NAME
RSA_get0_key
,
RSA_set0_key
,
RSA_get0_factors
,
RSA_set0_factors
,
RSA_get0_crt_params
,
RSA_set0_crt_params
,
RSA_clear_flags
,
RSA_test_flags
,
RSA_set_flags
—
get and set data in an RSA
object
SYNOPSIS
#include
<openssl/rsa.h>
void
RSA_get0_key
(const RSA *r,
const BIGNUM **n, const BIGNUM
**e, const BIGNUM **d);
int
RSA_set0_key
(RSA *r,
BIGNUM *n, BIGNUM *e,
BIGNUM *d);
void
RSA_get0_factors
(const RSA *r,
const BIGNUM **p, const BIGNUM
**q);
int
RSA_set0_factors
(RSA *r,
BIGNUM *p, BIGNUM *q);
void
RSA_get0_crt_params
(const RSA
*r, const BIGNUM **dmp1, const
BIGNUM **dmq1, const BIGNUM **iqmp);
int
RSA_set0_crt_params
(RSA *r,
BIGNUM *dmp1, BIGNUM *dmq1,
BIGNUM *iqmp);
void
RSA_clear_flags
(RSA *r,
int flags);
int
RSA_test_flags
(const RSA *r,
int flags);
void
RSA_set_flags
(RSA *r,
int flags);
DESCRIPTION
An RSA object contains the components for the public and private key. n is the modulus common to both public and private key, e is the public exponent and d is the private exponent. p, q, dmp1, dmq1, and iqmp are the factors for the second representation of a private key (see PKCS#1 section 3 Key Types), where p and q are the first and second factor of n. dmp1, dmq1, and iqmp are the exponents and coefficient for Chinese Remainder Theorem (CRT) calculations.
The n,
e, and d parameters can be
obtained by calling
RSA_get0_key
().
If they have not been set yet, then *n,
*e, and *d are set to
NULL
. Otherwise, they are set to pointers to the
internal representations of the values that should not be freed by the
caller.
The n,
e, and d parameter values can be
set by calling
RSA_set0_key
().
The values n and e must be
non-NULL
the first time this function is called on a
given RSA object. The value d
may be NULL
. On subsequent calls, any of these
values may be NULL
, which means that the
corresponding field is left untouched. Calling this function transfers the
memory management of the values to the RSA object. Therefore, the values
that have been passed in should not be freed by the caller.
In a similar fashion, the
p and q parameters can be
obtained and set with
RSA_get0_factors
()
and
RSA_set0_factors
(),
and the dmp1, dmq1, and
iqmp parameters can be obtained and set with
RSA_get0_crt_params
()
and
RSA_set0_crt_params
().
For
RSA_get0_key
(),
RSA_get0_factors
(), and
RSA_get0_crt_params
(),
NULL
value BIGNUM ** output
arguments are permitted. The functions ignore NULL
arguments but return values for other, non-NULL
,
arguments.
Values retrieved with
RSA_get0_key
(),
RSA_get0_factors
(), and
RSA_get0_crt_params
()
are owned by the RSA object used in the call and may
therefore
not be
passed to RSA_set0_key
(),
RSA_set0_factors
(), or
RSA_set0_crt_params
(). If needed, duplicate the
received value using
BN_dup(3) and pass the duplicate.
RSA_clear_flags
()
clears the specified flags in r.
RSA_test_flags
()
tests the flags in r.
RSA_set_flags
()
sets the flags in r; any flags
already set remain set. For all three functions, multiple flags can be
passed in one call, OR'ed together bitwise.
The following flags are supported:
RSA_FLAG_CACHE_PRIVATE
andRSA_FLAG_CACHE_PUBLIC
- Precompute information needed for Montgomery multiplication from the private and public key, respectively, and cache it in r for repeated use. These two flags are set by default for the default RSA implementation, RSA_PKCS1_SSLeay(3).
RSA_FLAG_EXT_PKEY
- The function set with
RSA_meth_set_mod_exp(3) is used for private key operations
even if p, q,
dmp1, dmq1, and
iqmp are all
NULL
. This flag may be useful with RSA implementations that do not use the private key components stored in the standard fields, for example because they store the private key in external hardware. If this flag is unset, the function set with RSA_meth_set_bn_mod_exp(3) is used with n and d instead. RSA_FLAG_NO_BLINDING
- Turn off blinding during private key encryption and decryption. This flag is set by RSA_blinding_off(3).
RSA_FLAG_SIGN_VER
- Enable the use of the functions set with RSA_meth_set_sign(3) and RSA_meth_set_verify(3). If unset, the functions set with RSA_meth_set_priv_enc(3) and RSA_meth_set_pub_dec(3) are used instead, respectively.
The flags RSA_FLAG_BLINDING
,
RSA_FLAG_CHECKED
,
RSA_FLAG_FIPS_METHOD
,
RSA_FLAG_NON_FIPS_ALLOW
, and
RSA_FLAG_THREAD_SAFE
are defined for compatibility
with existing code but have no effect.
RETURN VALUES
RSA_set0_key
(),
RSA_set0_factors
(), and
RSA_set0_crt_params
() return 1 on success or 0 on
failure.
RSA_test_flags
() returns those of the
given flags currently set in r
or 0 if none of the given flags are set.
SEE ALSO
RSA_check_key(3), RSA_generate_key(3), RSA_new(3), RSA_print(3), RSA_size(3)
HISTORY
These functions first appeared in OpenSSL 1.1.0 and have been available since OpenBSD 6.3.