Go to main content

man pages section 3: Extended Library Functions, Volume 1

Exit Print View

Updated: Wednesday, July 27, 2022
 
 

RSA_sign (3openssl)

Name

RSA_sign - RSA signatures

Synopsis

#include <openssl/rsa.h>

int RSA_sign(int type, const unsigned char *m, unsigned int m_len,
unsigned char *sigret, unsigned int *siglen, RSA *rsa);

int RSA_verify(int type, const unsigned char *m, unsigned int m_len,
unsigned char *sigbuf, unsigned int siglen, RSA *rsa);

Description

RSA_sign(3openssl)                  OpenSSL                 RSA_sign(3openssl)



NAME
       RSA_sign, RSA_verify - RSA signatures

SYNOPSIS
        #include <openssl/rsa.h>

        int RSA_sign(int type, const unsigned char *m, unsigned int m_len,
           unsigned char *sigret, unsigned int *siglen, RSA *rsa);

        int RSA_verify(int type, const unsigned char *m, unsigned int m_len,
           unsigned char *sigbuf, unsigned int siglen, RSA *rsa);

DESCRIPTION
       RSA_sign() signs the message digest m of size m_len using the private
       key rsa as specified in PKCS #1 v2.0. It stores the signature in sigret
       and the signature size in siglen. sigret must point to RSA_size(rsa)
       bytes of memory.  Note that PKCS #1 adds meta-data, placing limits on
       the size of the key that can be used.  See RSA_private_encrypt(3) for
       lower-level operations.

       type denotes the message digest algorithm that was used to generate m.
       It usually is one of NID_sha1, NID_ripemd160 and NID_md5; see
       objects(3) for details. If type is NID_md5_sha1, an SSL signature (MD5
       and SHA1 message digests with PKCS #1 padding and no algorithm
       identifier) is created.

       RSA_verify() verifies that the signature sigbuf of size siglen matches
       a given message digest m of size m_len. type denotes the message digest
       algorithm that was used to generate the signature.  rsa is the signer's
       public key.

RETURN VALUES
       RSA_sign() returns 1 on success, 0 otherwise.  RSA_verify() returns 1
       on successful verification, 0 otherwise.

       The error codes can be obtained by ERR_get_error(3).

BUGS
       Certain signatures with an improper algorithm identifier are accepted
       for compatibility with SSLeay 0.4.5 :-)

CONFORMING TO
       SSL, PKCS #1 v2.0


ATTRIBUTES
       See attributes(7) for descriptions of the following attributes:


       +---------------+--------------------------+
       |ATTRIBUTE TYPE |     ATTRIBUTE VALUE      |
       +---------------+--------------------------+
       |Availability   | library/security/openssl |
       +---------------+--------------------------+
       |Stability      | Pass-through uncommitted |
       +---------------+--------------------------+

SEE ALSO
       ERR_get_error(3), objects(3), rsa(3), RSA_private_encrypt(3),
       RSA_public_decrypt(3)

HISTORY
       RSA_sign() and RSA_verify() are available in all versions of SSLeay and
       OpenSSL.



NOTES
       Source code for open source software components in Oracle Solaris can
       be found at https://www.oracle.com/downloads/opensource/solaris-source-
       code-downloads.html.

       This software was built from source available at
       https://github.com/oracle/solaris-userland.  The original community
       source was downloaded from
       https://www.openssl.org/source/openssl-1.0.2ze.tar.gz.

       Further information about this software can be found on the open source
       community website at https://www.openssl.org/.



1.0.2ze                           2022-05-03                RSA_sign(3openssl)
Copyright © 1993, 2022, Oracle and/or its affiliates.  
Previous
Next