1 .\" $NetBSD: RSA_sign.3,v 1.14 2015/06/12 17:01:14 christos Exp $
3 .\" Automatically generated by Pod::Man 2.28 (Pod::Simple 3.28)
6 .\" ========================================================================
7 .de Sp \" Vertical space (when we can't use .PP)
11 .de Vb \" Begin verbatim text
16 .de Ve \" End verbatim text
20 .\" Set up some character translations and predefined strings. \*(-- will
21 .\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
22 .\" double quote, and \*(R" will give a right double quote. \*(C+ will
23 .\" give a nicer C++. Capital omega is used to do unbreakable dashes and
24 .\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
25 .\" nothing in troff, for use with C<>.
27 .ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
31 . if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
32 . if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
47 .\" Escape single quotes in literal strings from groff's Unicode transform.
51 .\" If the F register is turned on, we'll generate index entries on stderr for
52 .\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
53 .\" entries marked with X<> in POD. Of course, you'll have to process the
54 .\" output yourself in some meaningful fashion.
56 .\" Avoid warning from groff about undefined register 'F'.
60 .if \n(.g .if rF .nr rF 1
61 .if (\n(rF:(\n(.g==0)) \{
64 . tm Index:\\$1\t\\n%\t"\\$2"
74 .\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
75 .\" Fear. Run. Save yourself. No user-serviceable parts.
76 . \" fudge factors for nroff and troff
85 . ds #H ((1u-(\\\\n(.fu%2u))*.13m)
91 . \" simple accents for nroff and troff
101 . ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
102 . ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
103 . ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
104 . ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
105 . ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
106 . ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
108 . \" troff and (daisy-wheel) nroff accents
109 .ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
110 .ds 8 \h'\*(#H'\(*b\h'-\*(#H'
111 .ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
112 .ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
113 .ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
114 .ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
115 .ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
116 .ds ae a\h'-(\w'a'u*4/10)'e
117 .ds Ae A\h'-(\w'A'u*4/10)'E
118 . \" corrections for vroff
119 .if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
120 .if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
121 . \" for low resolution devices (crt and lpr)
122 .if \n(.H>23 .if \n(.V>19 \
135 .\" ========================================================================
137 .IX Title "RSA_sign 3"
138 .TH RSA_sign 3 "2014-08-10" "1.0.1n" "OpenSSL"
139 .\" For nroff, turn off justification. Always turn off hyphenation; it makes
140 .\" way too many mistakes in technical documents.
144 RSA_sign, RSA_verify \- RSA signatures
148 .IX Header "SYNOPSIS"
150 \& #include <openssl/rsa.h>
152 \& int RSA_sign(int type, const unsigned char *m, unsigned int m_len,
153 \& unsigned char *sigret, unsigned int *siglen, RSA *rsa);
155 \& int RSA_verify(int type, const unsigned char *m, unsigned int m_len,
156 \& unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
159 .IX Header "DESCRIPTION"
160 \&\fIRSA_sign()\fR signs the message digest \fBm\fR of size \fBm_len\fR using the
161 private key \fBrsa\fR as specified in \s-1PKCS\s0 #1 v2.0. It stores the
162 signature in \fBsigret\fR and the signature size in \fBsiglen\fR. \fBsigret\fR
163 must point to RSA_size(\fBrsa\fR) bytes of memory.
164 Note that \s-1PKCS\s0 #1 adds meta-data, placing limits on the size of the
165 key that can be used.
166 See \fIRSA_private_encrypt\fR\|(3) for lower-level
169 \&\fBtype\fR denotes the message digest algorithm that was used to generate
170 \&\fBm\fR. It usually is one of \fBNID_sha1\fR, \fBNID_ripemd160\fR and \fBNID_md5\fR;
171 see \fIobjects\fR\|(3) for details. If \fBtype\fR is \fBNID_md5_sha1\fR,
172 an \s-1SSL\s0 signature (\s-1MD5\s0 and \s-1SHA1\s0 message digests with \s-1PKCS\s0 #1 padding
173 and no algorithm identifier) is created.
175 \&\fIRSA_verify()\fR verifies that the signature \fBsigbuf\fR of size \fBsiglen\fR
176 matches a given message digest \fBm\fR of size \fBm_len\fR. \fBtype\fR denotes
177 the message digest algorithm that was used to generate the signature.
178 \&\fBrsa\fR is the signer's public key.
180 .IX Header "RETURN VALUES"
181 \&\fIRSA_sign()\fR returns 1 on success, 0 otherwise. \fIRSA_verify()\fR returns 1
182 on successful verification, 0 otherwise.
184 The error codes can be obtained by \fIERR_get_error\fR\|(3).
187 Certain signatures with an improper algorithm identifier are accepted
188 for compatibility with SSLeay 0.4.5 :\-)
190 .IX Header "CONFORMING TO"
191 \&\s-1SSL, PKCS\s0 #1 v2.0
193 .IX Header "SEE ALSO"
194 \&\fIERR_get_error\fR\|(3), \fIobjects\fR\|(3),
195 \&\fIopenssl_rsa\fR\|(3), \fIRSA_private_encrypt\fR\|(3),
196 \&\fIRSA_public_decrypt\fR\|(3)
199 \&\fIRSA_sign()\fR and \fIRSA_verify()\fR are available in all versions of SSLeay