Blame - doc/crypto/RSA_public_encrypt.pod - third_party/openssl

blob: 910c4752b8d5c2c0be5197f0e5f64ea2f8aa1324 [file] [log] [blame]

Ulf Möller	2186cd8	2000-01-11 22:35:21 +0000	[diff] [blame]	1	=pod
				2
				3	=head1 NAME
				4
				5	RSA_public_encrypt, RSA_private_decrypt - RSA public key cryptography
				6
				7	=head1 SYNOPSIS
				8
				9	#include <openssl/rsa.h>
				10
				11	int RSA_public_encrypt(int flen, unsigned char *from,
				12	unsigned char to, RSA rsa, int padding);
				13
				14	int RSA_private_decrypt(int flen, unsigned char *from,
				15	unsigned char to, RSA rsa, int padding);
				16
				17	=head1 DESCRIPTION
				18
				19	RSA_public_encrypt() encrypts the B<flen> bytes at B<from> (usually a
				20	session key) using the public key B<rsa> and stores the ciphertext in
Ulf Möller	4101054	2000-02-25 14:19:17 +0000	[diff] [blame]	21	B<to>. B<to> must point to RSA_size(B<rsa>) bytes of memory.
Ulf Möller	2186cd8	2000-01-11 22:35:21 +0000	[diff] [blame]	22
				23	B<padding> denotes one of the following modes:
				24
				25	=over 4
				26
				27	=item RSA_PKCS1_PADDING
				28
				29	PKCS #1 v1.5 padding. This currently is the most widely used mode.
				30
				31	=item RSA_PKCS1_OAEP_PADDING
				32
				33	EME-OAEP as defined in PKCS #1 v2.0 with SHA-1, MGF1 and an empty
				34	encoding parameter. This mode is recommended for all new applications.
				35
				36	=item RSA_SSLV23_PADDING
				37
				38	PKCS #1 v1.5 padding with an SSL-specific modification that denotes
				39	that the server is SSL3 capable.
				40
				41	=item RSA_NO_PADDING
				42
				43	Raw RSA encryption. This mode should I<only> be used to implement
				44	cryptographically sound padding modes in the application code.
				45	Encrypting user data directly with RSA is insecure.
				46
				47	=back
				48
Ulf Möller	4101054	2000-02-25 14:19:17 +0000	[diff] [blame]	49	B<flen> must be less than RSA_size(B<rsa>) - 11 for the PKCS #1 v1.5
				50	based padding modes, and less than RSA_size(B<rsa>) - 21 for
Ulf Möller	2186cd8	2000-01-11 22:35:21 +0000	[diff] [blame]	51	RSA_PKCS1_OAEP_PADDING. The random number generator must be seeded
				52	prior to calling RSA_public_encrypt().
				53
				54	RSA_private_decrypt() decrypts the B<flen> bytes at B<from> using the
				55	private key B<rsa> and stores the plaintext in B<to>. B<to> must point
				56	to a memory section large enough to hold the decrypted data (which is
Ulf Möller	4101054	2000-02-25 14:19:17 +0000	[diff] [blame]	57	smaller than RSA_size(B<rsa>)). B<padding> is the padding mode that
Ulf Möller	2186cd8	2000-01-11 22:35:21 +0000	[diff] [blame]	58	was used to encrypt the data.
				59
				60	=head1 RETURN VALUES
				61
				62	RSA_public_encrypt() returns the size of the encrypted data (i.e.,
Ulf Möller	4101054	2000-02-25 14:19:17 +0000	[diff] [blame]	63	RSA_size(B<rsa>)). RSA_private_decrypt() returns the size of the
Ulf Möller	2186cd8	2000-01-11 22:35:21 +0000	[diff] [blame]	64	recovered plaintext.
				65
				66	On error, -1 is returned; the error codes can be
Richard Levitte	bb075f8	2000-01-27 01:25:31 +0000	[diff] [blame]	67	obtained by L<ERR_get_error(3)\|ERR_get_error(3)>.
Ulf Möller	2186cd8	2000-01-11 22:35:21 +0000	[diff] [blame]	68
				69	=head1 CONFORMING TO
				70
				71	SSL, PKCS #1 v2.0
				72
				73	=head1 SEE ALSO
				74
Richard Levitte	bb075f8	2000-01-27 01:25:31 +0000	[diff] [blame]	75	L<err(3)\|err(3)>, L<rand(3)\|rand(3)>, L<rsa(3)\|rsa(3)>, L<RSA_size(3)\|RSA_size(3)>
Ulf Möller	2186cd8	2000-01-11 22:35:21 +0000	[diff] [blame]	76
				77	=head1 NOTES
				78
Richard Levitte	bb075f8	2000-01-27 01:25:31 +0000	[diff] [blame]	79	The L<RSA_PKCS1_RSAref(3)\|RSA_PKCS1_RSAref(3)> method supports only the RSA_PKCS1_PADDING mode.
Ulf Möller	2186cd8	2000-01-11 22:35:21 +0000	[diff] [blame]	80
				81	=head1 HISTORY
				82
				83	The B<padding> argument was added in SSLeay 0.8. RSA_NO_PADDING is
				84	available since SSLeay 0.9.0, OAEP was added in OpenSSL 0.9.2b.
				85
				86	=cut