asn1dump, asn1toRSApub, asn1toRSApriv, decodePEM, rsadecrypt, rsaen‐
crypt, rsagen, rsaprivalloc, rsaprivfree, rsaprivtopub, rsapuballoc,
rsapubfree, RSApubtoasn1, X509toRSApub, X509gen, X509verify - RSA
RSApriv* rsagen(int nlen, int elen, int nrep)
mpint* rsaencrypt(RSApub *k, mpint *in, mpint *out)
mpint* rsadecrypt(RSApriv *k, mpint *in, mpint *out)
RSApub* X509toRSApub(uchar *cert, int ncert, char *name, int nname)
RSApub* asn1toRSApub(uchar *pub, int npub)
uchar* RSApubtoasn1(RSApub *pub, int *keylen)
RSApriv* asn1toRSApriv(uchar *priv, int npriv)
void asn1dump(uchar *der, int len)
uchar* decodePEM(char *s, char *type, int *len, char **new_s)
uchar* X509gen(RSApriv *priv, char *subj, ulong valid, int
uchar* X509req(RSApriv *priv, char *subj, int *certlen);
char* X509verify(uchar *cert, int ncert, RSApub *pk)
RSA is a public key encryption algorithm. The owner of a key publishes
the public part of the key:
mpint *n; /* modulus */
mpint *ek; /* exp (encryption key) */
This part can be used for encrypting data (with rsaencrypt) to be sent
to the owner. The owner decrypts (with rsadecrypt) using his private
mpint *dk; /* exp (decryption key) */
/* precomputed crt values */
mpint *kp; /* k mod p-1 */
mpint *kq; /* k mod q-1 */
mpint *c2; /* for converting residues to number */
Keys are generated using rsagen. Rsagen takes both bit length of the
modulus, the bit length of the public key exponent, and the number of
repetitions of the Miller-Rabin primality test to run. If the latter
is 0, it does the default number of rounds. Rsagen returns a newly
allocated structure containing both public and private keys. Rsapriv‐
topub returns a newly allocated copy of the public key corresponding to
the private key.
The routines rsaalloc, rsafree, rsapuballoc, rsapubfree, rsaprivalloc,
and rsaprivfree are provided to aid in user provided key I/O.
Given a binary X.509 cert, the routine X509toRSApub returns the public
key and, if name is not nil, the CN part of the Distinguished Name of
the certificate's Subject. (This is conventionally a userid or a host
DNS name.) No verification is done of the certificate signature; the
caller should check the fingerprint, sha1(cert), against a table or
check the certificate by other means. X.509 certificates are often
stored in PEM format; use dec64 to convert to binary before computing
the fingerprint or calling X509toRSApub. For the special case of cer‐
tificates signed by a known trusted key (in a single step, without cer‐
tificate chains), X509verify checks the signature on cert. It returns
nil if successful, else an error string.
X509gen creates a self-signed X.509 certificate, given an RSA keypair
priv, a issuer/subject string subj, and the starting and ending valid‐
ity dates, valid. Length of the allocated binary certificate is stored
in certlen. The subject line is conventionally of the form
C=US ST=NJ L=07922 O=Lucent OU='Bell Labs' CN=Eric
using the quoting conventions of tokenize in getfields(2).
Asn1toRSApub converts an ASN1-formatted RSA public key into the corre‐
sponding RSApub structure.
RSApubtoasn1 encodes an RSA public key using ASN.1 DER. It returns a
pointer to the encoded key; if keylen is non-nil, it sets *keylen to
the length of the encoded key.
Asn1toRSApriv converts an ASN1 formatted RSA private key into the cor‐
responding RSApriv structure.
Asn1dump prints an ASN1 object to standard output.
DecodePEM takes a zero terminated string, s, and decodes the PEM (pri‐
vacy-enhanced mail) formatted section for type within it. If success‐
ful, it returns malloced storage containing the decoded section, which
the caller must free, and sets *len to its decoded length. Otherwise
nil is returned and *len is undefined. If not nil, new_s is set to the
first character beyond the type section.
SEE ALSOmp(2), aes(2), blowfish(2), des(2), dsa(2), elgamal(2), rc4(2),
sechash(2), prime(2), rand(2), rsa(8)RSA(2)