[thirdparty/openssl.git] / doc / man3 / RSA_sign.pod

=pod

=head1 NAME

RSA_sign, RSA_verify - RSA signatures

=head1 SYNOPSIS

 #include <openssl/rsa.h>

Deprecated since OpenSSL 3.0, can be hidden entirely by defining
B<OPENSSL_API_COMPAT> with a suitable version value, see
L<openssl_user_macros(7)>:

 int RSA_sign(int type, const unsigned char *m, unsigned int m_len,
              unsigned char *sigret, unsigned int *siglen, RSA *rsa);

 int RSA_verify(int type, const unsigned char *m, unsigned int m_len,
                unsigned char *sigbuf, unsigned int siglen, RSA *rsa);

=head1 DESCRIPTION

All of the functions described on this page are deprecated.
Applications should instead use L<EVP_PKEY_sign_init(3)>, L<EVP_PKEY_sign(3)>,
L<EVP_PKEY_verify_init(3)> and L<EVP_PKEY_verify(3)>.

RSA_sign() signs the message digest B<m> of size B<m_len> using the
private key B<rsa> using RSASSA-PKCS1-v1_5 as specified in RFC 3447. It
stores the signature in B<sigret> and the signature size in B<siglen>.
B<sigret> must point to RSA_size(B<rsa>) bytes of memory.
Note that PKCS #1 adds meta-data, placing limits on the size of the
key that can be used.
See L<RSA_private_encrypt(3)> for lower-level
operations.

B<type> denotes the message digest algorithm that was used to generate
B<m>.
If B<type> is B<NID_md5_sha1>,
an SSL signature (MD5 and SHA1 message digests with PKCS #1 padding
and no algorithm identifier) is created.

RSA_verify() verifies that the signature B<sigbuf> of size B<siglen>
matches a given message digest B<m> of size B<m_len>. B<type> denotes
the message digest algorithm that was used to generate the signature.
B<rsa> is the signer's public key.

=head1 RETURN VALUES

RSA_sign() returns 1 on success.
RSA_verify() returns 1 on successful verification.

The error codes can be obtained by L<ERR_get_error(3)>.

=head1 CONFORMING TO

SSL, PKCS #1 v2.0

=head1 SEE ALSO

L<ERR_get_error(3)>,
L<RSA_private_encrypt(3)>,
L<RSA_public_decrypt(3)>

=head1 HISTORY

All of these functions were deprecated in OpenSSL 3.0.

=head1 COPYRIGHT

Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License").  You may not use
this file except in compliance with the License.  You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.

=cut
Commit	Line	Data
2186cd8e UM	1	=pod
	2
	3	=head1 NAME
	4
	5	RSA_sign, RSA_verify - RSA signatures
	6
	7	=head1 SYNOPSIS
	8
	9	#include <openssl/rsa.h>
	10
4fd8a3e1 P	11	Deprecated since OpenSSL 3.0, can be hidden entirely by defining
	12	B<OPENSSL_API_COMPAT> with a suitable version value, see
	13	L<openssl_user_macros(7)>:
	14
00df8947	15	int RSA_sign(int type, const unsigned char *m, unsigned int m_len,
e9b77246	16	unsigned char sigret, unsigned int siglen, RSA *rsa);
2186cd8e	17
00df8947	18	int RSA_verify(int type, const unsigned char *m, unsigned int m_len,
e9b77246	19	unsigned char sigbuf, unsigned int siglen, RSA rsa);
2186cd8e UM	20
	21	=head1 DESCRIPTION
	22
4fd8a3e1 P	23	All of the functions described on this page are deprecated.
	24	Applications should instead use L<EVP_PKEY_sign_init(3)>, L<EVP_PKEY_sign(3)>,
	25	L<EVP_PKEY_verify_init(3)> and L<EVP_PKEY_verify(3)>.
	26
2186cd8e	27	RSA_sign() signs the message digest B<m> of size B<m_len> using the
aa90ca11 DB	28	private key B<rsa> using RSASSA-PKCS1-v1_5 as specified in RFC 3447. It
	29	stores the signature in B<sigret> and the signature size in B<siglen>.
	30	B<sigret> must point to RSA_size(B<rsa>) bytes of memory.
fc1d88f0 RS	31	Note that PKCS #1 adds meta-data, placing limits on the size of the
fc1d88f0 RS	32	key that can be used.
9b86974e	33	See L<RSA_private_encrypt(3)> for lower-level
fc1d88f0	34	operations.
2186cd8e UM	35
2186cd8e UM	36	B<type> denotes the message digest algorithm that was used to generate
c03726ca RS	37	B<m>.
c03726ca RS	38	If B<type> is B<NID_md5_sha1>,
2186cd8e UM	39	an SSL signature (MD5 and SHA1 message digests with PKCS #1 padding
	40	and no algorithm identifier) is created.
	41
2186cd8e UM	42	RSA_verify() verifies that the signature B<sigbuf> of size B<siglen>
	43	matches a given message digest B<m> of size B<m_len>. B<type> denotes
	44	the message digest algorithm that was used to generate the signature.
	45	B<rsa> is the signer's public key.
	46
	47	=head1 RETURN VALUES
	48
c03726ca RS	49	RSA_sign() returns 1 on success.
c03726ca RS	50	RSA_verify() returns 1 on successful verification.
2186cd8e	51
9b86974e	52	The error codes can be obtained by L<ERR_get_error(3)>.
2186cd8e	53
2186cd8e UM	54	=head1 CONFORMING TO
	55
	56	SSL, PKCS #1 v2.0
	57
	58	=head1 SEE ALSO
	59
c03726ca	60	L<ERR_get_error(3)>,
53934822	61	L<RSA_private_encrypt(3)>,
1bc74519	62	L<RSA_public_decrypt(3)>
2186cd8e	63
4fd8a3e1 P	64	=head1 HISTORY
	65
	66	All of these functions were deprecated in OpenSSL 3.0.
	67
e2f92610 RS	68	=head1 COPYRIGHT
	69
	70	Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
	71
4746f25a	72	Licensed under the Apache License 2.0 (the "License"). You may not use
e2f92610 RS	73	this file except in compliance with the License. You can obtain a copy
	74	in the file LICENSE in the source distribution or at
	75	L<https://www.openssl.org/source/license.html>.
	76
	77	=cut