sc_pkcs15_compute_signature(3)

NAME

sc_pkcs15_compute_signature - compute digitial signature

SYNOPSIS

#include <opensc.h>
int   sc_pkcs15_compute_signature(struct    sc_pkcs15_card
*p15card,
                   const struct sc_pkcs15_object *obj,
                   unsigned  long  flags,  const  u8  *in,
size_t inlen,
                   u8 *out, size_t outlen);

DESCRIPTION

This function digitally signs the data pointed to by in,
using the key identified by obj, and places the resulting
signature in the buffer pointed to by out. The signature
operation will be performed on the smart card identified
by p15card.

Currently, only RSA signatures are supported.

The flags argument provides additional information on how
the signature is to be computed. In particular, it speci
fies how the input data should be padded:

SC_ALGORITHM_RSA_RAW
requests that the card should sign the provided
data as-is. The length of the input data must
match the modulus length of the key.
SC_ALGORITHM_RSA_PAD_PKCS1
requests that the card should sign the provided
data, padding it according to the padding algorithm
specified in PKCS#1.
The input data must be the output of a digest
(hash) function. As PKCS#1 padding includes an
identifier of the hash algorithm used, the flags
argument must indicate the hash algorithm used, by
ORing SC_ALGORITHM_RSA_PAD_PKCS1 with one of the following values: SC_ALGORITHM_RSA_HASH_MD5, SC_ALGORITHM_RSA_HASH_SHA1, SC_ALGO RITHM_RSA_HASH_RIPEMD160, or SC_ALGO RITHM_RSA_HASH_MD5_SHA1.
In any of these cases, the length of the input data
must match the digest length of the hash algorithm.
SC_ALGORITHM_RSA_PAD_ANSI
requests that the card should use ANSI padding when
signing the provided data.
SC_ALGORITHM_RSA_PAD_ISO9796
requests that the card should use ISO 9796 padding
when signing the provided data.

Card Driver Considerations

Depending on the card's capabilities, sc_pkcs15_com pute_signature is able to process the provided data so that it is in a form suitable for the card. For instance,
if a smart card supports raw RSA only, the function will
have to add the required padding before passing it to the
card driver. Conversely, an error should be returned if
the card supports only PKCS#1 padding with a specific set
of hash algorithms.

RETURN VALUE

If an error occurred, a negative error code is returned,
as described in sc_error(3). Otherwise, the function will
return the size of the signature.

SEE ALSO

sc_pkcs15_decipher(3), sc_compute_signature(3).

AUTHOR

This manual page was written by Olaf Kirch <okir@suse.de>

OpenSC Programmer's Manual July 20sc_pkcs15_compute_signature(3)

Copyright © 2010-2025 Platon Technologies, s.r.o.           Home | Man pages | tLDP | Documents | Utilities | About
Design by styleshout