Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

rsa_blinding_on(3openssl) [opensolaris man page]

RSA_blinding_on(3openssl)					      OpenSSL						 RSA_blinding_on(3openssl)

NAME
RSA_blinding_on, RSA_blinding_off - protect the RSA operation from timing attacks SYNOPSIS
#include <openssl/rsa.h> int RSA_blinding_on(RSA *rsa, BN_CTX *ctx); void RSA_blinding_off(RSA *rsa); DESCRIPTION
RSA is vulnerable to timing attacks. In a setup where attackers can measure the time of RSA decryption or signature operations, blinding must be used to protect the RSA operation from that attack. RSA_blinding_on() turns blinding on for key rsa and generates a random blinding factor. ctx is NULL or a pre-allocated and initialized BN_CTX. The random number generator must be seeded prior to calling RSA_blinding_on(). RSA_blinding_off() turns blinding off and frees the memory used for the blinding factor. RETURN VALUES
RSA_blinding_on() returns 1 on success, and 0 if an error occurred. RSA_blinding_off() returns no value. SEE ALSO
rsa(3), rand(3) HISTORY
RSA_blinding_on() and RSA_blinding_off() appeared in SSLeay 0.9.0. OpenSSL-0.9.8 Oct 11 2005 RSA_blinding_on(3openssl)

Check Out this Related Man Page

rsa(3)								      OpenSSL								    rsa(3)

NAME
rsa - RSA public key cryptosystem SYNOPSIS
#include <openssl/rsa.h> #include <openssl/engine.h> RSA * RSA_new(void); void RSA_free(RSA *rsa); int RSA_public_encrypt(int flen, unsigned char *from, unsigned char *to, RSA *rsa, int padding); int RSA_private_decrypt(int flen, unsigned char *from, unsigned char *to, RSA *rsa, int padding); int RSA_private_encrypt(int flen, unsigned char *from, unsigned char *to, RSA *rsa,int padding); int RSA_public_decrypt(int flen, unsigned char *from, unsigned char *to, RSA *rsa,int padding); int RSA_sign(int type, unsigned char *m, unsigned int m_len, unsigned char *sigret, unsigned int *siglen, RSA *rsa); int RSA_verify(int type, unsigned char *m, unsigned int m_len, unsigned char *sigbuf, unsigned int siglen, RSA *rsa); int RSA_size(const RSA *rsa); RSA *RSA_generate_key(int num, unsigned long e, void (*callback)(int,int,void *), void *cb_arg); int RSA_check_key(RSA *rsa); int RSA_blinding_on(RSA *rsa, BN_CTX *ctx); void RSA_blinding_off(RSA *rsa); void RSA_set_default_method(const RSA_METHOD *meth); const RSA_METHOD *RSA_get_default_method(void); int RSA_set_method(RSA *rsa, const RSA_METHOD *meth); const RSA_METHOD *RSA_get_method(const RSA *rsa); RSA_METHOD *RSA_PKCS1_SSLeay(void); RSA_METHOD *RSA_null_method(void); int RSA_flags(const RSA *rsa); RSA *RSA_new_method(ENGINE *engine); int RSA_print(BIO *bp, RSA *x, int offset); int RSA_print_fp(FILE *fp, RSA *x, int offset); int RSA_get_ex_new_index(long argl, char *argp, int (*new_func)(), int (*dup_func)(), void (*free_func)()); int RSA_set_ex_data(RSA *r,int idx,char *arg); char *RSA_get_ex_data(RSA *r, int idx); int RSA_sign_ASN1_OCTET_STRING(int dummy, unsigned char *m, unsigned int m_len, unsigned char *sigret, unsigned int *siglen, RSA *rsa); int RSA_verify_ASN1_OCTET_STRING(int dummy, unsigned char *m, unsigned int m_len, unsigned char *sigbuf, unsigned int siglen, RSA *rsa); DESCRIPTION
These functions implement RSA public key encryption and signatures as defined in PKCS #1 v2.0 [RFC 2437]. The RSA structure consists of several BIGNUM components. It can contain public as well as private RSA keys: struct { BIGNUM *n; // public modulus BIGNUM *e; // public exponent BIGNUM *d; // private exponent BIGNUM *p; // secret prime factor BIGNUM *q; // secret prime factor BIGNUM *dmp1; // d mod (p-1) BIGNUM *dmq1; // d mod (q-1) BIGNUM *iqmp; // q^-1 mod p // ... }; RSA In public keys, the private exponent and the related secret values are NULL. p, q, dmp1, dmq1 and iqmp may be NULL in private keys, but the RSA operations are much faster when these values are available. Note that RSA keys may use non-standard RSA_METHOD implementations, either directly or by the use of ENGINE modules. In some cases (eg. an ENGINE providing support for hardware-embedded keys), these BIGNUM values will not be used by the implementation or may be used for alternative data storage. For this reason, applications should generally avoid using RSA structure elements directly and instead use API functions to query or modify keys. CONFORMING TO
SSL, PKCS #1 v2.0 PATENTS
RSA was covered by a US patent which expired in September 2000. SEE ALSO
rsa(1), bn(3), dsa(3), dh(3), rand(3), engine(3), RSA_new(3), RSA_public_encrypt(3), RSA_sign(3), RSA_size(3), RSA_generate_key(3), RSA_check_key(3), RSA_blinding_on(3), RSA_set_method(3), RSA_print(3), RSA_get_ex_new_index(3), RSA_private_encrypt(3), RSA_sign_ASN1_OCTET_STRING(3), RSA_padding_add_PKCS1_type_1(3) 1.0.0 2002-08-04 rsa(3)
Man Page