1 files changed, 108 insertions, 0 deletions
diff --git a/src/lib/libcrypto/man/RSA_public_encrypt.3 b/src/lib/libcrypto/man/RSA_public_encrypt.3
new file mode 100644
index 0000000000..c2c81019c6
--- /dev/null
+++ b/src/lib/libcrypto/man/RSA_public_encrypt.3
@@ -0,0 +1,108 @@
+.Dd $Mdocdate: November 4 2016 $
+.Dt RSA_PUBLIC_ENCRYPT 3
+.Os
+.Sh NAME
+.Nm RSA_public_encrypt ,
+.Nm RSA_private_decrypt
+.Nd RSA public key cryptography
+.Sh SYNOPSIS
+.In openssl/rsa.h
+.Ft int
+.Fo RSA_public_encrypt
+.Fa "int flen"
+.Fa "unsigned char *from"
+.Fa "unsigned char *to"
+.Fa "RSA *rsa"
+.Fa "int padding"
+.Fc
+.Ft int
+.Fo RSA_private_decrypt
+.Fa "int flen"
+.Fa "unsigned char *from"
+.Fa "unsigned char *to"
+.Fa "RSA *rsa"
+.Fa "int padding"
+.Fc
+.Sh DESCRIPTION
+.Fn RSA_public_encrypt
+encrypts the
+.Fa flen
+bytes at
+.Fa from
+(usually a session key) using the public key
+.Fa rsa
+and stores the ciphertext in
+.Fa to .
+.Fa to
+must point to
+.Fn RSA_size rsa
+bytes of memory.
+.Pp
+.Fa padding
+denotes one of the following modes:
+.Bl -tag -width Ds
+.It Dv RSA_PKCS1_PADDING
+PKCS #1 v1.5 padding.
+This currently is the most widely used mode.
+.It Dv RSA_PKCS1_OAEP_PADDING
+EME-OAEP as defined in PKCS #1 v2.0 with SHA-1, MGF1 and an empty
+encoding parameter.
+This mode is recommended for all new applications.
+.It Dv RSA_SSLV23_PADDING
+PKCS #1 v1.5 padding with an SSL-specific modification that denotes that
+the server is SSL3 capable.
+.It Dv RSA_NO_PADDING
+Raw RSA encryption.
+This mode should only be used to implement cryptographically sound
+padding modes in the application code.
+Encrypting user data directly with RSA is insecure.
+.El
+.Pp
+.Fa flen
+must be less than
+.Fn RSA_size rsa
+- 11 for the PKCS #1 v1.5 based padding modes, less than
+.Fn RSA_size rsa
+- 41 for
+.Dv RSA_PKCS1_OAEP_PADDING
+and exactly
+.Fn RSA_size rsa
+for
+.Dv RSA_NO_PADDING .
+.Pp
+.Fn RSA_private_decrypt
+decrypts the
+.Fa flen
+bytes at
+.Fa from
+using the private key
+.Fa rsa
+and stores the plaintext in
+.Fa to .
+.Fa to
+must point to a memory section large enough to hold the decrypted data
+(which is smaller than
+.Fn RSA_size rsa ) .
+.Fa padding
+is the padding mode that was used to encrypt the data.
+.Sh RETURN VALUES
+.Fn RSA_public_encrypt
+returns the size of the encrypted data (i.e.,
+.Fn RSA_size rsa ) .
+.Fn RSA_private_decrypt
+returns the size of the recovered plaintext.
+.Pp
+On error, -1 is returned; the error codes can be obtained by
+.Xr ERR_get_error 3 .
+.Sh SEE ALSO
+.Xr ERR_get_error 3 ,
+.Xr rsa 3 ,
+.Xr RSA_size 3
+.Sh STANDARDS
+SSL, PKCS #1 v2.0
+.Sh HISTORY
+The
+.Fa padding
+argument was added in SSLeay 0.8.
+.Dv RSA_NO_PADDING is available since SSLeay 0.9.0.
+OAEP was added in OpenSSL 0.9.2b.

diff --git a/src/lib/libcrypto/man/RSA_public_encrypt.3 b/src/lib/libcrypto/man/RSA_public_encrypt.3 new file mode 100644 index 0000000000..c2c81019c6 --- /dev/null +++ b/src/lib/libcrypto/man/RSA_public_encrypt.3
@@ -0,0 +1,108 @@
	1	.Dd $Mdocdate: November 4 2016 $
	2	.Dt RSA_PUBLIC_ENCRYPT 3
	3	.Os
	4	.Sh NAME
	5	.Nm RSA_public_encrypt ,
	6	.Nm RSA_private_decrypt
	7	.Nd RSA public key cryptography
	8	.Sh SYNOPSIS
	9	.In openssl/rsa.h
	10	.Ft int
	11	.Fo RSA_public_encrypt
	12	.Fa "int flen"
	13	.Fa "unsigned char *from"
	14	.Fa "unsigned char *to"
	15	.Fa "RSA *rsa"
	16	.Fa "int padding"
	17	.Fc
	18	.Ft int
	19	.Fo RSA_private_decrypt
	20	.Fa "int flen"
	21	.Fa "unsigned char *from"
	22	.Fa "unsigned char *to"
	23	.Fa "RSA *rsa"
	24	.Fa "int padding"
	25	.Fc
	26	.Sh DESCRIPTION
	27	.Fn RSA_public_encrypt
	28	encrypts the
	29	.Fa flen
	30	bytes at
	31	.Fa from
	32	(usually a session key) using the public key
	33	.Fa rsa
	34	and stores the ciphertext in
	35	.Fa to .
	36	.Fa to
	37	must point to
	38	.Fn RSA_size rsa
	39	bytes of memory.
	40	.Pp
	41	.Fa padding
	42	denotes one of the following modes:
	43	.Bl -tag -width Ds
	44	.It Dv RSA_PKCS1_PADDING
	45	PKCS #1 v1.5 padding.
	46	This currently is the most widely used mode.
	47	.It Dv RSA_PKCS1_OAEP_PADDING
	48	EME-OAEP as defined in PKCS #1 v2.0 with SHA-1, MGF1 and an empty
	49	encoding parameter.
	50	This mode is recommended for all new applications.
	51	.It Dv RSA_SSLV23_PADDING
	52	PKCS #1 v1.5 padding with an SSL-specific modification that denotes that
	53	the server is SSL3 capable.
	54	.It Dv RSA_NO_PADDING
	55	Raw RSA encryption.
	56	This mode should only be used to implement cryptographically sound
	57	padding modes in the application code.
	58	Encrypting user data directly with RSA is insecure.
	59	.El
	60	.Pp
	61	.Fa flen
	62	must be less than
	63	.Fn RSA_size rsa
	64	- 11 for the PKCS #1 v1.5 based padding modes, less than
	65	.Fn RSA_size rsa
	66	- 41 for
	67	.Dv RSA_PKCS1_OAEP_PADDING
	68	and exactly
	69	.Fn RSA_size rsa
	70	for
	71	.Dv RSA_NO_PADDING .
	72	.Pp
	73	.Fn RSA_private_decrypt
	74	decrypts the
	75	.Fa flen
	76	bytes at
	77	.Fa from
	78	using the private key
	79	.Fa rsa
	80	and stores the plaintext in
	81	.Fa to .
	82	.Fa to
	83	must point to a memory section large enough to hold the decrypted data
	84	(which is smaller than
	85	.Fn RSA_size rsa ) .
	86	.Fa padding
	87	is the padding mode that was used to encrypt the data.
	88	.Sh RETURN VALUES
	89	.Fn RSA_public_encrypt
	90	returns the size of the encrypted data (i.e.,
	91	.Fn RSA_size rsa ) .
	92	.Fn RSA_private_decrypt
	93	returns the size of the recovered plaintext.
	94	.Pp
	95	On error, -1 is returned; the error codes can be obtained by
	96	.Xr ERR_get_error 3 .
	97	.Sh SEE ALSO
	98	.Xr ERR_get_error 3 ,
	99	.Xr rsa 3 ,
	100	.Xr RSA_size 3
	101	.Sh STANDARDS
	102	SSL, PKCS #1 v2.0
	103	.Sh HISTORY
	104	The
	105	.Fa padding
	106	argument was added in SSLeay 0.8.
	107	.Dv RSA_NO_PADDING is available since SSLeay 0.9.0.
	108	OAEP was added in OpenSSL 0.9.2b.