term% ls -F
term% cat index.txt
RSA(2)                        System Calls Manual                       RSA(2)

       asn1dump,  asn1toRSApub,  asn1toRSApriv,  decodePEM, rsadecrypt, rsaen‐
       crypt, rsagen, rsaprivalloc,  rsaprivfree,  rsaprivtopub,  rsapuballoc,
       rsapubfree,  RSApubtoasn1,  X509toRSApub,  X509gen,  X509verify  -  RSA
       encryption algorithm

       #include <u.h>
       #include <libc.h>
       #include <mp.h>
       #include <libsec.h>

       RSApriv* rsagen(int nlen, int elen, int nrep)

       mpint*   rsaencrypt(RSApub *k, mpint *in, mpint *out)

       mpint*   rsadecrypt(RSApriv *k, mpint *in, mpint *out)

       RSApub*  rsapuballoc(void)

       void     rsapubfree(RSApub*)

       RSApriv* rsaprivalloc(void)

       void     rsaprivfree(RSApriv*)

       RSApub*  rsaprivtopub(RSApriv*)

       RSApub*  X509toRSApub(uchar *cert, int ncert, char *name, int nname)

       RSApub*  asn1toRSApub(uchar *pub, int npub)

       uchar* RSApubtoasn1(RSApub *pub, int *keylen)

       RSApriv* asn1toRSApriv(uchar *priv, int npriv)

       void     asn1dump(uchar *der, int len)

       uchar*   decodePEM(char *s, char *type, int *len, char **new_s)

       uchar*   X509gen(RSApriv  *priv,  char  *subj,  ulong   valid[2],   int

       uchar*   X509req(RSApriv *priv, char *subj, int *certlen);

       char*    X509verify(uchar *cert, int ncert, RSApub *pk)

       RSA is a public key encryption algorithm.  The owner of a key publishes
       the public part of the key:

              struct RSApub
                   mpint     *n;  /* modulus */
                   mpint     *ek; /* exp (encryption key) */

       This part can be used for encrypting data (with rsaencrypt) to be  sent
       to  the  owner.  The owner decrypts (with rsadecrypt) using his private

              struct RSApriv
                   RSApub    pub;
                   mpint     *dk; /* exp (decryption key) */

                   /* precomputed crt values */
                   mpint     *p;
                   mpint     *q;
                   mpint     *kp; /* k mod p-1 */
                   mpint     *kq; /* k mod q-1 */
                   mpint     *c2; /* for converting residues to number */

       Keys are generated using rsagen.  Rsagen takes both bit length  of  the
       modulus,  the  bit length of the public key exponent, and the number of
       repetitions of the Miller-Rabin primality test to run.  If  the  latter
       is  0,  it  does  the default number of rounds.  Rsagen returns a newly
       allocated structure containing both public and private keys.   Rsapriv‐
       topub returns a newly allocated copy of the public key corresponding to
       the private key.

       The routines rsaalloc, rsafree, rsapuballoc, rsapubfree,  rsaprivalloc,
       and rsaprivfree are provided to aid in user provided key I/O.

       Given  a binary X.509 cert, the routine X509toRSApub returns the public
       key and, if name is not nil, the CN part of the Distinguished  Name  of
       the  certificate's Subject.  (This is conventionally a userid or a host
       DNS name.)  No verification is done of the certificate signature;   the
       caller  should  check  the  fingerprint, sha1(cert), against a table or
       check the certificate by other means.   X.509  certificates  are  often
       stored  in  PEM format; use dec64 to convert to binary before computing
       the fingerprint or calling X509toRSApub.  For the special case of  cer‐
       tificates signed by a known trusted key (in a single step, without cer‐
       tificate chains), X509verify checks the signature on cert.  It  returns
       nil if successful, else an error string.

       X509gen  creates  a self-signed X.509 certificate, given an RSA keypair
       priv, a issuer/subject string subj, and the starting and ending  valid‐
       ity dates, valid.  Length of the allocated binary certificate is stored
       in certlen.  The subject line is conventionally of the form

              C=US ST=NJ L=07922 O=Lucent OU='Bell Labs' CN=Eric

       using the quoting conventions of tokenize in getfields(2).

       Asn1toRSApub converts an ASN1-formatted RSA public key into the  corre‐
       sponding RSApub structure.

       RSApubtoasn1  encodes  an RSA public key using ASN.1 DER.  It returns a
       pointer to the encoded key; if keylen is non-nil, it  sets  *keylen  to
       the length of the encoded key.

       Asn1toRSApriv  converts an ASN1 formatted RSA private key into the cor‐
       responding RSApriv structure.

       Asn1dump prints an ASN1 object to standard output.

       DecodePEM takes a zero terminated string, s, and decodes the PEM  (pri‐
       vacy-enhanced  mail) formatted section for type within it.  If success‐
       ful, it returns malloced storage containing the decoded section,  which
       the  caller  must free, and sets *len to its decoded length.  Otherwise
       nil is returned and *len is undefined.  If not nil, new_s is set to the
       first character beyond the type section.


       mp(2),   aes(2),   blowfish(2),  des(2),  dsa(2),  elgamal(2),  rc4(2),
       sechash(2), prime(2), rand(2), rsa(8)