1 files changed, 51 insertions, 16 deletions
diff --git a/src/lib/libcrypto/man/RSA_set_method.3 b/src/lib/libcrypto/man/RSA_set_method.3
index 524430b6f8..53d41f5516 100644
--- a/src/lib/libcrypto/man/RSA_set_method.3
+++ b/src/lib/libcrypto/man/RSA_set_method.3
@@ -1,4 +1,4 @@
-.\"     $OpenBSD: RSA_set_method.3,v 1.13 2019/05/20 06:04:45 jmc Exp $
+.\"     $OpenBSD: RSA_set_method.3,v 1.14 2019/06/08 09:53:15 schwarze Exp $
 .\"     OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400
 .\"
 .\" This file was written by Ulf Moeller <ulf@openssl.org>
@@ -50,7 +50,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: May 20 2019 $
+.Dd $Mdocdate: June 8 2019 $
 .Dt RSA_SET_METHOD 3
 .Os
 .Sh NAME
@@ -121,12 +121,25 @@ selects
 .Fa meth
 to perform all operations using the key
 .Fa rsa .
-This replaces the
+This replaces the previous
 .Vt RSA_METHOD
-used by the RSA key, and if the previous method was supplied by an
+used by the RSA key, calling the
+.Fa finish
+function set up with
+.Xr RSA_meth_set_finish 3
+if any, and if the previous method was supplied by an
 .Vt ENGINE ,
 .Xr ENGINE_finish 3
 is called on it.
+If
+.Fa meth
+contains an
+.Fa init
+function set up with
+.Xr RSA_meth_set_init 3 ,
+that function is called just before returning from
+.Fn RSA_set_method .
+.Pp
 It is possible to have RSA keys that only work with certain
 .Vt RSA_METHOD
 implementations (e.g. from an
@@ -148,14 +161,19 @@ to be valid as long as the RSA key itself is valid and does not
 have its implementation changed by
 .Fn RSA_set_method .
 .Pp
+The misleadingly named function
 .Fn RSA_flags
 returns the flags that are set for the current
 .Vt RSA_METHOD
 of
 .Fa rsa .
+The flags used by
+.Fa rsa
+itself can instead be tested with
+.Xr RSA_test_flags 3 .
 See the
 .Sx BUGS
-section.
+section for more details.
 .Pp
 .Fn RSA_new_method
 allocates and initializes an
@@ -175,6 +193,18 @@ the default method controlled by
 .Fn RSA_set_default_method
 is used.
 .Pp
+The initial
+.Fa flags
+are copied from the
+.Vt RSA_METHOD
+object used and will not be affected by later changes to that object,
+but may be modified by the optional
+.Fa init
+function which may have been set up with
+.Xr RSA_meth_set_init 3
+and which is called just before returning from
+.Fn RSA_new_method .
+.Pp
 The
 .Dv RSA_METHOD
 structure is defined as follows:
@@ -185,27 +215,28 @@ typedef struct rsa_meth_st
        const char *name;
     /* encrypt */
-        int (*rsa_pub_enc)(int flen, unsigned char *from,
+        int (*rsa_pub_enc)(int flen, const unsigned char *from,
          unsigned char *to, RSA *rsa, int padding);
     /* verify arbitrary data */
-        int (*rsa_pub_dec)(int flen, unsigned char *from,
+        int (*rsa_pub_dec)(int flen, const unsigned char *from,
          unsigned char *to, RSA *rsa, int padding);
     /* sign arbitrary data */
-        int (*rsa_priv_enc)(int flen, unsigned char *from,
+        int (*rsa_priv_enc)(int flen, const unsigned char *from,
          unsigned char *to, RSA *rsa, int padding);
     /* decrypt */
-        int (*rsa_priv_dec)(int flen, unsigned char *from,
+        int (*rsa_priv_dec)(int flen, const unsigned char *from,
          unsigned char *to, RSA *rsa, int padding);
     /* compute r0 = r0 ^ I mod rsa->n (May be NULL for some
                                        implementations) */
-        int (*rsa_mod_exp)(BIGNUM *r0, BIGNUM *I, RSA *rsa);
+        int (*rsa_mod_exp)(BIGNUM *r0, const BIGNUM *I, RSA *rsa,
+          BN_CTX *ctx);
     /* compute r = a ^ p mod m (May be NULL for some implementations) */
-        int (*bn_mod_exp)(BIGNUM *r, BIGNUM *a, const BIGNUM *p,
+        int (*bn_mod_exp)(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
          const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx);
     /* called at RSA_new */
@@ -218,7 +249,6 @@ typedef struct rsa_meth_st
      *                            operations, even if p,q,dmp1,dmq1,iqmp
      *                            are NULL
      * RSA_FLAG_SIGN_VER        - enable rsa_sign and rsa_verify
-      * RSA_METHOD_FLAG_NO_CHECK - don't check pub/private match
      */
        int flags;
@@ -227,14 +257,19 @@ typedef struct rsa_meth_st
     /* sign. For backward compatibility, this is used only
      * if (flags & RSA_FLAG_SIGN_VER)
      */
-        int (*rsa_sign)(int type, unsigned char *m, unsigned int m_len,
+        int (*rsa_sign)(int type, const unsigned char *m,
-           unsigned char *sigret, unsigned int *siglen, RSA *rsa);
+          unsigned int m_len, unsigned char *sigret,
+          unsigned int *siglen, const RSA *rsa);
     /* verify. For backward compatibility, this is used only
      * if (flags & RSA_FLAG_SIGN_VER)
      */
-        int (*rsa_verify)(int type, unsigned char *m, unsigned int m_len,
+        int (*rsa_verify)(int type, const unsigned char *m,
-           unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
+          unsigned int m_len, const unsigned char *sigbuf,
+          unsigned int siglen, const RSA *rsa);
+     /* called at RSA_generate_key_ex; may be NULL */
+        int (*rsa_keygen)(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
 } RSA_METHOD;
 .Ed