diff options
author | slontis <shane.lontis@oracle.com> | 2023-01-25 02:06:34 +0100 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2023-01-26 11:04:30 +0100 |
commit | 6e3b1c81736b1829584e3f40c2d00040fe1aa881 (patch) | |
tree | 7c72d8256578528b4e6dd9683d88249f8ca5421e /doc/man7 | |
parent | Fix Coverity 1520485: logically dead code (diff) | |
download | openssl-6e3b1c81736b1829584e3f40c2d00040fe1aa881.tar.xz openssl-6e3b1c81736b1829584e3f40c2d00040fe1aa881.zip |
Document that the RSA e value is mandatory when importing.
The lab tried doing a RSA decryption primitive using just n (using p, q) and d.
This failed for 2 reasons:
(1) e is required when importing
(2) Internally e is used for blinding.
Note n and e can be calculated using:
n = pq
e = (1/d) mod (p-1)(q-1)
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20133)
Diffstat (limited to 'doc/man7')
-rw-r--r-- | doc/man7/EVP_PKEY-RSA.pod | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/doc/man7/EVP_PKEY-RSA.pod b/doc/man7/EVP_PKEY-RSA.pod index 3123813e9c..1a3f14cc23 100644 --- a/doc/man7/EVP_PKEY-RSA.pod +++ b/doc/man7/EVP_PKEY-RSA.pod @@ -23,15 +23,18 @@ supports the following. =item "n" (B<OSSL_PKEY_PARAM_RSA_N>) <unsigned integer> -The RSA "n" value. +The RSA modulus "n" value. =item "e" (B<OSSL_PKEY_PARAM_RSA_E>) <unsigned integer> -The RSA "e" value. +The RSA public exponent "e" value. +This value must always be set when creating a raw key using L<EVP_PKEY_fromdata(3)>. +Note that when a decryption operation is performed, that this value is used for +blinding purposes to prevent timing attacks. =item "d" (B<OSSL_PKEY_PARAM_RSA_D>) <unsigned integer> -The RSA "d" value. +The RSA private exponent "d" value. =item "rsa-factor1" (B<OSSL_PKEY_PARAM_RSA_FACTOR1>) <unsigned integer> |