diff options
Diffstat (limited to 'deps/openssl/openssl/doc/crypto/RSA_set_method.pod')
-rw-r--r-- | deps/openssl/openssl/doc/crypto/RSA_set_method.pod | 104 |
1 files changed, 42 insertions, 62 deletions
diff --git a/deps/openssl/openssl/doc/crypto/RSA_set_method.pod b/deps/openssl/openssl/doc/crypto/RSA_set_method.pod index 0ef0781186..668ad7a16b 100644 --- a/deps/openssl/openssl/doc/crypto/RSA_set_method.pod +++ b/deps/openssl/openssl/doc/crypto/RSA_set_method.pod @@ -3,7 +3,7 @@ =head1 NAME RSA_set_default_method, RSA_get_default_method, RSA_set_method, -RSA_get_method, RSA_PKCS1_SSLeay, RSA_null_method, RSA_flags, +RSA_get_method, RSA_PKCS1_OpenSSL, RSA_flags, RSA_new_method - select RSA method =head1 SYNOPSIS @@ -18,13 +18,11 @@ RSA_new_method - select RSA method RSA_METHOD *RSA_get_method(const RSA *rsa); - RSA_METHOD *RSA_PKCS1_SSLeay(void); - - RSA_METHOD *RSA_null_method(void); + RSA_METHOD *RSA_PKCS1_OpenSSL(void); int RSA_flags(const RSA *rsa); - RSA *RSA_new_method(RSA_METHOD *method); + RSA *RSA_new_method(ENGINE *engine); =head1 DESCRIPTION @@ -35,15 +33,18 @@ important information about how these RSA API functions are affected by the use of B<ENGINE> API calls. Initially, the default RSA_METHOD is the OpenSSL internal implementation, -as returned by RSA_PKCS1_SSLeay(). +as returned by RSA_PKCS1_OpenSSL(). RSA_set_default_method() makes B<meth> the default method for all RSA -structures created later. B<NB>: This is true only whilst no ENGINE has +structures created later. +B<NB>: This is true only whilst no ENGINE has been set as a default for RSA, so this function is no longer recommended. +This function is not thread-safe and should not be called at the same time +as other OpenSSL functions. RSA_get_default_method() returns a pointer to the current default RSA_METHOD. However, the meaningfulness of this result is dependent on -whether the ENGINE API is being used, so this function is no longer +whether the ENGINE API is being used, so this function is no longer recommended. RSA_set_method() selects B<meth> to perform all operations using the key @@ -80,69 +81,62 @@ the default method is used. typedef struct rsa_meth_st { /* name of the implementation */ - const char *name; + const char *name; /* encrypt */ - int (*rsa_pub_enc)(int flen, unsigned char *from, + int (*rsa_pub_enc)(int flen, unsigned char *from, unsigned char *to, RSA *rsa, int padding); /* verify arbitrary data */ - int (*rsa_pub_dec)(int flen, unsigned char *from, + int (*rsa_pub_dec)(int flen, unsigned char *from, unsigned char *to, RSA *rsa, int padding); /* sign arbitrary data */ - int (*rsa_priv_enc)(int flen, unsigned char *from, + int (*rsa_priv_enc)(int flen, unsigned char *from, unsigned char *to, RSA *rsa, int padding); /* decrypt */ - int (*rsa_priv_dec)(int flen, unsigned char *from, + int (*rsa_priv_dec)(int flen, unsigned char *from, unsigned char *to, RSA *rsa, int padding); /* compute r0 = r0 ^ I mod rsa->n (May be NULL for some implementations) */ - int (*rsa_mod_exp)(BIGNUM *r0, BIGNUM *I, RSA *rsa); + int (*rsa_mod_exp)(BIGNUM *r0, BIGNUM *I, RSA *rsa); /* compute r = a ^ p mod m (May be NULL for some implementations) */ - int (*bn_mod_exp)(BIGNUM *r, BIGNUM *a, const BIGNUM *p, + int (*bn_mod_exp)(BIGNUM *r, BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); /* called at RSA_new */ - int (*init)(RSA *rsa); + int (*init)(RSA *rsa); /* called at RSA_free */ - int (*finish)(RSA *rsa); + int (*finish)(RSA *rsa); /* RSA_FLAG_EXT_PKEY - rsa_mod_exp is called for private key * operations, even if p,q,dmp1,dmq1,iqmp * are NULL - * RSA_FLAG_SIGN_VER - enable rsa_sign and rsa_verify * RSA_METHOD_FLAG_NO_CHECK - don't check pub/private match */ - int flags; + int flags; - char *app_data; /* ?? */ + char *app_data; /* ?? */ - /* sign. For backward compatibility, this is used only - * if (flags & RSA_FLAG_SIGN_VER) - */ - int (*rsa_sign)(int type, - const unsigned char *m, unsigned int m_length, - unsigned char *sigret, unsigned int *siglen, const RSA *rsa); - /* verify. For backward compatibility, this is used only - * if (flags & RSA_FLAG_SIGN_VER) - */ - int (*rsa_verify)(int dtype, - const unsigned char *m, unsigned int m_length, - const unsigned char *sigbuf, unsigned int siglen, - const RSA *rsa); + int (*rsa_sign)(int type, + const unsigned char *m, unsigned int m_length, + unsigned char *sigret, unsigned int *siglen, const RSA *rsa); + int (*rsa_verify)(int dtype, + const unsigned char *m, unsigned int m_length, + const unsigned char *sigbuf, unsigned int siglen, + const RSA *rsa); /* keygen. If NULL builtin RSA key generation will be used */ - int (*rsa_keygen)(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb); + int (*rsa_keygen)(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb); } RSA_METHOD; =head1 RETURN VALUES -RSA_PKCS1_SSLeay(), RSA_PKCS1_null_method(), RSA_get_default_method() +RSA_PKCS1_OpenSSL(), RSA_PKCS1_null_method(), RSA_get_default_method() and RSA_get_method() return pointers to the respective RSA_METHODs. RSA_set_default_method() returns no value. @@ -156,19 +150,9 @@ ENGINE). For this reason, the return type may be replaced with a B<void> declaration in a future release. RSA_new_method() returns NULL and sets an error code that can be obtained -by L<ERR_get_error(3)|ERR_get_error(3)> if the allocation fails. Otherwise +by L<ERR_get_error(3)> if the allocation fails. Otherwise it returns a pointer to the newly allocated structure. -=head1 NOTES - -As of version 0.9.7, RSA_METHOD implementations are grouped together with -other algorithmic APIs (eg. DSA_METHOD, EVP_CIPHER, etc) into B<ENGINE> -modules. If a default ENGINE is specified for RSA functionality using an -ENGINE API function, that will override any RSA defaults set using the RSA -API (ie. RSA_set_default_method()). For this reason, the ENGINE API is the -recommended way to control default implementations for use in RSA and other -cryptographic algorithms. - =head1 BUGS The behaviour of RSA_flags() is a mis-feature that is left as-is for now @@ -183,24 +167,20 @@ not currently exist). =head1 SEE ALSO -L<rsa(3)|rsa(3)>, L<RSA_new(3)|RSA_new(3)> +L<RSA_new(3)> =head1 HISTORY -RSA_new_method() and RSA_set_default_method() appeared in SSLeay 0.8. -RSA_get_default_method(), RSA_set_method() and RSA_get_method() as -well as the rsa_sign and rsa_verify components of RSA_METHOD were -added in OpenSSL 0.9.4. - -RSA_set_default_openssl_method() and RSA_get_default_openssl_method() -replaced RSA_set_default_method() and RSA_get_default_method() -respectively, and RSA_set_method() and RSA_new_method() were altered to use -B<ENGINE>s rather than B<RSA_METHOD>s during development of the engine -version of OpenSSL 0.9.6. For 0.9.7, the handling of defaults in the ENGINE -API was restructured so that this change was reversed, and behaviour of the -other functions resembled more closely the previous behaviour. The -behaviour of defaults in the ENGINE API now transparently overrides the -behaviour of defaults in the RSA API without requiring changing these -function prototypes. +The RSA_null_method(), which was a partial attempt to avoid patent issues, +was replaced to always return NULL in OpenSSL 1.1.0f. + +=head1 COPYRIGHT + +Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the OpenSSL license (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L<https://www.openssl.org/source/license.html>. =cut |