decodePEM,
rsadecrypt,
rsaencrypt,
+rsafill,
rsagen,
rsaprivalloc,
rsaprivfree,
X509toRSApub,
X509rsagen,
X509rsareq,
-X509rsaverify \- RSA encryption algorithm
+X509rsaverify,
+X509rsaverifydigest \- RSA encryption algorithm
.SH SYNOPSIS
.B #include <u.h>
.br
.B
RSApriv* rsagen(int nlen, int elen, int nrep)
.PP
+.ta +\w'\fLRSApriv* \fP'u
+.B
+RSApriv* rsafill(mpint *n, mpint *e, mpint *d, mpint *p, mpint *q)
+.PP
.B
mpint* rsaencrypt(RSApub *k, mpint *in, mpint *out)
.PP
.PP
.B
char* X509rsaverify(uchar *cert, int ncert, RSApub *pk)
+.PP
+.B
+char* X509rsaverifydigest(uchar *sig, int siglen, uchar *edigest, int edigestlen, RSApub *pk)
.DT
.SH DESCRIPTION
RSA is a public key encryption algorithm. The owner of a key publishes
.I Rsagen
returns a newly allocated structure containing both
public and private keys.
+.I Rsafill
+returns a newly allocated private key by recomputing
+.IR kp ,
+.IR kq ,
+and
+.IR c2 .
.I Rsaprivtopub
returns a newly allocated copy of the public key
corresponding to the private key.
.I X509toRSApub
returns the public key and, if
.I name
-is not nil, the CN part of the Distinguished Name of the
+is not
+.BR nil ,
+the CN part of the Distinguished Name of the
certificate's Subject.
(This is conventionally a userid or a host DNS name.)
No verification is done of the certificate signature; the
.I X509rsaverify
checks the signature on
.IR cert .
-It returns nil if successful, else an error string.
+It returns
+.B nil
+if successful, else an error string.
+.PP
+.I X509rsaverifydigest
+takes a encoded PKCS #1 signature as used in X.509 as
+.IR sig [ siglen ]
+and verifies it against the expected cryptographic hash
+.IR edigest [ edigestlen ]
+of the signed data;
+returning
+.B nil
+on success or an error string.
.PP
.I X509rsagen
creates a self-signed X.509 certificate, given an RSA keypair
is returned and
.BI * len
is undefined.
-If not nil,
+If not
+.BR nil ,
.I new_s
is set to the first character beyond the
.I type