[openssl-users] Need help for porting RSA_verify

Michael Wojcik Michael.Wojcik at microfocus.com
Wed Sep 26 15:35:16 UTC 2018

> From: openssl-users [mailto:openssl-users-bounces at openssl.org] On Behalf Of Prajapati, Amit
> Sent: Wednesday, September 26, 2018 02:03

> For one of my application I am trying to port “RSA_verify()”(crypto/rsa/rsa_sign.c) function from
> openssl for verification of the signature.

What do you mean by "port"? Are you trying to extract the relevant code from the OpenSSL source and incorporate it into your application? If so, you're Doing It Wrong. Don't try to do that. Link with OpenSSL (or at least libcrypto) and call the public OpenSSL APIs you need.

> While compilation I am not able to find the definition of “d2i_X509_SIG()” and “X509_SIG_free()”
>  functions which is called from the “int_rsa_verify()”.

Probably because they're defined using macros.

You haven't told us what OpenSSL version you're looking at (next time, please think about what information might be needed by the people who could answer your question), but if it's the 1.0.2 series, d2i_X509_SIG is defined in crypto/asn1/asn1t.h, for example. It's defined using a token-pasting macro, so search for "d2i_##".

But trying to lift this code out of the OpenSSL source will be an exercise in frustration, and if you ever got something to compile, likely a disaster. Do not attempt to create your own cryptography implementation, even using pieces of someone else's.

> I tried to find it in google but I am getting only openssl man pages.

Yes, because OpenSSL provides an API for applications. Use it.

> Any other suggestions for porting RSA_verify will also be welcomed.

Don't. Use OpenSSL properly instead.

Michael Wojcik
Distinguished Engineer, Micro Focus

More information about the openssl-users mailing list