NAME
RSA_private_encrypt,
RSA_public_decrypt —
low level signature
operations
SYNOPSIS
/* -lcrypto */
#include <openssl/rsa.h>
int
RSA_private_encrypt(int flen,
const unsigned char *from, unsigned
char *to, RSA *rsa, int
padding);
int
RSA_public_decrypt(int flen,
const unsigned char *from, unsigned
char *to, RSA *rsa, int
padding);
DESCRIPTION
These functions handle RSA signatures at a low level.
RSA_private_encrypt()
signs the flen bytes at from
(usually a message digest with an algorithm identifier) using the private
key rsa and stores the signature in
to. to must point to
RSA_size(rsa)
bytes of memory.
padding denotes one of the following modes:
RSA_PKCS1_PADDING- PKCS #1 v1.5 padding. This function does not handle the algorithmIdentifier specified in PKCS #1. When generating or verifying PKCS #1 signatures, RSA_sign(3) and RSA_verify(3) should be used.
RSA_NO_PADDING- Raw RSA signature. This mode should only be used to implement cryptographically sound padding modes in the application code. Signing user data directly with RSA is insecure.
RSA_public_decrypt()
recovers the message digest from the flen bytes long
signature at from using the signer's public key
rsa. to must point to a memory
section large enough to hold the message digest (which is smaller than
RSA_size(rsa)
- 11). padding is the padding mode that was used to
sign the data.
RETURN VALUES
RSA_private_encrypt() returns the size of
the signature (i.e.
RSA_size(rsa)).
RSA_public_decrypt() returns the size of the
recovered message digest.
On error, -1 is returned; the error codes can be obtained by ERR_get_error(3).
SEE ALSO
RSA_meth_set_priv_enc(3), RSA_new(3), RSA_sign(3), RSA_verify(3)
HISTORY
RSA_private_encrypt() and
RSA_public_decrypt() appeared in SSLeay 0.4 or
earlier and have been available since OpenBSD
2.4.
RSA_NO_PADDING is available since SSLeay
0.9.0.