RSA_check_key.pod

=pod

=head1 NAME

RSA_check_key - validate private RSA keys

=head1 SYNOPSIS

 #include <openssl/rsa.h>

 int RSA_check_key(RSA *rsa);

=head1 DESCRIPTION

This function validates RSA keys. It checks that B<p> and B<q> are
in fact prime, and that B<n = p*q>.

It also checks that B<d*e = 1 mod (p-1*q-1)>,
and that B<dmp1>, B<dmq1> and B<iqmp> are set correctly or are B<NULL>.

The key's public components may not be B<NULL>.

=head1 RETURN VALUE

RSA_check_key() returns 1 if B<rsa> is a valid RSA key, and 0 otherwise.
-1 is returned if an error occurs while checking the key.

If the key is invalid or an error occurred, the reason code can be
obtained using L<ERR_get_error(3)|ERR_get_error(3)>.

=head1 NOTES

RSA_check_key() can only check soft keys.  If given hard keys, i.e. keys
that were retreived from an ENGINE (with ENGINE_load_private_key()),
RSA_check_key() will always return 0, as if the key was invalid.  The
reason is that the private components B<p>, B<q> and B<d> are normally
not available to OpenSSL for hard keys, and the checks can therefore not
be done.

=head1 SEE ALSO

L<rsa(3)|rsa(3)>, L<err(3)|err(3)>

=head1 HISTORY

RSA_check_key() appeared in OpenSSL 0.9.4.

=cut