]>
Commit | Line | Data |
---|---|---|
2186cd8e UM |
1 | =pod |
2 | ||
3 | =head1 NAME | |
4 | ||
8c1cbc72 | 5 | RSA_private_encrypt, RSA_public_decrypt - low-level signature operations |
2186cd8e UM |
6 | |
7 | =head1 SYNOPSIS | |
8 | ||
9 | #include <openssl/rsa.h> | |
10 | ||
4fd8a3e1 P |
11 | Deprecated since OpenSSL 3.0, can be hidden entirely by defining |
12 | B<OPENSSL_API_COMPAT> with a suitable version value, see | |
13 | L<openssl_user_macros(7)>: | |
14 | ||
e9b77246 BB |
15 | int RSA_private_encrypt(int flen, unsigned char *from, |
16 | unsigned char *to, RSA *rsa, int padding); | |
2186cd8e | 17 | |
e9b77246 BB |
18 | int RSA_public_decrypt(int flen, unsigned char *from, |
19 | unsigned char *to, RSA *rsa, int padding); | |
2186cd8e UM |
20 | |
21 | =head1 DESCRIPTION | |
22 | ||
4fd8a3e1 P |
23 | Both of the functions described on this page are deprecated. |
24 | Applications should instead use L<EVP_PKEY_encrypt_init(3)>, | |
25 | L<EVP_PKEY_encrypt(3)>, L<EVP_PKEY_decrypt_init(3)> and L<EVP_PKEY_decrypt(3)>. | |
26 | ||
8c1cbc72 | 27 | These functions handle RSA signatures at a low-level. |
2186cd8e UM |
28 | |
29 | RSA_private_encrypt() signs the B<flen> bytes at B<from> (usually a | |
30 | message digest with an algorithm identifier) using the private key | |
31 | B<rsa> and stores the signature in B<to>. B<to> must point to | |
32 | B<RSA_size(rsa)> bytes of memory. | |
33 | ||
34 | B<padding> denotes one of the following modes: | |
35 | ||
36 | =over 4 | |
37 | ||
38 | =item RSA_PKCS1_PADDING | |
39 | ||
40 | PKCS #1 v1.5 padding. This function does not handle the | |
41 | B<algorithmIdentifier> specified in PKCS #1. When generating or | |
9b86974e | 42 | verifying PKCS #1 signatures, L<RSA_sign(3)> and L<RSA_verify(3)> should be |
2186cd8e UM |
43 | used. |
44 | ||
45 | =item RSA_NO_PADDING | |
46 | ||
47 | Raw RSA signature. This mode should I<only> be used to implement | |
48 | cryptographically sound padding modes in the application code. | |
49 | Signing user data directly with RSA is insecure. | |
50 | ||
51 | =back | |
52 | ||
2186cd8e UM |
53 | RSA_public_decrypt() recovers the message digest from the B<flen> |
54 | bytes long signature at B<from> using the signer's public key | |
55 | B<rsa>. B<to> must point to a memory section large enough to hold the | |
56 | message digest (which is smaller than B<RSA_size(rsa) - | |
57 | 11>). B<padding> is the padding mode that was used to sign the data. | |
58 | ||
59 | =head1 RETURN VALUES | |
60 | ||
61 | RSA_private_encrypt() returns the size of the signature (i.e., | |
62 | RSA_size(rsa)). RSA_public_decrypt() returns the size of the | |
63 | recovered message digest. | |
64 | ||
65 | On error, -1 is returned; the error codes can be | |
9b86974e | 66 | obtained by L<ERR_get_error(3)>. |
2186cd8e UM |
67 | |
68 | =head1 SEE ALSO | |
69 | ||
53934822 | 70 | L<ERR_get_error(3)>, |
9b86974e | 71 | L<RSA_sign(3)>, L<RSA_verify(3)> |
2186cd8e | 72 | |
4fd8a3e1 P |
73 | =head1 HISTORY |
74 | ||
75 | Both of these functions were deprecated in OpenSSL 3.0. | |
76 | ||
e2f92610 RS |
77 | =head1 COPYRIGHT |
78 | ||
33388b44 | 79 | Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. |
e2f92610 | 80 | |
4746f25a | 81 | Licensed under the Apache License 2.0 (the "License"). You may not use |
e2f92610 RS |
82 | this file except in compliance with the License. You can obtain a copy |
83 | in the file LICENSE in the source distribution or at | |
84 | L<https://www.openssl.org/source/license.html>. | |
85 | ||
86 | =cut |