RSA_sign, RSA_verify - RSA signatures

#include <openssl/rsa.h>

int RSA_sign(int type, const unsigned char *m, unsigned int m_len, unsigned char *sigret, unsigned int *siglen, RSA *rsa);

int RSA_verify(int type, const unsigned char *m, unsigned int m_len, unsigned char *sigbuf, unsigned int siglen, RSA *rsa);

`RSA_sign()`

signs the message digest **m** of size **m_len** using the
private key **rsa** as specified in PKCS #1 v2.0. It stores the
signature in **sigret** and the signature size in **siglen**. **sigret**
must point to RSA_size(**rsa**) bytes of memory.
Note that PKCS #1 adds meta-data, placing limits on the size of the
key that can be used.
See RSA_private_encrypt for lower-level
operations.

**type** denotes the message digest algorithm that was used to generate
**m**. It usually is one of **NID_sha1**, **NID_ripemd160** and **NID_md5**;
see *objects* for details. If **type** is **NID_md5_sha1**,
an SSL signature (MD5 and SHA1 message digests with PKCS #1 padding
and no algorithm identifier) is created.

`RSA_verify()`

verifies that the signature **sigbuf** of size **siglen**
matches a given message digest **m** of size **m_len**. **type** denotes
the message digest algorithm that was used to generate the signature.
**rsa** is the signer's public key.

`RSA_sign()`

returns 1 on success, 0 otherwise. `RSA_verify()`

returns 1
on successful verification, 0 otherwise.

The error codes can be obtained by ERR_get_error.

Certain signatures with an improper algorithm identifier are accepted for compatibility with SSLeay 0.4.5 :-)

SSL, PKCS #1 v2.0

ERR_get_error, *objects*,
rsa, RSA_private_encrypt,
*RSA_public_decrypt*

`RSA_sign()`

and `RSA_verify()`

are available in all versions of SSLeay
and OpenSSL.