.\" $OpenBSD: RSA_get0_key.3,v 1.6 2019/07/13 17:26:38 schwarze Exp $ .\" selective merge up to: OpenSSL 665d899f Aug 2 02:19:43 2017 +0800 .\" .\" This file is a derived work. .\" The changes are covered by the following Copyright and license: .\" .\" Copyright (c) 2019 Ingo Schwarze .\" .\" Permission to use, copy, modify, and distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above .\" copyright notice and this permission notice appear in all copies. .\" .\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES .\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF .\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR .\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES .\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" .\" The original file was written by Richard Levitte .\" Copyright (c) 2016 The OpenSSL Project. All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in .\" the documentation and/or other materials provided with the .\" distribution. .\" .\" 3. All advertising materials mentioning features or use of this .\" software must display the following acknowledgment: .\" "This product includes software developed by the OpenSSL Project .\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" .\" .\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to .\" endorse or promote products derived from this software without .\" prior written permission. For written permission, please contact .\" openssl-core@openssl.org. .\" .\" 5. Products derived from this software may not be called "OpenSSL" .\" nor may "OpenSSL" appear in their names without prior written .\" permission of the OpenSSL Project. .\" .\" 6. Redistributions of any form whatsoever must retain the following .\" acknowledgment: .\" "This product includes software developed by the OpenSSL Project .\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" .\" .\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY .\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR .\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR .\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, .\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT .\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; .\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, .\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" .Dd $Mdocdate: July 13 2019 $ .Dt RSA_GET0_KEY 3 .Os .Sh NAME .Nm RSA_get0_key , .Nm RSA_set0_key , .Nm RSA_get0_factors , .Nm RSA_set0_factors , .Nm RSA_get0_crt_params , .Nm RSA_set0_crt_params , .Nm RSA_clear_flags , .Nm RSA_test_flags , .Nm RSA_set_flags .Nd get and set data in an RSA object .Sh SYNOPSIS .In openssl/rsa.h .Ft void .Fo RSA_get0_key .Fa "const RSA *r" .Fa "const BIGNUM **n" .Fa "const BIGNUM **e" .Fa "const BIGNUM **d" .Fc .Ft int .Fo RSA_set0_key .Fa "RSA *r" .Fa "BIGNUM *n" .Fa "BIGNUM *e" .Fa "BIGNUM *d" .Fc .Ft void .Fo RSA_get0_factors .Fa "const RSA *r" .Fa "const BIGNUM **p" .Fa "const BIGNUM **q" .Fc .Ft int .Fo RSA_set0_factors .Fa "RSA *r" .Fa "BIGNUM *p" .Fa "BIGNUM *q" .Fc .Ft void .Fo RSA_get0_crt_params .Fa "const RSA *r" .Fa "const BIGNUM **dmp1" .Fa "const BIGNUM **dmq1" .Fa "const BIGNUM **iqmp" .Fc .Ft int .Fo RSA_set0_crt_params .Fa "RSA *r" .Fa "BIGNUM *dmp1" .Fa "BIGNUM *dmq1" .Fa "BIGNUM *iqmp" .Fc .Ft void .Fo RSA_clear_flags .Fa "RSA *r" .Fa "int flags" .Fc .Ft int .Fo RSA_test_flags .Fa "const RSA *r" .Fa "int flags" .Fc .Ft void .Fo RSA_set_flags .Fa "RSA *r" .Fa "int flags" .Fc .Sh DESCRIPTION An .Vt RSA object contains the components for the public and private key. .Fa n is the modulus common to both public and private key, .Fa e is the public exponent and .Fa d is the private exponent. .Fa p , .Fa q , .Fa dmp1 , .Fa dmq1 , and .Fa iqmp are the factors for the second representation of a private key (see PKCS#1 section 3 Key Types), where .Fa p and .Fa q are the first and second factor of .Fa n . .Fa dmp1 , .Fa dmq1 , and .Fa iqmp are the exponents and coefficient for Chinese Remainder Theorem (CRT) calculations. .Pp The .Fa n , .Fa e , and .Fa d parameters can be obtained by calling .Fn RSA_get0_key . If they have not been set yet, then .Pf * Fa n , .Pf * Fa e , and .Pf * Fa d are set to .Dv NULL . Otherwise, they are set to pointers to the internal representations of the values that should not be freed by the caller. .Pp The .Fa n , .Fa e , and .Fa d parameter values can be set by calling .Fn RSA_set0_key . The values .Fa n and .Fa e must be .Pf non- Dv NULL the first time this function is called on a given .Vt RSA object. The value .Fa d may be .Dv NULL . On subsequent calls, any of these values may be .Dv NULL , which means that the corresponding field is left untouched. Calling this function transfers the memory management of the values to the RSA object. Therefore, the values that have been passed in should not be freed by the caller. .Pp In a similar fashion, the .Fa p and .Fa q parameters can be obtained and set with .Fn RSA_get0_factors and .Fn RSA_set0_factors , and the .Fa dmp1 , .Fa dmq1 , and .Fa iqmp parameters can be obtained and set with .Fn RSA_get0_crt_params and .Fn RSA_set0_crt_params . .Pp For .Fn RSA_get0_key , .Fn RSA_get0_factors , and .Fn RSA_get0_crt_params , .Dv NULL value .Vt BIGNUM ** output arguments are permitted. The functions ignore .Dv NULL arguments but return values for other, .Pf non- Dv NULL , arguments. .Pp Values retrieved with .Fn RSA_get0_key , .Fn RSA_get0_factors , and .Fn RSA_get0_crt_params are owned by the .Vt RSA object used in the call and may therefore .Em not be passed to .Fn RSA_set0_key , .Fn RSA_set0_factors , or .Fn RSA_set0_crt_params . If needed, duplicate the received value using .Xr BN_dup 3 and pass the duplicate. .Pp .Fn RSA_clear_flags clears the specified .Fa flags in .Fa r . .Fn RSA_test_flags tests the .Fa flags in .Fa r . .Fn RSA_set_flags sets the .Fa flags in .Fa r ; any flags already set remain set. For all three functions, multiple flags can be passed in one call, OR'ed together bitwise. .Pp The following flags are supported: .Bl -tag -width Ds .It Dv RSA_FLAG_CACHE_PRIVATE No and Dv RSA_FLAG_CACHE_PUBLIC Precompute information needed for Montgomery multiplication from the private and public key, respectively, and cache it in .Fa r for repeated use. These two flags are set by default for the default RSA implementation, .Xr RSA_PKCS1_SSLeay 3 . .It Dv RSA_FLAG_EXT_PKEY The function set with .Xr RSA_meth_set_mod_exp 3 is used for private key operations even if .Fa p , .Fa q , .Fa dmp1 , .Fa dmq1 , and .Fa iqmp are all .Dv NULL . This flag may be useful with RSA implementations that do not use the private key components stored in the standard fields, for example because they store the private key in external hardware. If this flag is unset, the function set with .Xr RSA_meth_set_bn_mod_exp 3 is used with .Fa n and .Fa d instead. .It Dv RSA_FLAG_NO_BLINDING Turn off blinding during private key encryption and decryption. This flag is set by .Xr RSA_blinding_off 3 . .It Dv RSA_FLAG_SIGN_VER Enable the use of the functions set with .Xr RSA_meth_set_sign 3 and .Xr RSA_meth_set_verify 3 . If unset, the functions set with .Xr RSA_meth_set_priv_enc 3 and .Xr RSA_meth_set_pub_dec 3 are used instead, respectively. .El .Pp The flags .Dv RSA_FLAG_BLINDING , .Dv RSA_FLAG_CHECKED , .Dv RSA_FLAG_FIPS_METHOD , .Dv RSA_FLAG_NON_FIPS_ALLOW , and .Dv RSA_FLAG_THREAD_SAFE are defined for compatibility with existing code but have no effect. .Sh RETURN VALUES .Fn RSA_set0_key , .Fn RSA_set0_factors , and .Fn RSA_set0_crt_params return 1 on success or 0 on failure. .Pp .Fn RSA_test_flags returns those of the given .Fa flags currently set in .Fa r or 0 if none of the given .Fa flags are set. .Sh SEE ALSO .Xr RSA_check_key 3 , .Xr RSA_generate_key 3 , .Xr RSA_new 3 , .Xr RSA_print 3 , .Xr RSA_size 3 .Sh HISTORY These functions first appeared in OpenSSL 1.1.0 and have been available since .Ox 6.3 .