113d40330Schristos=pod 213d40330Schristos 313d40330Schristos=head1 NAME 413d40330Schristos 513d40330SchristosRSA_sign, RSA_verify - RSA signatures 613d40330Schristos 713d40330Schristos=head1 SYNOPSIS 813d40330Schristos 913d40330Schristos #include <openssl/rsa.h> 1013d40330Schristos 11*b0d17251SchristosThe following functions have been deprecated since OpenSSL 3.0, and can be 12*b0d17251Schristoshidden entirely by defining B<OPENSSL_API_COMPAT> with a suitable version value, 13*b0d17251Schristossee L<openssl_user_macros(7)>: 14*b0d17251Schristos 1513d40330Schristos int RSA_sign(int type, const unsigned char *m, unsigned int m_len, 1613d40330Schristos unsigned char *sigret, unsigned int *siglen, RSA *rsa); 1713d40330Schristos 1813d40330Schristos int RSA_verify(int type, const unsigned char *m, unsigned int m_len, 1913d40330Schristos unsigned char *sigbuf, unsigned int siglen, RSA *rsa); 2013d40330Schristos 2113d40330Schristos=head1 DESCRIPTION 2213d40330Schristos 23*b0d17251SchristosAll of the functions described on this page are deprecated. 24*b0d17251SchristosApplications should instead use L<EVP_PKEY_sign_init(3)>, L<EVP_PKEY_sign(3)>, 25*b0d17251SchristosL<EVP_PKEY_verify_init(3)> and L<EVP_PKEY_verify(3)>. 26*b0d17251Schristos 2713d40330SchristosRSA_sign() signs the message digest B<m> of size B<m_len> using the 2813d40330Schristosprivate key B<rsa> using RSASSA-PKCS1-v1_5 as specified in RFC 3447. It 2913d40330Schristosstores the signature in B<sigret> and the signature size in B<siglen>. 3013d40330SchristosB<sigret> must point to RSA_size(B<rsa>) bytes of memory. 3113d40330SchristosNote that PKCS #1 adds meta-data, placing limits on the size of the 3213d40330Schristoskey that can be used. 3313d40330SchristosSee L<RSA_private_encrypt(3)> for lower-level 3413d40330Schristosoperations. 3513d40330Schristos 3613d40330SchristosB<type> denotes the message digest algorithm that was used to generate 3713d40330SchristosB<m>. 3813d40330SchristosIf B<type> is B<NID_md5_sha1>, 3913d40330Schristosan SSL signature (MD5 and SHA1 message digests with PKCS #1 padding 4013d40330Schristosand no algorithm identifier) is created. 4113d40330Schristos 4213d40330SchristosRSA_verify() verifies that the signature B<sigbuf> of size B<siglen> 4313d40330Schristosmatches a given message digest B<m> of size B<m_len>. B<type> denotes 4413d40330Schristosthe message digest algorithm that was used to generate the signature. 4513d40330SchristosB<rsa> is the signer's public key. 4613d40330Schristos 4713d40330Schristos=head1 RETURN VALUES 4813d40330Schristos 49*b0d17251SchristosRSA_sign() returns 1 on success and 0 for failure. 50*b0d17251SchristosRSA_verify() returns 1 on successful verification and 0 for failure. 5113d40330Schristos 5213d40330SchristosThe error codes can be obtained by L<ERR_get_error(3)>. 5313d40330Schristos 5413d40330Schristos=head1 CONFORMING TO 5513d40330Schristos 5613d40330SchristosSSL, PKCS #1 v2.0 5713d40330Schristos 5813d40330Schristos=head1 SEE ALSO 5913d40330Schristos 6013d40330SchristosL<ERR_get_error(3)>, 6113d40330SchristosL<RSA_private_encrypt(3)>, 6213d40330SchristosL<RSA_public_decrypt(3)> 6313d40330Schristos 64*b0d17251Schristos=head1 HISTORY 65*b0d17251Schristos 66*b0d17251SchristosAll of these functions were deprecated in OpenSSL 3.0. 67*b0d17251Schristos 6813d40330Schristos=head1 COPYRIGHT 6913d40330Schristos 70*b0d17251SchristosCopyright 2000-2021 The OpenSSL Project Authors. All Rights Reserved. 7113d40330Schristos 72*b0d17251SchristosLicensed under the Apache License 2.0 (the "License"). You may not use 7313d40330Schristosthis file except in compliance with the License. You can obtain a copy 7413d40330Schristosin the file LICENSE in the source distribution or at 7513d40330SchristosL<https://www.openssl.org/source/license.html>. 7613d40330Schristos 7713d40330Schristos=cut 78