|  | 
 NAME     
 |  |  |  | asn1dump, asn1toRSApriv, decodepem, decodepemchain, rsadecrypt,
    rsaencrypt, rsafill,, rsagen, rsaprivalloc, rsaprivfree, rsaprivtopub,
    rsapuballoc, rsapubfree, X509toRSApub, X509dump, X509gen, X509req,
    X509verify – RSA encryption algorithm 
 | 
 SYNOPSIS     
 |  |  |  | #include <u.h> #include <libc.h>
 #include <mp.h>
 #include <libsec.h> 
    
    
    RSApriv*    rsagen(int nlen, int elen, int nrep) 
    
    
    RSApriv*    rsafill(mpint *n, mpint *ek, mpint *dk, mpint *p, mpint
    *q) 
    
    
    mpint*     rsaencrypt(RSApub *k, mpint *in, mpint *out) 
    
    
    mpint*     rsadecrypt(RSApriv *k, mpint *in, mpint *out) 
    
    
    RSApub*    rsapuballoc(void) 
    
    
    void       rsapubfree(RSApub*) 
    
    
    RSApriv*    rsaprivalloc(void) 
    
    
    void       rsaprivfree(RSApriv*) 
    
    
    RSApub*    rsaprivtopub(RSApriv*) 
    
    
    RSApub*    X509toRSApub(uchar *cert, int ncert, char *name, int nname)
    
    
    
    RSApriv*    asn1toRSApriv(uchar *priv, int npriv) 
    
    
    void       asn1dump(uchar *der, int len) 
    
    
    uchar*     decodepem(char *s, char *type, int *len) 
    
    
    PEMChain* decodepemchain(char *s, char *type) 
    
    
    void       X509dump(uchar *cert, int ncert) 
    
    
    uchar*     X509gen(RSApriv *priv, char *subj, ulong valid[2], int
    *certlen); 
    
    
    uchar*     X509req(RSApriv *priv, char *subj, int *certlen); 
    
    
    char* X509verify(uchar *cert, int ncert, RSApub *pk)
 
 | 
 DESCRIPTION     
 |  |  |  | RSA is a public key encryption algorithm. The owner of a key publishes
    the public part of the key: 
 This part can be used for encrypting data (with rsaencrypt) to
    be sent to the owner. The owner decrypts (with rsadecrypt) using
    his private key:|  |  |  | |  |  |  | struct RSApub {
 mpint*n;// modulus
 mpint*ek;// exp (encryption key)
 };
 
 | 
 | 
 
 Keys are generated using rsagen. Rsagen takes both bit length
    of the modulus, the bit length of the public key exponent, and
    the number of repetitions of the Miller-Rabin primality test to
    run. If the latter is 0, it does the default number of rounds.
    Rsagen returns a newly allocated structure containing both public
    and private keys. Rsaprivtopub returns a
    newly allocated copy of the public key corresponding to the private
    key. 
    
    
    Rsafill takes as input the bare minimum pieces of an RSA private
    key and computes the rest (kp, kq, and c2). It returns a new private
    key. All the mpints in the key, even the ones that correspond
    directly to rsafill’s input parameters, are freshly allocated,
    
    
    
    The routines rsaalloc, rsafree, rsapuballoc, rsapubfree, rsaprivalloc,
    and rsaprivfree are provided to aid in user provided key I/O.
    
    
    
    Given a binary X.509 cert, the routine X509toRSApub returns the
    public key and, if name is not nil, the CN part of the Distinguished
    Name of the certificate’s Subject. (This is conventionally a userid
    or a host DNS name.) No verification is done of the certificate
    signature; the caller should check the fingerprint, sha1(cert),
    against a table or check the
    certificate by other means. X.509 certificates are often stored
    in PEM format; use dec64 to convert to binary before computing
    the fingerprint or calling X509toRSApub. For the special case
    of certificates signed by a known trusted key (in a single step,
    without certificate chains) X509verify checks the signature on
    cert. It returns nil if successful, else an
    error string. 
    
    
    X509dump prints an X.509 certificate to standard ouptut. 
    
    
    X509gen creates a self-signed X.509 certificate, given an RSA
    keypair priv, a issuer/subject string subj, and the starting and
    ending validity dates, valid. Length of the allocated binary certificate
    is stored in certlen. The subject line is conventionally of the
    form|  |  |  | |  |  |  | struct RSApriv {
 RSApubpub;
 mpint*dk;// exp (decryption key)
 
 // precomputed crt values
 mpint*p;
 mpint*q;
 mpint*kp;// k mod p−1
 mpint*kq;// k mod q−1
 mpint*c2;// for converting residues to number
 };
 
 | 
 | 
 
 using the quoting conventions of tokenize (see getfields(3)).
    
    
    
    X509req creates an X.509 certification request. 
    
    
    Asn1toRSApriv converts an ASN1 formatted RSA private key into
    the corresponding RSApriv structure. 
    
    
    Asn1dump prints an ASN1 object to standard output. 
    
    
    Decodepem takes a zero terminated string, s, and decodes the PEM
    (privacy-enhanced mail) formatted section for type within it.
    If successful, it returns the decoded section and sets *len to
    its decoded length. If not, it returns nil, and *len is undefined.
    
    
    
    Decodepemchain is similar but expects a sequence of PEM-formatted
    sections and returns a linked list of the decodings:|  |  |  | "C=US ST=NJ L=07922 O=Lucent OU='Bell Labs' CN=Eric" 
 | 
 
 |  |  |  | typedef struct PEMChain PEMChain struct PEMChain
 {
 
 };|  |  |  | PEMChain *next; uchar *pem;
 int pemlen;
 
 | 
 
 | 
 | 
 SOURCE     
 SEE ALSO    
 |  |