4 cfa37a7b 2004-04-10 devnull asn1toRSApriv,
5 cfa37a7b 2004-04-10 devnull decodepem,
6 058b0118 2005-01-03 devnull decodepemchain,
7 cfa37a7b 2004-04-10 devnull rsadecrypt,
8 cfa37a7b 2004-04-10 devnull rsaencrypt,
11 cfa37a7b 2004-04-10 devnull rsaprivalloc,
12 cfa37a7b 2004-04-10 devnull rsaprivfree,
13 cfa37a7b 2004-04-10 devnull rsaprivtopub,
14 cfa37a7b 2004-04-10 devnull rsapuballoc,
15 cfa37a7b 2004-04-10 devnull rsapubfree,
16 cfa37a7b 2004-04-10 devnull X509toRSApub,
17 058b0118 2005-01-03 devnull X509dump,
20 cfa37a7b 2004-04-10 devnull X509verify \- RSA encryption algorithm
21 cfa37a7b 2004-04-10 devnull .SH SYNOPSIS
22 cfa37a7b 2004-04-10 devnull .B #include <u.h>
24 cfa37a7b 2004-04-10 devnull .B #include <libc.h>
26 cfa37a7b 2004-04-10 devnull .B #include <mp.h>
28 cfa37a7b 2004-04-10 devnull .B #include <libsec.h>
31 058b0118 2005-01-03 devnull .ta +\w'\fLPEMChain* 'u
32 cfa37a7b 2004-04-10 devnull RSApriv* rsagen(int nlen, int elen, int nrep)
35 058b0118 2005-01-03 devnull RSApriv* rsafill(mpint *n, mpint *ek, mpint *dk, mpint *p, mpint *q)
38 cfa37a7b 2004-04-10 devnull mpint* rsaencrypt(RSApub *k, mpint *in, mpint *out)
41 cfa37a7b 2004-04-10 devnull mpint* rsadecrypt(RSApriv *k, mpint *in, mpint *out)
44 cfa37a7b 2004-04-10 devnull RSApub* rsapuballoc(void)
47 cfa37a7b 2004-04-10 devnull void rsapubfree(RSApub*)
50 cfa37a7b 2004-04-10 devnull RSApriv* rsaprivalloc(void)
53 cfa37a7b 2004-04-10 devnull void rsaprivfree(RSApriv*)
56 cfa37a7b 2004-04-10 devnull RSApub* rsaprivtopub(RSApriv*)
59 cfa37a7b 2004-04-10 devnull RSApub* X509toRSApub(uchar *cert, int ncert, char *name, int nname)
62 cfa37a7b 2004-04-10 devnull RSApriv* asn1toRSApriv(uchar *priv, int npriv)
65 cfa37a7b 2004-04-10 devnull void asn1dump(uchar *der, int len)
68 cfa37a7b 2004-04-10 devnull uchar* decodepem(char *s, char *type, int *len)
71 058b0118 2005-01-03 devnull PEMChain* decodepemchain(char *s, char *type)
74 058b0118 2005-01-03 devnull void X509dump(uchar *cert, int ncert)
77 cfa37a7b 2004-04-10 devnull uchar* X509gen(RSApriv *priv, char *subj, ulong valid[2], int *certlen);
80 cfa37a7b 2004-04-10 devnull uchar* X509req(RSApriv *priv, char *subj, int *certlen);
83 cfa37a7b 2004-04-10 devnull char* X509verify(uchar *cert, int ncert, RSApub *pk)
84 cfa37a7b 2004-04-10 devnull .SH DESCRIPTION
86 cfa37a7b 2004-04-10 devnull RSA is a public key encryption algorithm. The owner of a key publishes
87 cfa37a7b 2004-04-10 devnull the public part of the key:
89 cfa37a7b 2004-04-10 devnull struct RSApub
91 cfa37a7b 2004-04-10 devnull mpint *n; // modulus
92 cfa37a7b 2004-04-10 devnull mpint *ek; // exp (encryption key)
95 cfa37a7b 2004-04-10 devnull This part can be used for encrypting data (with
96 cfa37a7b 2004-04-10 devnull .IR rsaencrypt )
97 cfa37a7b 2004-04-10 devnull to be sent to the owner.
98 cfa37a7b 2004-04-10 devnull The owner decrypts (with
99 cfa37a7b 2004-04-10 devnull .IR rsadecrypt )
100 cfa37a7b 2004-04-10 devnull using his private key:
102 cfa37a7b 2004-04-10 devnull struct RSApriv
104 cfa37a7b 2004-04-10 devnull RSApub pub;
105 cfa37a7b 2004-04-10 devnull mpint *dk; // exp (decryption key)
107 cfa37a7b 2004-04-10 devnull // precomputed crt values
108 cfa37a7b 2004-04-10 devnull mpint *p;
109 cfa37a7b 2004-04-10 devnull mpint *q;
110 cfa37a7b 2004-04-10 devnull mpint *kp; // k mod p-1
111 cfa37a7b 2004-04-10 devnull mpint *kq; // k mod q-1
112 cfa37a7b 2004-04-10 devnull mpint *c2; // for converting residues to number
116 cfa37a7b 2004-04-10 devnull Keys are generated using
117 cfa37a7b 2004-04-10 devnull .IR rsagen .
118 cfa37a7b 2004-04-10 devnull .I Rsagen
119 cfa37a7b 2004-04-10 devnull takes both bit length of the modulus, the bit length of the
120 cfa37a7b 2004-04-10 devnull public key exponent, and the number of repetitions of the Miller-Rabin
121 cfa37a7b 2004-04-10 devnull primality test to run. If the latter is 0, it does the default number
122 cfa37a7b 2004-04-10 devnull of rounds.
123 cfa37a7b 2004-04-10 devnull .I Rsagen
124 cfa37a7b 2004-04-10 devnull returns a newly allocated structure containing both
125 cfa37a7b 2004-04-10 devnull public and private keys.
126 cfa37a7b 2004-04-10 devnull .I Rsaprivtopub
127 cfa37a7b 2004-04-10 devnull returns a newly allocated copy of the public key
128 cfa37a7b 2004-04-10 devnull corresponding to the private key.
130 058b0118 2005-01-03 devnull .I Rsafill
131 058b0118 2005-01-03 devnull takes as input the bare minimum pieces of an RSA private key
132 058b0118 2005-01-03 devnull and computes the rest
133 058b0118 2005-01-03 devnull .RB ( kp ,
134 058b0118 2005-01-03 devnull .BR kq ,
136 058b0118 2005-01-03 devnull .BR c2 ).
137 058b0118 2005-01-03 devnull It returns a new private key.
139 058b0118 2005-01-03 devnull .BR mpint s
140 058b0118 2005-01-03 devnull in the key,
141 058b0118 2005-01-03 devnull even the ones that correspond directly to
142 058b0118 2005-01-03 devnull .IR rsafill 's
143 058b0118 2005-01-03 devnull input parameters,
144 058b0118 2005-01-03 devnull are freshly allocated,
146 cfa37a7b 2004-04-10 devnull The routines
147 cfa37a7b 2004-04-10 devnull .IR rsaalloc ,
148 cfa37a7b 2004-04-10 devnull .IR rsafree ,
149 cfa37a7b 2004-04-10 devnull .IR rsapuballoc ,
150 cfa37a7b 2004-04-10 devnull .IR rsapubfree ,
151 cfa37a7b 2004-04-10 devnull .IR rsaprivalloc ,
153 cfa37a7b 2004-04-10 devnull .I rsaprivfree
154 cfa37a7b 2004-04-10 devnull are provided to aid in user provided key I/O.
156 cfa37a7b 2004-04-10 devnull Given a binary X.509
157 cfa37a7b 2004-04-10 devnull .IR cert ,
158 cfa37a7b 2004-04-10 devnull the routine
159 cfa37a7b 2004-04-10 devnull .I X509toRSApub
160 cfa37a7b 2004-04-10 devnull returns the public key and, if
162 cfa37a7b 2004-04-10 devnull is not nil, the CN part of the Distinguished Name of the
163 cfa37a7b 2004-04-10 devnull certificate's Subject.
164 cfa37a7b 2004-04-10 devnull (This is conventionally a userid or a host DNS name.)
165 cfa37a7b 2004-04-10 devnull No verification is done of the certificate signature; the
166 cfa37a7b 2004-04-10 devnull caller should check the fingerprint,
167 cfa37a7b 2004-04-10 devnull .IR sha1(cert) ,
168 cfa37a7b 2004-04-10 devnull against a table or check the certificate by other means.
169 cfa37a7b 2004-04-10 devnull X.509 certificates are often stored in PEM format; use
170 cfa37a7b 2004-04-10 devnull .I dec64
171 cfa37a7b 2004-04-10 devnull to convert to binary before computing the fingerprint or calling
172 cfa37a7b 2004-04-10 devnull .IR X509toRSApub .
173 cfa37a7b 2004-04-10 devnull For the special case of
174 cfa37a7b 2004-04-10 devnull certificates signed by a known trusted key
175 cfa37a7b 2004-04-10 devnull (in a single step, without certificate chains)
176 cfa37a7b 2004-04-10 devnull .I X509verify
177 cfa37a7b 2004-04-10 devnull checks the signature on
178 cfa37a7b 2004-04-10 devnull .IR cert .
179 cfa37a7b 2004-04-10 devnull It returns nil if successful, else an error string.
181 058b0118 2005-01-03 devnull .I X509dump
182 058b0118 2005-01-03 devnull prints an X.509 certificate to standard ouptut.
184 cfa37a7b 2004-04-10 devnull .I X509gen
185 cfa37a7b 2004-04-10 devnull creates a self-signed X.509 certificate, given an RSA keypair
186 cfa37a7b 2004-04-10 devnull .IR priv ,
187 cfa37a7b 2004-04-10 devnull a issuer/subject string
188 cfa37a7b 2004-04-10 devnull .IR subj ,
189 cfa37a7b 2004-04-10 devnull and the starting and ending validity dates,
190 cfa37a7b 2004-04-10 devnull .IR valid .
191 cfa37a7b 2004-04-10 devnull Length of the allocated binary certificate is stored in
192 cfa37a7b 2004-04-10 devnull .IR certlen .
193 cfa37a7b 2004-04-10 devnull The subject line is conventionally of the form
195 cfa37a7b 2004-04-10 devnull "C=US ST=NJ L=07922 O=Lucent OU='Bell Labs' CN=Eric"
197 cfa37a7b 2004-04-10 devnull using the quoting conventions of
198 058b0118 2005-01-03 devnull .I tokenize
200 d32deab1 2020-08-16 rsc .MR getfields (3) ).
202 058b0118 2005-01-03 devnull .I X509req
203 058b0118 2005-01-03 devnull creates an X.509 certification request.
205 cfa37a7b 2004-04-10 devnull .I Asn1toRSApriv
206 cfa37a7b 2004-04-10 devnull converts an ASN1 formatted RSA private key into the corresponding
207 cfa37a7b 2004-04-10 devnull .B RSApriv
208 cfa37a7b 2004-04-10 devnull structure.
210 cfa37a7b 2004-04-10 devnull .I Asn1dump
211 cfa37a7b 2004-04-10 devnull prints an ASN1 object to standard output.
213 cfa37a7b 2004-04-10 devnull .I Decodepem
214 cfa37a7b 2004-04-10 devnull takes a zero terminated string,
216 cfa37a7b 2004-04-10 devnull and decodes the PEM (privacy-enhanced mail) formatted section for
218 cfa37a7b 2004-04-10 devnull within it.
219 cfa37a7b 2004-04-10 devnull If successful, it returns the decoded section and sets
220 cfa37a7b 2004-04-10 devnull .BI * len
221 cfa37a7b 2004-04-10 devnull to its decoded length.
222 cfa37a7b 2004-04-10 devnull If not, it returns
223 cfa37a7b 2004-04-10 devnull .BR nil ,
225 cfa37a7b 2004-04-10 devnull .BI * len
226 cfa37a7b 2004-04-10 devnull is undefined.
228 058b0118 2005-01-03 devnull .I Decodepemchain
229 058b0118 2005-01-03 devnull is similar but expects a sequence of PEM-formatted sections
230 058b0118 2005-01-03 devnull and returns a linked list of the decodings:
233 058b0118 2005-01-03 devnull typedef struct PEMChain PEMChain
234 058b0118 2005-01-03 devnull struct PEMChain
236 058b0118 2005-01-03 devnull PEMChain *next;
237 058b0118 2005-01-03 devnull uchar *pem;
238 058b0118 2005-01-03 devnull int pemlen;
241 cfa37a7b 2004-04-10 devnull .SH SOURCE
242 c3674de4 2005-01-11 devnull .B \*9/src/libsec
243 cfa37a7b 2004-04-10 devnull .SH SEE ALSO
244 d32deab1 2020-08-16 rsc .MR mp (3) ,
245 d32deab1 2020-08-16 rsc .MR aes (3) ,
246 d32deab1 2020-08-16 rsc .MR blowfish (3) ,
247 d32deab1 2020-08-16 rsc .MR des (3) ,
248 d32deab1 2020-08-16 rsc .MR dsa (3) ,
249 d32deab1 2020-08-16 rsc .MR elgamal (3) ,
250 d32deab1 2020-08-16 rsc .MR rc4 (3) ,
251 d32deab1 2020-08-16 rsc .MR sechash (3) ,
252 d32deab1 2020-08-16 rsc .MR prime (3) ,
253 d32deab1 2020-08-16 rsc .MR rand (3)
254 058b0118 2005-01-03 devnull .\" .IR pem (8)
