#include <libc.h>
#include <mp.h>
#include <libsec.h>
RSApriv* rsagen(int nlen, int elen, int nrep)
mpint* rsaencrypt(RSApub *k, mpint *in, mpint *out)
mpint* rsadecrypt(RSApriv *k, mpint *in, mpint *out)
RSApub* rsapuballoc(void)
void rsapubfree(RSApub*)
RSApriv* rsaprivalloc(void)
void rsaprivfree(RSApriv*)
RSApub* rsaprivtopub(RSApriv*)
RSApub* X509toRSApub(uchar *cert, int ncert, char *name, int nname)
RSApriv* asn1toRSApriv(uchar *priv, int npriv)
void asn1dump(uchar *der, int len)
uchar* decodePEM(char *s, char *type, int *len, char **new_s)
uchar* X509gen(RSApriv *priv, char *subj, ulong valid[2], int *certlen);
uchar* X509req(RSApriv *priv, char *subj, int *certlen);
char* X509verify(uchar *cert, int ncert, RSApub *pk)
RSA is a public key encryption algorithm. The owner of a key publishes the public part of the key: .EX struct RSApub { mpint *n; // modulus mpint *ek; // exp (encryption key) }; This part can be used for encrypting data (with rsaencrypt ) to be sent to the owner. The owner decrypts (with rsadecrypt ) using his private key: .EX struct RSApriv { RSApub pub; mpint *dk; // exp (decryption key) // precomputed crt values mpint *p; mpint *q; mpint *kp; // k mod p-1 mpint *kq; // k mod q-1 mpint *c2; // for converting residues to number };
Keys are generated using rsagen . Rsagen takes both bit length of the modulus, the bit length of the public key exponent, and the number of repetitions of the Miller-Rabin primality test to run. If the latter is 0, it does the default number of rounds. Rsagen returns a newly allocated structure containing both public and private keys. Rsaprivtopub returns a newly allocated copy of the public key corresponding to the private key.
The routines rsaalloc , rsafree , rsapuballoc , rsapubfree , rsaprivalloc , and rsaprivfree are provided to aid in user provided key I/O.
Given a binary X.509 cert , the routine X509toRSApub returns the public key and, if name is not nil, the CN part of the Distinguished Name of the certificate's Subject. (This is conventionally a userid or a host DNS name.) No verification is done of the certificate signature; the caller should check the fingerprint, sha1(cert) , against a table or check the certificate by other means. X.509 certificates are often stored in PEM format; use dec64 to convert to binary before computing the fingerprint or calling X509toRSApub . For the special case of certificates signed by a known trusted key (in a single step, without certificate chains) X509verify checks the signature on cert . It returns nil if successful, else an error string.
X509gen creates a self-signed X.509 certificate, given an RSA keypair priv , a issuer/subject string subj , and the starting and ending validity dates, valid . Length of the allocated binary certificate is stored in certlen . The subject line is conventionally of the form .EX "C=US ST=NJ L=07922 O=Lucent OU='Bell Labs' CN=Eric" using the quoting conventions of tokenize (2).
Asn1toRSApriv converts an ASN1 formatted RSA private key into the corresponding RSApriv structure.
Asn1dump prints an ASN1 object to standard output.
DecodePEM takes a zero terminated string, s , and decodes the PEM (privacy-enhanced mail) formatted section for type within it. If successful, it returns the decoded section and sets * len to its decoded length. If not nil, new_s is set to the first character beyond the type section. Otherwise nil is returned and * len is undefined.