12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394 |
- =pod
- =head1 NAME
- RSA_check_key_ex, RSA_check_key - validate private RSA keys
- =head1 SYNOPSIS
- #include <openssl/rsa.h>
- The following functions have been deprecated since OpenSSL 3.0, and can be
- hidden entirely by defining B<OPENSSL_API_COMPAT> with a suitable version value,
- see L<openssl_user_macros(7)>:
- int RSA_check_key_ex(const RSA *rsa, BN_GENCB *cb);
- int RSA_check_key(const RSA *rsa);
- =head1 DESCRIPTION
- Both of the functions described on this page are deprecated.
- Applications should instead use L<EVP_PKEY_public_check(3)>,
- L<EVP_PKEY_private_check(3)> and L<EVP_PKEY_pairwise_check(3)>.
- RSA_check_key_ex() function validates RSA keys.
- It checks that B<p> and B<q> are
- in fact prime, and that B<n = p*q>.
- It does not work on RSA public keys that have only the modulus
- and public exponent elements populated.
- It also checks that B<d*e = 1 mod (p-1*q-1)>,
- and that B<dmp1>, B<dmq1> and B<iqmp> are set correctly or are B<NULL>.
- It performs integrity checks on all
- the RSA key material, so the RSA key structure must contain all the private
- key data too.
- Therefore, it cannot be used with any arbitrary RSA key object,
- even if it is otherwise fit for regular RSA operation.
- The B<cb> parameter is a callback that will be invoked in the same
- manner as L<BN_is_prime_ex(3)>.
- RSA_check_key() is equivalent to RSA_check_key_ex() with a NULL B<cb>.
- =head1 RETURN VALUES
- RSA_check_key_ex() and RSA_check_key()
- return 1 if B<rsa> is a valid RSA key, and 0 otherwise.
- They return -1 if an error occurs while checking the key.
- If the key is invalid or an error occurred, the reason code can be
- obtained using L<ERR_get_error(3)>.
- =head1 NOTES
- Unlike most other RSA functions, this function does B<not> work
- transparently with any underlying ENGINE implementation because it uses the
- key data in the RSA structure directly. An ENGINE implementation can
- override the way key data is stored and handled, and can even provide
- support for HSM keys - in which case the RSA structure may contain B<no>
- key data at all! If the ENGINE in question is only being used for
- acceleration or analysis purposes, then in all likelihood the RSA key data
- is complete and untouched, but this can't be assumed in the general case.
- =head1 BUGS
- A method of verifying the RSA key using opaque RSA API functions might need
- to be considered. Right now RSA_check_key() simply uses the RSA structure
- elements directly, bypassing the RSA_METHOD table altogether (and
- completely violating encapsulation and object-orientation in the process).
- The best fix will probably be to introduce a "check_key()" handler to the
- RSA_METHOD function table so that alternative implementations can also
- provide their own verifiers.
- =head1 SEE ALSO
- L<BN_is_prime_ex(3)>,
- L<ERR_get_error(3)>
- =head1 HISTORY
- All of these functions were deprecated in OpenSSL 3.0.
- RSA_check_key_ex() appeared after OpenSSL 1.0.2.
- =head1 COPYRIGHT
- Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
- Licensed under the Apache License 2.0 (the "License"). You may not use
- this file except in compliance with the License. You can obtain a copy
- in the file LICENSE in the source distribution or at
- L<https://www.openssl.org/source/license.html>.
- =cut
|