Import OpenSSL 1.1.0f
This commit is contained in:
Steve Dower
Steve Dower
@@ -3,7 +3,7 @@
|
||||
=head1 NAME
|
||||
|
||||
RSA_set_default_method, RSA_get_default_method, RSA_set_method,
|
||||
RSA_get_method, RSA_PKCS1_SSLeay, RSA_null_method, RSA_flags,
|
||||
RSA_get_method, RSA_PKCS1_OpenSSL, RSA_null_method, RSA_flags,
|
||||
RSA_new_method - select RSA method
|
||||
|
||||
=head1 SYNOPSIS
|
||||
@@ -18,13 +18,13 @@ RSA_new_method - select RSA method
|
||||
|
||||
RSA_METHOD *RSA_get_method(const RSA *rsa);
|
||||
|
||||
RSA_METHOD *RSA_PKCS1_SSLeay(void);
|
||||
RSA_METHOD *RSA_PKCS1_OpenSSL(void);
|
||||
|
||||
RSA_METHOD *RSA_null_method(void);
|
||||
|
||||
int RSA_flags(const RSA *rsa);
|
||||
|
||||
RSA *RSA_new_method(RSA_METHOD *method);
|
||||
RSA *RSA_new_method(ENGINE *engine);
|
||||
|
||||
=head1 DESCRIPTION
|
||||
|
||||
@@ -35,7 +35,7 @@ important information about how these RSA API functions are affected by the
|
||||
use of B<ENGINE> API calls.
|
||||
|
||||
Initially, the default RSA_METHOD is the OpenSSL internal implementation,
|
||||
as returned by RSA_PKCS1_SSLeay().
|
||||
as returned by RSA_PKCS1_OpenSSL().
|
||||
|
||||
RSA_set_default_method() makes B<meth> the default method for all RSA
|
||||
structures created later. B<NB>: This is true only whilst no ENGINE has
|
||||
@@ -43,7 +43,7 @@ been set as a default for RSA, so this function is no longer recommended.
|
||||
|
||||
RSA_get_default_method() returns a pointer to the current default
|
||||
RSA_METHOD. However, the meaningfulness of this result is dependent on
|
||||
whether the ENGINE API is being used, so this function is no longer
|
||||
whether the ENGINE API is being used, so this function is no longer
|
||||
recommended.
|
||||
|
||||
RSA_set_method() selects B<meth> to perform all operations using the key
|
||||
@@ -80,69 +80,62 @@ the default method is used.
|
||||
typedef struct rsa_meth_st
|
||||
{
|
||||
/* name of the implementation */
|
||||
const char *name;
|
||||
const char *name;
|
||||
|
||||
/* encrypt */
|
||||
int (*rsa_pub_enc)(int flen, unsigned char *from,
|
||||
int (*rsa_pub_enc)(int flen, unsigned char *from,
|
||||
unsigned char *to, RSA *rsa, int padding);
|
||||
|
||||
/* verify arbitrary data */
|
||||
int (*rsa_pub_dec)(int flen, unsigned char *from,
|
||||
int (*rsa_pub_dec)(int flen, unsigned char *from,
|
||||
unsigned char *to, RSA *rsa, int padding);
|
||||
|
||||
/* sign arbitrary data */
|
||||
int (*rsa_priv_enc)(int flen, unsigned char *from,
|
||||
int (*rsa_priv_enc)(int flen, unsigned char *from,
|
||||
unsigned char *to, RSA *rsa, int padding);
|
||||
|
||||
/* decrypt */
|
||||
int (*rsa_priv_dec)(int flen, unsigned char *from,
|
||||
int (*rsa_priv_dec)(int flen, unsigned char *from,
|
||||
unsigned char *to, RSA *rsa, int padding);
|
||||
|
||||
/* compute r0 = r0 ^ I mod rsa->n (May be NULL for some
|
||||
implementations) */
|
||||
int (*rsa_mod_exp)(BIGNUM *r0, BIGNUM *I, RSA *rsa);
|
||||
int (*rsa_mod_exp)(BIGNUM *r0, BIGNUM *I, RSA *rsa);
|
||||
|
||||
/* compute r = a ^ p mod m (May be NULL for some implementations) */
|
||||
int (*bn_mod_exp)(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
|
||||
int (*bn_mod_exp)(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
|
||||
const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
|
||||
|
||||
/* called at RSA_new */
|
||||
int (*init)(RSA *rsa);
|
||||
int (*init)(RSA *rsa);
|
||||
|
||||
/* called at RSA_free */
|
||||
int (*finish)(RSA *rsa);
|
||||
int (*finish)(RSA *rsa);
|
||||
|
||||
/* RSA_FLAG_EXT_PKEY - rsa_mod_exp is called for private key
|
||||
* operations, even if p,q,dmp1,dmq1,iqmp
|
||||
* are NULL
|
||||
* RSA_FLAG_SIGN_VER - enable rsa_sign and rsa_verify
|
||||
* RSA_METHOD_FLAG_NO_CHECK - don't check pub/private match
|
||||
*/
|
||||
int flags;
|
||||
int flags;
|
||||
|
||||
char *app_data; /* ?? */
|
||||
char *app_data; /* ?? */
|
||||
|
||||
/* sign. For backward compatibility, this is used only
|
||||
* if (flags & RSA_FLAG_SIGN_VER)
|
||||
*/
|
||||
int (*rsa_sign)(int type,
|
||||
const unsigned char *m, unsigned int m_length,
|
||||
unsigned char *sigret, unsigned int *siglen, const RSA *rsa);
|
||||
/* verify. For backward compatibility, this is used only
|
||||
* if (flags & RSA_FLAG_SIGN_VER)
|
||||
*/
|
||||
int (*rsa_verify)(int dtype,
|
||||
const unsigned char *m, unsigned int m_length,
|
||||
const unsigned char *sigbuf, unsigned int siglen,
|
||||
const RSA *rsa);
|
||||
int (*rsa_sign)(int type,
|
||||
const unsigned char *m, unsigned int m_length,
|
||||
unsigned char *sigret, unsigned int *siglen, const RSA *rsa);
|
||||
int (*rsa_verify)(int dtype,
|
||||
const unsigned char *m, unsigned int m_length,
|
||||
const unsigned char *sigbuf, unsigned int siglen,
|
||||
const RSA *rsa);
|
||||
/* keygen. If NULL builtin RSA key generation will be used */
|
||||
int (*rsa_keygen)(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
|
||||
int (*rsa_keygen)(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
|
||||
|
||||
} RSA_METHOD;
|
||||
|
||||
=head1 RETURN VALUES
|
||||
|
||||
RSA_PKCS1_SSLeay(), RSA_PKCS1_null_method(), RSA_get_default_method()
|
||||
RSA_PKCS1_OpenSSL(), RSA_PKCS1_null_method(), RSA_get_default_method()
|
||||
and RSA_get_method() return pointers to the respective RSA_METHODs.
|
||||
|
||||
RSA_set_default_method() returns no value.
|
||||
@@ -156,19 +149,9 @@ ENGINE). For this reason, the return type may be replaced with a B<void>
|
||||
declaration in a future release.
|
||||
|
||||
RSA_new_method() returns NULL and sets an error code that can be obtained
|
||||
by L<ERR_get_error(3)|ERR_get_error(3)> if the allocation fails. Otherwise
|
||||
by L<ERR_get_error(3)> if the allocation fails. Otherwise
|
||||
it returns a pointer to the newly allocated structure.
|
||||
|
||||
=head1 NOTES
|
||||
|
||||
As of version 0.9.7, RSA_METHOD implementations are grouped together with
|
||||
other algorithmic APIs (eg. DSA_METHOD, EVP_CIPHER, etc) into B<ENGINE>
|
||||
modules. If a default ENGINE is specified for RSA functionality using an
|
||||
ENGINE API function, that will override any RSA defaults set using the RSA
|
||||
API (ie. RSA_set_default_method()). For this reason, the ENGINE API is the
|
||||
recommended way to control default implementations for use in RSA and other
|
||||
cryptographic algorithms.
|
||||
|
||||
=head1 BUGS
|
||||
|
||||
The behaviour of RSA_flags() is a mis-feature that is left as-is for now
|
||||
@@ -183,24 +166,15 @@ not currently exist).
|
||||
|
||||
=head1 SEE ALSO
|
||||
|
||||
L<rsa(3)|rsa(3)>, L<RSA_new(3)|RSA_new(3)>
|
||||
L<RSA_new(3)>
|
||||
|
||||
=head1 HISTORY
|
||||
=head1 COPYRIGHT
|
||||
|
||||
RSA_new_method() and RSA_set_default_method() appeared in SSLeay 0.8.
|
||||
RSA_get_default_method(), RSA_set_method() and RSA_get_method() as
|
||||
well as the rsa_sign and rsa_verify components of RSA_METHOD were
|
||||
added in OpenSSL 0.9.4.
|
||||
Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
|
||||
RSA_set_default_openssl_method() and RSA_get_default_openssl_method()
|
||||
replaced RSA_set_default_method() and RSA_get_default_method()
|
||||
respectively, and RSA_set_method() and RSA_new_method() were altered to use
|
||||
B<ENGINE>s rather than B<RSA_METHOD>s during development of the engine
|
||||
version of OpenSSL 0.9.6. For 0.9.7, the handling of defaults in the ENGINE
|
||||
API was restructured so that this change was reversed, and behaviour of the
|
||||
other functions resembled more closely the previous behaviour. The
|
||||
behaviour of defaults in the ENGINE API now transparently overrides the
|
||||
behaviour of defaults in the RSA API without requiring changing these
|
||||
function prototypes.
|
||||
Licensed under the OpenSSL license (the "License"). You may not use
|
||||
this file except in compliance with the License. You can obtain a copy
|
||||
in the file LICENSE in the source distribution or at
|
||||
L<https://www.openssl.org/source/license.html>.
|
||||
|
||||
=cut
|
||||
|
||||
Reference in New Issue
Block a user