"rsa->meth->rsa_sign" method in Openssl 1.1.1g
matt at openssl.org
Wed Jul 22 08:18:01 UTC 2020
On 21/07/2020 20:19, prudvi raj wrote:
> While upgrading to openssl 1.1.1 from 1.0.2k .
> I came across this code snippet :
> if (rsa->flags & RSA_FLAG_SIGN_VER)
> return rsa->meth->rsa_sign (type, m, lLen, sigret, siglen, rsa);
> From Docs :
> Enhance RSA_METHOD structure. Now there are two extra methods, rsa_sign
> and rsa_verify. When the RSA_FLAGS_SIGN_VER option is set these
> functions will be called when RSA_sign() and RSA_verify() are used.
> * New sign and verify functions: some libraries don't allow arbitrary
> * data to be signed/verified: this allows them to be used. Note: for
> * this to work the RSA_public_decrypt() and RSA_private_encrypt()
> should * *NOT* be used RSA_sign(), RSA_verify() should be used instead.
> In Latest Openssl 1.1.1 :
> -- RSA_FLAG_SIGN_VER is not required . To get flags : RSA_flags(rsa).
> -- "struct rsa_meth_st" has "rsa_sign" declared as a function pointer
> . I cannot find any actual function definition that the above
> "meth->rsa_sign " might point to , which can be called as this forward
> declaration is not allowed anymore . Maybe "RSA_sign()" ??
No need to check the flag. Just call RSA_sign().
More information about the openssl-users