op public repos

Blame

Date:: Mon Apr 19 19:22:56 2004 UTC
Message:: Mostly path name updates
Actions:: History | Blob | Raw File
  1 cfa37a7b 2004-04-10 devnull .TH RSA 3
  2 cfa37a7b 2004-04-10 devnull .SH NAME
  3 cfa37a7b 2004-04-10 devnull asn1dump,
  4 cfa37a7b 2004-04-10 devnull asn1toRSApriv,
  5 cfa37a7b 2004-04-10 devnull decodepem,
  6 cfa37a7b 2004-04-10 devnull rsadecrypt,
  7 cfa37a7b 2004-04-10 devnull rsaencrypt,
  8 cfa37a7b 2004-04-10 devnull rsagen,
  9 cfa37a7b 2004-04-10 devnull rsaprivalloc,
 10 cfa37a7b 2004-04-10 devnull rsaprivfree,
 11 cfa37a7b 2004-04-10 devnull rsaprivtopub,
 12 cfa37a7b 2004-04-10 devnull rsapuballoc,
 13 cfa37a7b 2004-04-10 devnull rsapubfree,
 14 cfa37a7b 2004-04-10 devnull X509toRSApub,
 15 cfa37a7b 2004-04-10 devnull X509gen,
 16 cfa37a7b 2004-04-10 devnull X509verify \- RSA encryption algorithm
 17 cfa37a7b 2004-04-10 devnull .SH SYNOPSIS
 18 cfa37a7b 2004-04-10 devnull .B #include <u.h>
 19 cfa37a7b 2004-04-10 devnull .br
 20 cfa37a7b 2004-04-10 devnull .B #include <libc.h>
 21 cfa37a7b 2004-04-10 devnull .br
 22 cfa37a7b 2004-04-10 devnull .B #include <mp.h>
 23 cfa37a7b 2004-04-10 devnull .br
 24 cfa37a7b 2004-04-10 devnull .B #include <libsec.h>
 25 cfa37a7b 2004-04-10 devnull .PP
 26 cfa37a7b 2004-04-10 devnull .B
 27 cfa37a7b 2004-04-10 devnull RSApriv*	rsagen(int nlen, int elen, int nrep)
 28 cfa37a7b 2004-04-10 devnull .PP
 29 cfa37a7b 2004-04-10 devnull .B
 30 cfa37a7b 2004-04-10 devnull mpint*	rsaencrypt(RSApub *k, mpint *in, mpint *out)
 31 cfa37a7b 2004-04-10 devnull .PP
 32 cfa37a7b 2004-04-10 devnull .B
 33 cfa37a7b 2004-04-10 devnull mpint*	rsadecrypt(RSApriv *k, mpint *in, mpint *out)
 34 cfa37a7b 2004-04-10 devnull .PP
 35 cfa37a7b 2004-04-10 devnull .B
 36 cfa37a7b 2004-04-10 devnull RSApub*	rsapuballoc(void)
 37 cfa37a7b 2004-04-10 devnull .PP
 38 cfa37a7b 2004-04-10 devnull .B
 39 cfa37a7b 2004-04-10 devnull void	rsapubfree(RSApub*)
 40 cfa37a7b 2004-04-10 devnull .PP
 41 cfa37a7b 2004-04-10 devnull .B
 42 cfa37a7b 2004-04-10 devnull RSApriv*	rsaprivalloc(void)
 43 cfa37a7b 2004-04-10 devnull .PP
 44 cfa37a7b 2004-04-10 devnull .B
 45 cfa37a7b 2004-04-10 devnull void	rsaprivfree(RSApriv*)
 46 cfa37a7b 2004-04-10 devnull .PP
 47 cfa37a7b 2004-04-10 devnull .B
 48 cfa37a7b 2004-04-10 devnull RSApub*	rsaprivtopub(RSApriv*)
 49 cfa37a7b 2004-04-10 devnull .PP
 50 cfa37a7b 2004-04-10 devnull .B
 51 cfa37a7b 2004-04-10 devnull RSApub*	X509toRSApub(uchar *cert, int ncert, char *name, int nname)
 52 cfa37a7b 2004-04-10 devnull .PP
 53 cfa37a7b 2004-04-10 devnull .B
 54 cfa37a7b 2004-04-10 devnull RSApriv*	asn1toRSApriv(uchar *priv, int npriv)
 55 cfa37a7b 2004-04-10 devnull .PP
 56 cfa37a7b 2004-04-10 devnull .B
 57 cfa37a7b 2004-04-10 devnull void		asn1dump(uchar *der, int len)
 58 cfa37a7b 2004-04-10 devnull .PP
 59 cfa37a7b 2004-04-10 devnull .B
 60 cfa37a7b 2004-04-10 devnull uchar*	decodepem(char *s, char *type, int *len)
 61 cfa37a7b 2004-04-10 devnull .PP
 62 cfa37a7b 2004-04-10 devnull .B
 63 cfa37a7b 2004-04-10 devnull uchar*	X509gen(RSApriv *priv, char *subj, ulong valid[2], int *certlen);
 64 cfa37a7b 2004-04-10 devnull .PP
 65 cfa37a7b 2004-04-10 devnull .B
 66 cfa37a7b 2004-04-10 devnull uchar*	X509req(RSApriv *priv, char *subj, int *certlen);
 67 cfa37a7b 2004-04-10 devnull .PP
 68 cfa37a7b 2004-04-10 devnull .B
 69 cfa37a7b 2004-04-10 devnull char* X509verify(uchar *cert, int ncert, RSApub *pk)
 70 cfa37a7b 2004-04-10 devnull .SH DESCRIPTION
 71 cfa37a7b 2004-04-10 devnull .PP
 72 cfa37a7b 2004-04-10 devnull RSA is a public key encryption algorithm.  The owner of a key publishes
 73 cfa37a7b 2004-04-10 devnull the public part of the key:
 74 cfa37a7b 2004-04-10 devnull .EX
 75 cfa37a7b 2004-04-10 devnull 	struct RSApub
 76 cfa37a7b 2004-04-10 devnull 	{
 77 cfa37a7b 2004-04-10 devnull 		mpint	*n;	// modulus
 78 cfa37a7b 2004-04-10 devnull 		mpint	*ek;	// exp (encryption key)
 79 cfa37a7b 2004-04-10 devnull 	};
 80 cfa37a7b 2004-04-10 devnull .EE
 81 cfa37a7b 2004-04-10 devnull This part can be used for encrypting data (with
 82 cfa37a7b 2004-04-10 devnull .IR rsaencrypt )
 83 cfa37a7b 2004-04-10 devnull to be sent to the owner.
 84 cfa37a7b 2004-04-10 devnull The owner decrypts (with
 85 cfa37a7b 2004-04-10 devnull .IR rsadecrypt )
 86 cfa37a7b 2004-04-10 devnull using his private key:
 87 cfa37a7b 2004-04-10 devnull .EX
 88 cfa37a7b 2004-04-10 devnull 	struct RSApriv
 89 cfa37a7b 2004-04-10 devnull 	{
 90 cfa37a7b 2004-04-10 devnull 		RSApub	pub;
 91 cfa37a7b 2004-04-10 devnull 		mpint	*dk;	// exp (decryption key)
 92 cfa37a7b 2004-04-10 devnull 	
 93 cfa37a7b 2004-04-10 devnull 		// precomputed crt values
 94 cfa37a7b 2004-04-10 devnull 		mpint	*p;
 95 cfa37a7b 2004-04-10 devnull 		mpint	*q;
 96 cfa37a7b 2004-04-10 devnull 		mpint	*kp;	// k mod p-1
 97 cfa37a7b 2004-04-10 devnull 		mpint	*kq;	// k mod q-1
 98 cfa37a7b 2004-04-10 devnull 		mpint	*c2;	// for converting residues to number
 99 cfa37a7b 2004-04-10 devnull 	};
100 cfa37a7b 2004-04-10 devnull .EE
101 cfa37a7b 2004-04-10 devnull .PP
102 cfa37a7b 2004-04-10 devnull Keys are generated using
103 cfa37a7b 2004-04-10 devnull .IR rsagen .
104 cfa37a7b 2004-04-10 devnull .I Rsagen
105 cfa37a7b 2004-04-10 devnull takes both bit length of the modulus, the bit length of the
106 cfa37a7b 2004-04-10 devnull public key exponent, and the number of repetitions of the Miller-Rabin
107 cfa37a7b 2004-04-10 devnull primality test to run.  If the latter is 0, it does the default number
108 cfa37a7b 2004-04-10 devnull of rounds.
109 cfa37a7b 2004-04-10 devnull .I Rsagen
110 cfa37a7b 2004-04-10 devnull returns a newly allocated structure containing both
111 cfa37a7b 2004-04-10 devnull public and private keys.
112 cfa37a7b 2004-04-10 devnull .I Rsaprivtopub
113 cfa37a7b 2004-04-10 devnull returns a newly allocated copy of the public key
114 cfa37a7b 2004-04-10 devnull corresponding to the private key.
115 cfa37a7b 2004-04-10 devnull .PP
116 cfa37a7b 2004-04-10 devnull The routines
117 cfa37a7b 2004-04-10 devnull .IR rsaalloc ,
118 cfa37a7b 2004-04-10 devnull .IR rsafree ,
119 cfa37a7b 2004-04-10 devnull .IR rsapuballoc ,
120 cfa37a7b 2004-04-10 devnull .IR rsapubfree ,
121 cfa37a7b 2004-04-10 devnull .IR rsaprivalloc ,
122 cfa37a7b 2004-04-10 devnull and
123 cfa37a7b 2004-04-10 devnull .I rsaprivfree
124 cfa37a7b 2004-04-10 devnull are provided to aid in user provided key I/O.
125 cfa37a7b 2004-04-10 devnull .PP
126 cfa37a7b 2004-04-10 devnull Given a binary X.509
127 cfa37a7b 2004-04-10 devnull .IR cert ,
128 cfa37a7b 2004-04-10 devnull the routine
129 cfa37a7b 2004-04-10 devnull .I X509toRSApub
130 cfa37a7b 2004-04-10 devnull returns the public key and, if
131 cfa37a7b 2004-04-10 devnull .I name
132 cfa37a7b 2004-04-10 devnull is not nil, the CN part of the Distinguished Name of the
133 cfa37a7b 2004-04-10 devnull certificate's Subject.
134 cfa37a7b 2004-04-10 devnull (This is conventionally a userid or a host DNS name.)
135 cfa37a7b 2004-04-10 devnull No verification is done of the certificate signature;  the
136 cfa37a7b 2004-04-10 devnull caller should check the fingerprint,
137 cfa37a7b 2004-04-10 devnull .IR sha1(cert) ,
138 cfa37a7b 2004-04-10 devnull against a table or check the certificate by other means.
139 cfa37a7b 2004-04-10 devnull X.509 certificates are often stored in PEM format; use
140 cfa37a7b 2004-04-10 devnull .I dec64
141 cfa37a7b 2004-04-10 devnull to convert to binary before computing the fingerprint or calling
142 cfa37a7b 2004-04-10 devnull .IR X509toRSApub .
143 cfa37a7b 2004-04-10 devnull For the special case of
144 cfa37a7b 2004-04-10 devnull certificates signed by a known trusted key
145 cfa37a7b 2004-04-10 devnull (in a single step, without certificate chains)
146 cfa37a7b 2004-04-10 devnull .I X509verify
147 cfa37a7b 2004-04-10 devnull checks the signature on
148 cfa37a7b 2004-04-10 devnull .IR cert .
149 cfa37a7b 2004-04-10 devnull It returns nil if successful, else an error string.
150 cfa37a7b 2004-04-10 devnull .PP
151 cfa37a7b 2004-04-10 devnull .I X509gen
152 cfa37a7b 2004-04-10 devnull creates a self-signed X.509 certificate, given an RSA keypair
153 cfa37a7b 2004-04-10 devnull .IR priv ,
154 cfa37a7b 2004-04-10 devnull a issuer/subject string
155 cfa37a7b 2004-04-10 devnull .IR subj ,
156 cfa37a7b 2004-04-10 devnull and the starting and ending validity dates,
157 cfa37a7b 2004-04-10 devnull .IR valid .
158 cfa37a7b 2004-04-10 devnull Length of the allocated binary certificate is stored in
159 cfa37a7b 2004-04-10 devnull .IR certlen .
160 cfa37a7b 2004-04-10 devnull The subject line is conventionally of the form
161 cfa37a7b 2004-04-10 devnull .EX
162 cfa37a7b 2004-04-10 devnull    "C=US ST=NJ L=07922 O=Lucent OU='Bell Labs' CN=Eric"
163 cfa37a7b 2004-04-10 devnull .EE
164 cfa37a7b 2004-04-10 devnull using the quoting conventions of
165 bf8a59fa 2004-04-11 devnull .IR tokenize (3).
166 cfa37a7b 2004-04-10 devnull .PP
167 cfa37a7b 2004-04-10 devnull .I Asn1toRSApriv
168 cfa37a7b 2004-04-10 devnull converts an ASN1 formatted RSA private key into the corresponding
169 cfa37a7b 2004-04-10 devnull .B RSApriv
170 cfa37a7b 2004-04-10 devnull structure.
171 cfa37a7b 2004-04-10 devnull .PP
172 cfa37a7b 2004-04-10 devnull .I Asn1dump
173 cfa37a7b 2004-04-10 devnull prints an ASN1 object to standard output.
174 cfa37a7b 2004-04-10 devnull .PP
175 cfa37a7b 2004-04-10 devnull .I Decodepem
176 cfa37a7b 2004-04-10 devnull takes a zero terminated string,
177 cfa37a7b 2004-04-10 devnull .IR s ,
178 cfa37a7b 2004-04-10 devnull and decodes the PEM (privacy-enhanced mail) formatted section for
179 cfa37a7b 2004-04-10 devnull .I type
180 cfa37a7b 2004-04-10 devnull within it.
181 cfa37a7b 2004-04-10 devnull If successful, it returns the decoded section and sets
182 cfa37a7b 2004-04-10 devnull .BI * len
183 cfa37a7b 2004-04-10 devnull to its decoded length.
184 cfa37a7b 2004-04-10 devnull If not, it returns
185 cfa37a7b 2004-04-10 devnull .BR nil ,
186 cfa37a7b 2004-04-10 devnull and
187 cfa37a7b 2004-04-10 devnull .BI * len
188 cfa37a7b 2004-04-10 devnull is undefined.
189 cfa37a7b 2004-04-10 devnull .SH SOURCE
190 b5fdffee 2004-04-19 devnull .B /usr/local/plan9/src/libsec
191 cfa37a7b 2004-04-10 devnull .SH SEE ALSO
192 bf8a59fa 2004-04-11 devnull .IR mp (3),
193 bf8a59fa 2004-04-11 devnull .IR aes (3),
194 bf8a59fa 2004-04-11 devnull .IR blowfish (3),
195 bf8a59fa 2004-04-11 devnull .IR des (3),
196 bf8a59fa 2004-04-11 devnull .IR dsa (3),
197 bf8a59fa 2004-04-11 devnull .IR elgamal (3),
198 bf8a59fa 2004-04-11 devnull .IR rc4 (3),
199 bf8a59fa 2004-04-11 devnull .IR sechash (3),
200 bf8a59fa 2004-04-11 devnull .IR prime (3),
201 bf8a59fa 2004-04-11 devnull .IR rand (3),
202 cfa37a7b 2004-04-10 devnull .IR x509 (8)