decodePEM,
rsadecrypt,
rsaencrypt,
+rsafill,
rsagen,
rsaprivalloc,
rsaprivfree,
rsapuballoc,
rsapubfree,
X509toRSApub,
-X509gen,
-X509verify \- RSA encryption algorithm
+X509rsagen,
+X509rsareq,
+X509rsaverify,
+X509rsaverifydigest \- RSA encryption algorithm
.SH SYNOPSIS
.B #include <u.h>
.br
.B
RSApriv* rsagen(int nlen, int elen, int nrep)
.PP
+.ta +\w'\fLRSApriv* \fP'u
+.B
+RSApriv* rsafill(mpint *n, mpint *e, mpint *d, mpint *p, mpint *q)
+.PP
.B
mpint* rsaencrypt(RSApub *k, mpint *in, mpint *out)
.PP
uchar* decodePEM(char *s, char *type, int *len, char **new_s)
.PP
.B
-uchar* X509gen(RSApriv *priv, char *subj, ulong valid[2], int *certlen);
+uchar* X509rsagen(RSApriv *priv, char *subj, ulong valid[2], int *certlen);
+.PP
+.B
+uchar* X509rsareq(RSApriv *priv, char *subj, int *certlen);
.PP
.B
-uchar* X509req(RSApriv *priv, char *subj, int *certlen);
+char* X509rsaverify(uchar *cert, int ncert, RSApub *pk)
.PP
.B
-char* X509verify(uchar *cert, int ncert, RSApub *pk)
+char* X509rsaverifydigest(uchar *sig, int siglen, uchar *edigest, int edigestlen, RSApub *pk)
.DT
.SH DESCRIPTION
RSA is a public key encryption algorithm. The owner of a key publishes
.I Rsagen
returns a newly allocated structure containing both
public and private keys.
+.I Rsafill
+returns a newly allocated private key by recomputing
+.IR kp ,
+.IR kq ,
+and
+.IR c2 .
.I Rsaprivtopub
returns a newly allocated copy of the public key
corresponding to the private key.
.I X509toRSApub
returns the public key and, if
.I name
-is not nil, the CN part of the Distinguished Name of the
+is not
+.BR nil ,
+the CN part of the Distinguished Name of the
certificate's Subject.
(This is conventionally a userid or a host DNS name.)
No verification is done of the certificate signature; the
For the special case of
certificates signed by a known trusted key
(in a single step, without certificate chains),
-.I X509verify
+.I X509rsaverify
checks the signature on
.IR cert .
-It returns nil if successful, else an error string.
+It returns
+.B nil
+if successful, else an error string.
+.PP
+.I X509rsaverifydigest
+takes a encoded PKCS #1 signature as used in X.509 as
+.IR sig [ siglen ]
+and verifies it against the expected cryptographic hash
+.IR edigest [ edigestlen ]
+of the signed data;
+returning
+.B nil
+on success or an error string.
.PP
-.I X509gen
+.I X509rsagen
creates a self-signed X.509 certificate, given an RSA keypair
.IR priv ,
a issuer/subject string
is returned and
.BI * len
is undefined.
-If not nil,
+If not
+.BR nil ,
.I new_s
is set to the first character beyond the
.I type