19 X509rsaverifydigest \- RSA encryption algorithm
27 .B #include <libsec.h>
29 .ta +\w'\fLRSApriv* \fP'u
31 RSApriv* rsagen(int nlen, int elen, int nrep)
33 .ta +\w'\fLRSApriv* \fP'u
35 RSApriv* rsafill(mpint *n, mpint *e, mpint *d, mpint *p, mpint *q)
38 mpint* rsaencrypt(RSApub *k, mpint *in, mpint *out)
41 mpint* rsadecrypt(RSApriv *k, mpint *in, mpint *out)
44 RSApub* rsapuballoc(void)
47 void rsapubfree(RSApub*)
50 RSApriv* rsaprivalloc(void)
53 void rsaprivfree(RSApriv*)
56 RSApub* rsaprivtopub(RSApriv*)
59 RSApub* X509toRSApub(uchar *cert, int ncert, char *name, int nname)
62 RSApriv* asn1toRSApriv(uchar *priv, int npriv)
65 void asn1dump(uchar *der, int len)
68 uchar* decodePEM(char *s, char *type, int *len, char **new_s)
71 uchar* X509rsagen(RSApriv *priv, char *subj, ulong valid[2], int *certlen);
74 uchar* X509rsareq(RSApriv *priv, char *subj, int *certlen);
77 char* X509rsaverify(uchar *cert, int ncert, RSApub *pk)
80 char* X509rsaverifydigest(uchar *sig, int siglen, uchar *edigest, int edigestlen, RSApub *pk)
83 RSA is a public key encryption algorithm. The owner of a key publishes
84 the public part of the key:
89 mpint *n; /* modulus */
90 mpint *ek; /* exp (encryption key) */
94 This part can be used for encrypting data (with
96 to be sent to the owner.
97 The owner decrypts (with
99 using his private key:
105 mpint *dk; /* exp (decryption key) */
107 /* precomputed crt values */
110 mpint *kp; /* k mod p-1 */
111 mpint *kq; /* k mod q-1 */
112 mpint *c2; /* for converting residues to number */
116 Keys are generated using
119 takes both bit length of the modulus, the bit length of the
120 public key exponent, and the number of repetitions of the Miller-Rabin
121 primality test to run. If the latter is 0, it does the default number
124 returns a newly allocated structure containing both
125 public and private keys.
127 returns a newly allocated private key by recomputing
133 returns a newly allocated copy of the public key
134 corresponding to the private key.
144 are provided to aid in user provided key I/O.
150 returns the public key and, if
154 the CN part of the Distinguished Name of the
155 certificate's Subject.
156 (This is conventionally a userid or a host DNS name.)
157 No verification is done of the certificate signature; the
158 caller should check the fingerprint,
160 against a table or check the certificate by other means.
161 X.509 certificates are often stored in PEM format; use
163 to convert to binary before computing the fingerprint or calling
165 For the special case of
166 certificates signed by a known trusted key
167 (in a single step, without certificate chains),
169 checks the signature on
173 if successful, else an error string.
175 .I X509rsaverifydigest
176 takes a encoded PKCS #1 signature as used in X.509 as
178 and verifies it against the expected cryptographic hash
179 .IR edigest [ edigestlen ]
183 on success or an error string.
186 creates a self-signed X.509 certificate, given an RSA keypair
188 a issuer/subject string
190 and the starting and ending validity dates,
192 Length of the allocated binary certificate is stored in
194 The subject line is conventionally of the form
197 C=US ST=NJ L=07922 O=Lucent OU='Bell Labs' CN=Eric
200 using the quoting conventions of
206 converts an ASN1 formatted RSA private key into the corresponding
211 prints an ASN1 object to standard output.
214 takes a zero terminated string,
216 and decodes the PEM (privacy-enhanced mail) formatted section for
219 If successful, it returns
221 storage containing the decoded section,
222 which the caller must free,
225 to its decoded length.
234 is set to the first character beyond the