xref: /netbsd-src/crypto/external/bsd/openssl.old/dist/doc/man3/RSA_sign.pod (revision 4724848cf0da353df257f730694b7882798e5daf) 
1*4724848cSchristos=pod
2*4724848cSchristos
3*4724848cSchristos=head1 NAME
4*4724848cSchristos
5*4724848cSchristosRSA_sign, RSA_verify - RSA signatures
6*4724848cSchristos
7*4724848cSchristos=head1 SYNOPSIS
8*4724848cSchristos
9*4724848cSchristos #include <openssl/rsa.h>
10*4724848cSchristos
11*4724848cSchristos int RSA_sign(int type, const unsigned char *m, unsigned int m_len,
12*4724848cSchristos              unsigned char *sigret, unsigned int *siglen, RSA *rsa);
13*4724848cSchristos
14*4724848cSchristos int RSA_verify(int type, const unsigned char *m, unsigned int m_len,
15*4724848cSchristos                unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
16*4724848cSchristos
17*4724848cSchristos=head1 DESCRIPTION
18*4724848cSchristos
19*4724848cSchristosRSA_sign() signs the message digest B<m> of size B<m_len> using the
20*4724848cSchristosprivate key B<rsa> using RSASSA-PKCS1-v1_5 as specified in RFC 3447. It
21*4724848cSchristosstores the signature in B<sigret> and the signature size in B<siglen>.
22*4724848cSchristosB<sigret> must point to RSA_size(B<rsa>) bytes of memory.
23*4724848cSchristosNote that PKCS #1 adds meta-data, placing limits on the size of the
24*4724848cSchristoskey that can be used.
25*4724848cSchristosSee L<RSA_private_encrypt(3)> for lower-level
26*4724848cSchristosoperations.
27*4724848cSchristos
28*4724848cSchristosB<type> denotes the message digest algorithm that was used to generate
29*4724848cSchristosB<m>.
30*4724848cSchristosIf B<type> is B<NID_md5_sha1>,
31*4724848cSchristosan SSL signature (MD5 and SHA1 message digests with PKCS #1 padding
32*4724848cSchristosand no algorithm identifier) is created.
33*4724848cSchristos
34*4724848cSchristosRSA_verify() verifies that the signature B<sigbuf> of size B<siglen>
35*4724848cSchristosmatches a given message digest B<m> of size B<m_len>. B<type> denotes
36*4724848cSchristosthe message digest algorithm that was used to generate the signature.
37*4724848cSchristosB<rsa> is the signer's public key.
38*4724848cSchristos
39*4724848cSchristos=head1 RETURN VALUES
40*4724848cSchristos
41*4724848cSchristosRSA_sign() returns 1 on success.
42*4724848cSchristosRSA_verify() returns 1 on successful verification.
43*4724848cSchristos
44*4724848cSchristosThe error codes can be obtained by L<ERR_get_error(3)>.
45*4724848cSchristos
46*4724848cSchristos=head1 CONFORMING TO
47*4724848cSchristos
48*4724848cSchristosSSL, PKCS #1 v2.0
49*4724848cSchristos
50*4724848cSchristos=head1 SEE ALSO
51*4724848cSchristos
52*4724848cSchristosL<ERR_get_error(3)>,
53*4724848cSchristosL<RSA_private_encrypt(3)>,
54*4724848cSchristosL<RSA_public_decrypt(3)>
55*4724848cSchristos
56*4724848cSchristos=head1 COPYRIGHT
57*4724848cSchristos
58*4724848cSchristosCopyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
59*4724848cSchristos
60*4724848cSchristosLicensed under the OpenSSL license (the "License").  You may not use
61*4724848cSchristosthis file except in compliance with the License.  You can obtain a copy
62*4724848cSchristosin the file LICENSE in the source distribution or at
63*4724848cSchristosL<https://www.openssl.org/source/license.html>.
64*4724848cSchristos
65*4724848cSchristos=cut
66