_get0_iqmp() return the respective value.
\fBRSA_get0_pss_params() returns a \s-1RSA_PSS_PARAMS\s0 pointer, or \s-1NULL\s0 if there is none.
\fBRSA_get0_multi_prime_factors() and RSA_get0_multi_prime_crt_params() return 1 on success or 0 on failure.
\fBRSA_get_multi_prime_extra_count() returns two less than the number of primes in use, which is 0 for traditional \s-1RSA\s0 and the number of extra primes for multi-prime \s-1RSA.\s0
\fBRSA_get_version() returns \s-1RSA_ASN1_VERSION_MULTI\s0 for multi-prime \s-1RSA\s0 and \fB\s-1RSA_ASN1_VERSION_DEFAULT\s0 for normal two-prime \s-1RSA,\s0 as defined in \s-1RFC 8017.\s0
\fBRSA_test_flags() returns the current state of the flags in the \s-1RSA\s0 object.
\fBRSA_get0_engine() returns the \s-1ENGINE\s0 set for the \s-1RSA\s0 object or \s-1NULL\s0 if no \s-1ENGINE\s0 has been set.
The \fBRSA_get_multi_prime_extra_count(), RSA_get0_multi_prime_factors(), \fBRSA_get0_multi_prime_crt_params(), RSA_set0_multi_prime_params(), and RSA_get_version() functions were added in OpenSSL 1.1.1.
Other functions described here were added in OpenSSL 1.1.0.
All of these functions were deprecated in OpenSSL 3.0.
Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use this file except in compliance with the License. You can obtain a copy in the file \s-1LICENSE\s0 in the source distribution or at <https://www.openssl.org/source/license.html>.