EVP_SIGNATURE-RSA.7ossl - Man Page

The EVP_PKEY RSA signature implementation


Support for computing RSA signatures. See EVP_PKEY-RSA(7) for information related to RSA keys.

Signature Parameters

The following signature parameters can be set using EVP_PKEY_CTX_set_params(). This may be called after EVP_PKEY_sign_init() or EVP_PKEY_verify_init(), and before calling EVP_PKEY_sign() or EVP_PKEY_verify().


These common parameters are described in provider-signature(7).

“pad-mode” (OSSL_SIGNATURE_PARAM_PAD_MODE) <UTF8 string>

The type of padding to be used. Its value can be one of the following:





“mgf1-digest” (OSSL_SIGNATURE_PARAM_MGF1_DIGEST) <UTF8 string>

The digest algorithm name to use for the maskGenAlgorithm used by “pss” mode.

“mgf1-properties” (OSSL_SIGNATURE_PARAM_MGF1_PROPERTIES) <UTF8 string>

Sets the name of the property query associated with the “mgf1-digest” algorithm. NULL is used if this optional value is not set.

“pss-saltlen” (OSSL_SIGNATURE_PARAM_PSS_SALTLEN) <UTF8 string>

Set or get the “pss” mode minimum salt length. The value can either be a string value representing a number or one of the following:


Use the same length as the digest size.


Use the maximum salt length.


Auto detect the salt length.

The following signature parameters can be retrieved using EVP_PKEY_CTX_get_params().

“algorithm-id” (OSSL_SIGNATURE_PARAM_ALGORITHM_ID) <octet string>

This common parameter is described in provider-signature(7).

“pad-mode” (OSSL_SIGNATURE_PARAM_PAD_MODE) <UTF8 string>
“mgf1-digest” (OSSL_SIGNATURE_PARAM_MGF1_DIGEST) <UTF8 string>

These parameters are as described above.

See Also

EVP_PKEY_CTX_set_params(3), EVP_PKEY_sign(3), EVP_PKEY_verify(3), provider-signature(7),

Referenced By

migration_guide.7ossl(7), OSSL_PROVIDER-default.7ossl(7), OSSL_PROVIDER-FIPS.7ossl(7).

2021-09-09 3.0.0 OpenSSL