OpenBSD manual page server

Manual Page Search Parameters

RSA_GET0_KEY(3) Library Functions Manual RSA_GET0_KEY(3)

RSA_get0_key, RSA_set0_key, RSA_get0_factors, RSA_set0_factors, RSA_get0_crt_params, RSA_set0_crt_params, RSA_clear_flags, RSA_test_flags, RSA_set_flagsget and set data in an RSA object

#include <openssl/rsa.h>

void
RSA_get0_key(const RSA *r, const BIGNUM **n, const BIGNUM **e, const BIGNUM **d);

int
RSA_set0_key(RSA *r, BIGNUM *n, BIGNUM *e, BIGNUM *d);

void
RSA_get0_factors(const RSA *r, const BIGNUM **p, const BIGNUM **q);

int
RSA_set0_factors(RSA *r, BIGNUM *p, BIGNUM *q);

void
RSA_get0_crt_params(const RSA *r, const BIGNUM **dmp1, const BIGNUM **dmq1, const BIGNUM **iqmp);

int
RSA_set0_crt_params(RSA *r, BIGNUM *dmp1, BIGNUM *dmq1, BIGNUM *iqmp);

void
RSA_clear_flags(RSA *r, int flags);

int
RSA_test_flags(const RSA *r, int flags);

void
RSA_set_flags(RSA *r, int flags);

An RSA object contains the components for the public and private key. n is the modulus common to both public and private key, e is the public exponent and d is the private exponent. p, q, dmp1, dmq1, and iqmp are the factors for the second representation of a private key (see PKCS#1 section 3 Key Types), where p and q are the first and second factor of n. dmp1, dmq1, and iqmp are the exponents and coefficient for Chinese Remainder Theorem (CRT) calculations.

The n, e, and d parameters can be obtained by calling (). If they have not been set yet, then *n, *e, and *d are set to NULL. Otherwise, they are set to pointers to the internal representations of the values that should not be freed by the caller.

The n, e, and d parameter values can be set by calling (). The values n and e must be non-NULL the first time this function is called on a given RSA object. The value d may be NULL. On subsequent calls, any of these values may be NULL, which means that the corresponding field is left untouched. Calling this function transfers the memory management of the values to the RSA object. Therefore, the values that have been passed in should not be freed by the caller.

In a similar fashion, the p and q parameters can be obtained and set with () and (), and the dmp1, dmq1, and iqmp parameters can be obtained and set with () and ().

For (), RSA_get0_factors(), and (), NULL value BIGNUM ** output arguments are permitted. The functions ignore NULL arguments but return values for other, non-NULL, arguments.

Values retrieved with (), RSA_get0_factors(), and () are owned by the RSA object used in the call and may therefore be passed to RSA_set0_key(), RSA_set0_factors(), or RSA_set0_crt_params(). If needed, duplicate the received value using BN_dup(3) and pass the duplicate.

() clears the specified flags in r. () tests the flags in r. () sets the flags in r; any flags already set remain set. For all three functions, multiple flags can be passed in one call, OR'ed together bitwise.

The following flags are supported:

and RSA_FLAG_CACHE_PUBLIC
Precompute information needed for Montgomery multiplication from the private and public key, respectively, and cache it in r for repeated use. These two flags are set by default for the default RSA implementation, RSA_PKCS1_SSLeay(3).
The function set with RSA_meth_set_mod_exp(3) is used for private key operations even if p, q, dmp1, dmq1, and iqmp are all NULL. This flag may be useful with RSA implementations that do not use the private key components stored in the standard fields, for example because they store the private key in external hardware. If this flag is unset, the function set with RSA_meth_set_bn_mod_exp(3) is used with n and d instead.
Turn off blinding during private key encryption and decryption. This flag is set by RSA_blinding_off(3).
Enable the use of the functions set with RSA_meth_set_sign(3) and RSA_meth_set_verify(3). If unset, the functions set with RSA_meth_set_priv_enc(3) and RSA_meth_set_pub_dec(3) are used instead, respectively.

The flags RSA_FLAG_BLINDING, RSA_FLAG_CHECKED, RSA_FLAG_FIPS_METHOD, RSA_FLAG_NON_FIPS_ALLOW, and RSA_FLAG_THREAD_SAFE are defined for compatibility with existing code but have no effect.

RSA_set0_key(), RSA_set0_factors(), and RSA_set0_crt_params() return 1 on success or 0 on failure.

RSA_test_flags() returns those of the given flags currently set in r or 0 if none of the given flags are set.

RSA_check_key(3), RSA_generate_key(3), RSA_new(3), RSA_print(3), RSA_size(3)

These functions first appeared in OpenSSL 1.1.0 and have been available since OpenBSD 6.3.

July 13, 2019 OpenBSD-7.0