NAME

rsa_util_sign, rsa_util_verify, rsa_util_verify_priv — RSA digital signature routines

LIBRARY

PDEL Library (libpdel, -lpdel)

SYNOPSIS

#include <sys/types.h>
#include <pdel/util/rsa_util.h>

int
rsa_util_sign(const char *privkeyfile, const u_char *md5, u_char *sig, size_t siglen);

int
rsa_util_verify(const char *pubkeyfile, const u_char *md5, const u_char *sig, size_t siglen);

int
rsa_util_verify_priv(const char *privkeyfile, const u_char *md5, const u_char *sig, size_t siglen);

DESCRIPTION

These routines are convenience wrappers around the OpenSSL crypto library for creating and verifying RSA digital signatures. They use the md5(3) hash of the original document for the actual signing operation.

rsa_util_sign() creates a digital signature. privkeyfile is the pathname of the private key file (which must be unencrypted). md5 is the hash of the document to be signed. sig points to a buffer of at least 128 bytes. siglen is the size of the buffer. rsa_util_sign() returns the length of the resulting signature, or -1 (with errno set) if there was an error.

rsa_util_verify() verifies a digital signature. pubkeyfile is the pathname of the public key file. md5 is the hash of the document to be signed. sig points to the signature to verify, having length siglen. rsa_util_verify() returns 1 if the signature is valid, otherwise 0.

rsa_util_verify_priv() functions exactly like rsa_util_verify() except that the private key file (which also contains the public key) is passed as the first argument.

EXAMPLES

To create a new RSA private key:

openssl genrsa -rand /dev/random -out mykey.key 1024

openssl rsa -in mykey.key -text -noout

openssl rsa -in mykey.key -pubout -out mykey.pub

openssl rsa -pubin -in mykey.pub -text -noout

SEE ALSO

openssl(1), md5(3), libpdel(3)

HISTORY

The PDEL library was developed at Packet Design, LLC. http://www.packetdesign.com/

AUTHORS

Archie Cobbs ⟨archie@freebsd.org⟩