Thank you for your reply. I'm still a bit confused though. In /providers/implementations/asymcipher/rsa_enc.c I find function rsa_decrypt() that calls RSA_private_decrypt(prsactx->rsa) I haven't found other implementation of this RSA_private_decrypt() apart from the one in crypto/RSA/rsa_crypt.c , where the RSA argument passed is used to call this: rsa->meth->rsa_priv_dec() I can't find where this pointer to method was set up. I can't find it in the init of the default provider's rsa_enc.c and if the app requesting this default RSA can't use the set_method() because deprecated, how is this rsa_priv_dec pointer set up?where is the set up of it? Thank you
On Fri, 24 Sep 2021, 15:02 Matt Caswell, <m...@openssl.org> wrote: > > > On 24/09/2021 14:49, Antonio Santagiuliana wrote: > > Hello , thank you all for the replies. Very useful. > > I have seen in Openssl/crypto/RSA/rsa_local.h the definition of rsa_st > > has a pointer to RSA_METHOD and I can't see this filled in in any of the > > examples' set up or initializations, where is it filled in for the > > default provider , for the RSA algorithm? > > I can see the methods pointers are used later down in the call chain > > from RSA_private_decrypt() in > > providers/implementation/asymciphers/rsa_enc but I can't find where > > these methods' pointers are set and I would like to understand how I > > could pass a different method pointer in the parameters for a different > > mod_exp operation , for example, or how I could set it on a completely > > new RSA implementation mimicking the one in the default provider but > > with different methods where I need them changed, minimizing the > > differences with the default provider's RSA. > > The default RSA_METHOD structure to use can be set via > RSA_set_default_method(): > > https://www.openssl.org/docs/man3.0/man3/RSA_set_default_method.html > > You can construct such an RSA_METHOD using the functions described here: > > https://www.openssl.org/docs/man3.0/man3/RSA_meth_new.html > > However all of the above is considered deprecated and legacy and may be > removed from a future version of OpenSSL. > > Instead you are supposed to implement such things in a new provider. For > example see: > > https://www.openssl.org/docs/man3.0/man7/provider-base.html > https://www.openssl.org/docs/man3.0/man7/provider.html > https://www.openssl.org/docs/man3.0/man7/provider-signature.html > https://www.openssl.org/docs/man3.0/man7/provider-keymgmt.html > > > Matt > > > > Thank you > > > > > > On Fri, 24 Sep 2021, 12:22 Matt Caswell, <m...@openssl.org > > <mailto:m...@openssl.org>> wrote: > > > > > > > > On 24/09/2021 12:17, Dr Paul Dale wrote: > > > What about: apps/rsa.c, apps/rsautl.c and apps/genrsa.c > > > 3.0 doesn't use the RSA structure in the non-deprecated public > API. > > > > > > You probably want the EVP_PKEY_fromdata call. > > > > An example of building an RSA key from its constituent parts is > > available on the EVP_PKEY_fromdata() man page: > > > > https://www.openssl.org/docs/man3.0/man3/EVP_PKEY_fromdata.html > > <https://www.openssl.org/docs/man3.0/man3/EVP_PKEY_fromdata.html> > > > > Matt > > > > > > > > > > > > > Pauli > > > > > > > > > On 24/9/21 8:55 pm, Antonio Santagiuliana wrote: > > >> Hello > > >> Is there any app or command in the current Openssl master > > repository > > >> that initialises and uses the new RSA provider? > > >> I would like to see how the RSA* context parameter is filled in > and > > >> used, but I can't find an example using the RSA provider. > > >> > > >> > > >> Thank you > > >> > > > > > >
