Introduction to RSA functions in OpenSSL

This section describes the RSA functions of OpenSSL, which are helpful for learning and implementing RSA Algorithms.

Basic Structure of RSA

Struct

{

Int pad;

Long version;

Const rsa_method * meth;

Engine * engine;

Bignum * n; n = p * q

Bignum * E; public encryption index, usually 65537 (ox10001)

Bignum * D; Private Key

Bignum * P; big prime number P

Bignum * q; q

Bignum * DMP1; D Mod (p-1)

Bignum * dmq1; D Mod (q-1)

Bignum * iqmp; (inverse of Q) mod p

Int references;

Int flags;

//...

} RSA;

2. initialize the Function

RSA * rsa_new (void); Initialize an RSA Structure

Void rsa_free (RSA * RSA); releases an RSA Structure

3. RSA private key generation function

RSA * rsa_generate_key (INT num, unsigned long e, void (* callback) (INT, Int, void *), void * cb_arg); generates a key pair modeled as num, E is the public encryption index, generally 65537 (ox10001). If the last two parameters are not null, some calls will be made. Before generating a key pair, you must specify a random seed.

4. Number of digits judgment Function

Int rsa_size (const RSA * RSA); returns the number of digits of the RSA modulo, which is used to determine the size of the space to be allocated to the encryption value.

Int rsa_check_key (RSA * RSA); he tests p, q for prime numbers, n = p * q, D * E = 1 Mod (p-x q-1), DMP1, dmq1, whether iqmp is set correctly.

5. rsa_method function of RSA

To understand the operation of RSA, you must understand rsa_method. Let's first look at the structure of rsa_method.

Typedef struct rsa_meth_st

{

Const char * Name;

INT (* rsa_pub_enc) (int flen, const unsigned char * from,

Unsigned char * To, RSA * RSA, int padding );

INT (* rsa_pub_dec) (int flen, const unsigned char * from,

Unsigned char * To, RSA * RSA, int padding );

INT (* rsa_priv_enc) (int flen, const unsigned char * from,

Unsigned char * To, RSA * RSA, int padding );

INT (* rsa_priv_dec) (int flen, const unsigned char * from,

Unsigned char * To, RSA * RSA, int padding );

INT (* rsa_mod_exp) (bignum * r0, const bignum * I, RSA * RSA); int (* bn_mod_exp) (bignum * r, const bignum * a, const bignum * P,

Const bignum * m, bn_ctx * CTX, bn_mont_ctx * m_ctx );

INT (* init) (RSA * RSA);/* called at New */

INT (* Finish) (RSA * RSA);/* called at free */

Int flags;/* rsa_method_flag _ * things */

Char * app_data;/* may be needed! */

INT (* rsa_sign) (INT type, const unsigned char * m, unsigned int m_length, unsigned char * sigret, unsigned int * siglen, const RSA * RSA );

INT (* rsa_verify) (INT dtype, const unsigned char * m, unsigned int m_length, unsigned char * sigbuf, unsigned int siglen, const RSA * RSA );

} Rsa_method;

Const rsa_method * rsa_pkcs1_ssleay (void );

Const rsa_method * rsa_null_method (void );

There are mainly the above two functions. The second function is called only when rsa_null is defined. In fact, this function cannot be called in the future, but it only outputs error information. The first method is commonly used. Let's take a look at its definition.

Const rsa_method * rsa_pkcs1_ssleay (void)

{

Return (& rsa_pkcs1_eay_meth );

}

Static rsa_method rsa_pkcs1_eay_meth = {

"Eric Young's PKCS #1 RSA ",

Rsa_eay_public_encrypt,

Rsa_eay_public_decrypt,/* signature verification */

Rsa_eay_private_encrypt,/* signing */

Rsa_eay_private_decrypt,

Rsa_eay_mod_exp,

Bn_mod_exp_mont,

Rsa_eay_init,

Rsa_eay_finish,

0,/* flags */

Null,

0,/* rsa_sign */

0/* rsa_verify */

};

From this we can see that generally, RSA-> meth-> rsa_pub_enc corresponds to rsa_eay_public_encrypt. When I first started to look at OpenSSL, the most rare thing was the pointer to the function, I don't know where RSA-> meth-> rsa_pub_enc corresponds. There are many such pointers in OpenSSL, which can be seen later. The following are some functions that can be easily understood when you set meth.

Void rsa_set_default_method (const rsa_method * meth );

Const rsa_method * rsa_get_default_method (void );

Int rsa_set_method (RSA * RSA, const rsa_method * meth );

Const rsa_method * rsa_get_method (const RSA * RSA );

Int rsa_flags (const RSA * RSA );

RSA * rsa_new_method (engine * engine );

6. encryption and decryption functions

Int rsa_public_encrypt (int flen, unsigned char * from,

Unsigned char * To, RSA * RSA, int padding );

Int rsa_private_decrypt (int flen, unsigned char * from,

Unsigned char * To, RSA * RSA, int padding );

Int rsa_private_encrypt (int flen, unsigned char * from,

Unsigned char * To, RSA * RSA, int padding );

Int rsa_public_decrypt (int flen, unsigned char * from,

Unsigned char * To, RSA * RSA, int padding );

With section 4th, it is easy to understand these encryption and decryption functions.

Rsa_set_method (RSA, rsa_pkcs1_ssleay (), then rsa_public_encrypt corresponds to rsa_eay_public_encrypt, so that we can debug the public key encryption process. FLEN is the length of the information to be encrypted, from is the information to be encrypted, to is the encrypted information, generally to at least need to apply for bn_num_bytes (RSA-> N) space. Padding is a encryption/Decryption solution. PKCS #1 mainly provides two kinds of encryption scheme, RSAEX-OAEP and PSAES-PKCS1-v1_5 (anyway, there are two kinds of encryption process, a bit complex, it is mainly first to the first encryption of the data to be encrypted, such as RSAES-OAEP using EME-OAEP encoding, and then encrypted or decrypted ). Encoding functions have been compiled in OpenSSL:

Case rsa_pkcs1_padding:

I = rsa_padding_add_pkcs1_type_2 (BUF, num, from, FLEN );

# Ifndef openssl_no_sha

Case rsa_pkcs1_oaep_padding: I = rsa_padding_add_pkcs1_oaep (BUF, num, from, FLEN, null, 0 );

# Endif

Case rsa_sslv23_padding:

I = rsa_padding_add_sslv23 (BUF, num, from, FLEN );

Case rsa_no_padding:

I = rsa_padding_add_none (BUF, num, from, FLEN );

After the code is compiled above, bn_mod_exp_mont is called to perform the modulo power. The final value is obtained, which is the specific encryption and decryption process. We can also find that there are two methods to input RSA during encryption: p, q ,... is null, only RSA-> D, and RSA-> N are not empty, so that the modulo power is calculated directly using RSA-> D and RSA-> N. If P, Q ..... if it is not empty, he will call the Chinese Remainder Theorem for encryption.

7. Signature Functions

Int rsa_sign (INT type, unsigned char * m, unsigned int m_len,

Unsigned char * sigret, unsigned int * siglen, RSA * RSA );

Int rsa_verify (INT type, unsigned char * m, unsigned int m_len,

Unsigned char * sigbuf, unsigned int siglen, RSA * RSA );

In fact, the signature is similar to encryption with the private key. Therefore, the signature function calls the private key encryption function. In OpenSSL, this signature function is rarely used separately, it is called for evp_signfinal. Therefore, if RSA is used for signature, rsa_private_encrypt and bn_mod_exp_mont are the most basic and all of them need to be called, the difference is that the signature information needs to be processed (the digest of the signature information is generally worth m)

8. File Writing Function

Int rsa_print (Bio * bp, RSA * X, int offset );

Int rsa_print_fp (File * FP, RSA * X, int offset); offset is used to adjust the output format. You can set a random number (for example, 2, 12, 16 ..)

9. Others

Int rsa_blining_on (RSA * RSA, bn_ctx * CTX );

Void rsa_blining_off (RSA * RSA );

To prevent time attacks, OpenSSL also generates a random factor during signature and attaches it to the private key.

Int rsa_sign_asn1_octet_string (INT dummy, unsigned char * m, unsigned int m_len, unsigned char * sigret, unsigned int * siglen, RSA * RSA );

Int rsa_verify_asn1_octet_string (INT dummy, unsigned char * m, unsigned int m_len, unsigned char * sigbuf, unsigned int siglen, RSA * RSA );

Use the private key to sign the eight-element string in the same principle as rsa_sign.