xref: /freebsd/crypto/openssl/doc/man3/RSA_sign.pod (revision c66ec88fed842fbaad62c30d510644ceb7bd2d71)
1=pod
2
3=head1 NAME
4
5RSA_sign, RSA_verify - RSA signatures
6
7=head1 SYNOPSIS
8
9 #include <openssl/rsa.h>
10
11 int RSA_sign(int type, const unsigned char *m, unsigned int m_len,
12              unsigned char *sigret, unsigned int *siglen, RSA *rsa);
13
14 int RSA_verify(int type, const unsigned char *m, unsigned int m_len,
15                unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
16
17=head1 DESCRIPTION
18
19RSA_sign() signs the message digest B<m> of size B<m_len> using the
20private key B<rsa> using RSASSA-PKCS1-v1_5 as specified in RFC 3447. It
21stores the signature in B<sigret> and the signature size in B<siglen>.
22B<sigret> must point to RSA_size(B<rsa>) bytes of memory.
23Note that PKCS #1 adds meta-data, placing limits on the size of the
24key that can be used.
25See L<RSA_private_encrypt(3)> for lower-level
26operations.
27
28B<type> denotes the message digest algorithm that was used to generate
29B<m>.
30If B<type> is B<NID_md5_sha1>,
31an SSL signature (MD5 and SHA1 message digests with PKCS #1 padding
32and no algorithm identifier) is created.
33
34RSA_verify() verifies that the signature B<sigbuf> of size B<siglen>
35matches a given message digest B<m> of size B<m_len>. B<type> denotes
36the message digest algorithm that was used to generate the signature.
37B<rsa> is the signer's public key.
38
39=head1 RETURN VALUES
40
41RSA_sign() returns 1 on success.
42RSA_verify() returns 1 on successful verification.
43
44The error codes can be obtained by L<ERR_get_error(3)>.
45
46=head1 CONFORMING TO
47
48SSL, PKCS #1 v2.0
49
50=head1 SEE ALSO
51
52L<ERR_get_error(3)>,
53L<RSA_private_encrypt(3)>,
54L<RSA_public_decrypt(3)>
55
56=head1 COPYRIGHT
57
58Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
59
60Licensed under the OpenSSL license (the "License").  You may not use
61this file except in compliance with the License.  You can obtain a copy
62in the file LICENSE in the source distribution or at
63L<https://www.openssl.org/source/license.html>.
64
65=cut
66