Home Explore Help
Sign In
OWEALs
/
openssl
mirror of git://git.openssl.org/openssl.git
2
0
Fork 0
Files Issues 1 Wiki
Tree: 953a1665e2
Branches Tags
openssl
/
doc
/
crypto
/
RSA_sign.pod

RSA_sign.pod 2.0 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566 
  1. =pod
    2. 

  2. 

  3. =head1 NAME
    4. 

  4. 

  5. RSA_sign, RSA_verify - RSA signatures
    6. 

  6. 

  7. =head1 SYNOPSIS
    8. 

  8. 

  9.  #include <openssl/rsa.h>
    10. 

  10. 

  11.  int RSA_sign(int type, const unsigned char *m, unsigned int m_len,
    12. 

  12.     unsigned char *sigret, unsigned int *siglen, RSA *rsa);
    13. 

  13. 

  14.  int RSA_verify(int type, const unsigned char *m, unsigned int m_len,
    15. 

  15.     unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
    16. 

  16. 

  17. =head1 DESCRIPTION
    18. 

  18. 

  19. RSA_sign() signs the message digest B<m> of size B<m_len> using the
    20. 

  20. private key B<rsa> as specified in PKCS #1 v2.0. It stores the
    21. 

  21. signature in B<sigret> and the signature size in B<siglen>. B<sigret>
    22. 

  22. must point to RSA_size(B<rsa>) bytes of memory.
    23. 

  23. Note that PKCS #1 adds meta-data, placing limits on the size of the
    24. 

  24. key that can be used.
    25. 

  25. See L<RSA_private_encrypt(3)|RSA_private_encrypt(3)> for lower-level
    26. 

  26. operations.
    27. 

  27. 

  28. B<type> denotes the message digest algorithm that was used to generate
    29. 

  29. B<m>. It usually is one of B<NID_sha1>, B<NID_ripemd160> and B<NID_md5>;
    30. 

  30. see L<objects(3)|objects(3)> for details. If B<type> is B<NID_md5_sha1>,
    31. 

  31. an SSL signature (MD5 and SHA1 message digests with PKCS #1 padding
    32. 

  32. and no algorithm identifier) is created.
    33. 

  33. 

  34. RSA_verify() verifies that the signature B<sigbuf> of size B<siglen>
    35. 

  35. matches a given message digest B<m> of size B<m_len>. B<type> denotes
    36. 

  36. the message digest algorithm that was used to generate the signature.
    37. 

  37. B<rsa> is the signer's public key.
    38. 

  38. 

  39. =head1 RETURN VALUES
    40. 

  40. 

  41. RSA_sign() returns 1 on success, 0 otherwise.  RSA_verify() returns 1
    42. 

  42. on successful verification, 0 otherwise.
    43. 

  43. 

  44. The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
    45. 

  45. 

  46. =head1 BUGS
    47. 

  47. 

  48. Certain signatures with an improper algorithm identifier are accepted
    49. 

  49. for compatibility with SSLeay 0.4.5 :-)
    50. 

  50. 

  51. =head1 CONFORMING TO
    52. 

  52. 

  53. SSL, PKCS #1 v2.0
    54. 

  54. 

  55. =head1 SEE ALSO
    56. 

  56. 

  57. L<ERR_get_error(3)|ERR_get_error(3)>, L<objects(3)|objects(3)>,
    58. 

  58. L<rsa(3)|rsa(3)>, L<RSA_private_encrypt(3)|RSA_private_encrypt(3)>,
    59. 

  59. L<RSA_public_decrypt(3)|RSA_public_decrypt(3)> 
    60. 

  60. 

  61. =head1 HISTORY
    62. 

  62. 

  63. RSA_sign() and RSA_verify() are available in all versions of SSLeay
    64. 

  64. and OpenSSL.
    65. 

  65. 

  66. =cut
    67.