]>
Commit | Line | Data |
---|---|---|
2186cd8e UM |
1 | =pod |
2 | ||
3 | =head1 NAME | |
4 | ||
5 | RSA_public_encrypt, RSA_private_decrypt - RSA public key cryptography | |
6 | ||
7 | =head1 SYNOPSIS | |
8 | ||
9 | #include <openssl/rsa.h> | |
10 | ||
11 | int RSA_public_encrypt(int flen, unsigned char *from, | |
12 | unsigned char *to, RSA *rsa, int padding); | |
13 | ||
14 | int RSA_private_decrypt(int flen, unsigned char *from, | |
15 | unsigned char *to, RSA *rsa, int padding); | |
16 | ||
17 | =head1 DESCRIPTION | |
18 | ||
19 | RSA_public_encrypt() encrypts the B<flen> bytes at B<from> (usually a | |
20 | session key) using the public key B<rsa> and stores the ciphertext in | |
4101054a | 21 | B<to>. B<to> must point to RSA_size(B<rsa>) bytes of memory. |
2186cd8e UM |
22 | |
23 | B<padding> denotes one of the following modes: | |
24 | ||
25 | =over 4 | |
26 | ||
27 | =item RSA_PKCS1_PADDING | |
28 | ||
29 | PKCS #1 v1.5 padding. This currently is the most widely used mode. | |
30 | ||
31 | =item RSA_PKCS1_OAEP_PADDING | |
32 | ||
33 | EME-OAEP as defined in PKCS #1 v2.0 with SHA-1, MGF1 and an empty | |
34 | encoding parameter. This mode is recommended for all new applications. | |
35 | ||
36 | =item RSA_SSLV23_PADDING | |
37 | ||
38 | PKCS #1 v1.5 padding with an SSL-specific modification that denotes | |
39 | that the server is SSL3 capable. | |
40 | ||
41 | =item RSA_NO_PADDING | |
42 | ||
43 | Raw RSA encryption. This mode should I<only> be used to implement | |
44 | cryptographically sound padding modes in the application code. | |
45 | Encrypting user data directly with RSA is insecure. | |
46 | ||
47 | =back | |
48 | ||
4101054a | 49 | B<flen> must be less than RSA_size(B<rsa>) - 11 for the PKCS #1 v1.5 |
f46e76ef RL |
50 | based padding modes, less than RSA_size(B<rsa>) - 41 for |
51 | RSA_PKCS1_OAEP_PADDING and exactly RSA_size(B<rsa>) for RSA_NO_PADDING. | |
52 | The random number generator must be seeded prior to calling | |
53 | RSA_public_encrypt(). | |
2186cd8e UM |
54 | |
55 | RSA_private_decrypt() decrypts the B<flen> bytes at B<from> using the | |
56 | private key B<rsa> and stores the plaintext in B<to>. B<to> must point | |
57 | to a memory section large enough to hold the decrypted data (which is | |
4101054a | 58 | smaller than RSA_size(B<rsa>)). B<padding> is the padding mode that |
2186cd8e UM |
59 | was used to encrypt the data. |
60 | ||
61 | =head1 RETURN VALUES | |
62 | ||
63 | RSA_public_encrypt() returns the size of the encrypted data (i.e., | |
4101054a | 64 | RSA_size(B<rsa>)). RSA_private_decrypt() returns the size of the |
2186cd8e UM |
65 | recovered plaintext. |
66 | ||
67 | On error, -1 is returned; the error codes can be | |
9b86974e | 68 | obtained by L<ERR_get_error(3)>. |
2186cd8e UM |
69 | |
70 | =head1 CONFORMING TO | |
71 | ||
72 | SSL, PKCS #1 v2.0 | |
73 | ||
74 | =head1 SEE ALSO | |
75 | ||
b97fdb57 | 76 | L<ERR_get_error(3)>, L<RAND_bytes(3)>, |
9b86974e | 77 | L<RSA_size(3)> |
2186cd8e | 78 | |
e2f92610 RS |
79 | =head1 COPYRIGHT |
80 | ||
81 | Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. | |
82 | ||
83 | Licensed under the OpenSSL license (the "License"). You may not use | |
84 | this file except in compliance with the License. You can obtain a copy | |
85 | in the file LICENSE in the source distribution or at | |
86 | L<https://www.openssl.org/source/license.html>. | |
87 | ||
88 | =cut |