1=pod 2 3=head1 NAME 4 5RSA_private_encrypt, RSA_public_decrypt - low level signature operations 6 7=head1 SYNOPSIS 8 9 #include <openssl/rsa.h> 10 11 int RSA_private_encrypt(int flen, unsigned char *from, 12 unsigned char *to, RSA *rsa, int padding); 13 14 int RSA_public_decrypt(int flen, unsigned char *from, 15 unsigned char *to, RSA *rsa, int padding); 16 17=head1 DESCRIPTION 18 19These functions handle RSA signatures at a low level. 20 21RSA_private_encrypt() signs the B<flen> bytes at B<from> (usually a 22message digest with an algorithm identifier) using the private key 23B<rsa> and stores the signature in B<to>. B<to> must point to 24B<RSA_size(rsa)> bytes of memory. 25 26B<padding> denotes one of the following modes: 27 28=over 4 29 30=item RSA_PKCS1_PADDING 31 32PKCS #1 v1.5 padding. This function does not handle the 33B<algorithmIdentifier> specified in PKCS #1. When generating or 34verifying PKCS #1 signatures, L<RSA_sign(3)> and L<RSA_verify(3)> should be 35used. 36 37=item RSA_NO_PADDING 38 39Raw RSA signature. This mode should I<only> be used to implement 40cryptographically sound padding modes in the application code. 41Signing user data directly with RSA is insecure. 42 43=back 44 45RSA_public_decrypt() recovers the message digest from the B<flen> 46bytes long signature at B<from> using the signer's public key 47B<rsa>. B<to> must point to a memory section large enough to hold the 48message digest (which is smaller than B<RSA_size(rsa) - 4911>). B<padding> is the padding mode that was used to sign the data. 50 51=head1 RETURN VALUES 52 53RSA_private_encrypt() returns the size of the signature (i.e., 54RSA_size(rsa)). RSA_public_decrypt() returns the size of the 55recovered message digest. 56 57On error, -1 is returned; the error codes can be 58obtained by L<ERR_get_error(3)>. 59 60=head1 SEE ALSO 61 62L<ERR_get_error(3)>, 63L<RSA_sign(3)>, L<RSA_verify(3)> 64 65=head1 COPYRIGHT 66 67Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. 68 69Licensed under the OpenSSL license (the "License"). You may not use 70this file except in compliance with the License. You can obtain a copy 71in the file LICENSE in the source distribution or at 72L<https://www.openssl.org/source/license.html>. 73 74=cut 75