On 21/07/2020 20:19, prudvi raj wrote: > > While upgrading to openssl 1.1.1 from 1.0.2k . > I came across this code snippet : > if (rsa->flags & RSA_FLAG_SIGN_VER) > return rsa->meth->rsa_sign (type, m, lLen, sigret, siglen, rsa); > > From Docs : > Enhance RSA_METHOD structure. Now there are two extra methods, rsa_sign > and rsa_verify. When the RSA_FLAGS_SIGN_VER option is set these > functions will be called when RSA_sign() and RSA_verify() are used. > /* > * New sign and verify functions: some libraries don't allow arbitrary > * data to be signed/verified: this allows them to be used. Note: for > * this to work the RSA_public_decrypt() and RSA_private_encrypt() > should * *NOT* be used RSA_sign(), RSA_verify() should be used instead. > */ > > In Latest Openssl 1.1.1 : > -- RSA_FLAG_SIGN_VER is not required . To get flags : RSA_flags(rsa). > -- "struct rsa_meth_st" has "rsa_sign" declared as a function pointer > . I cannot find any actual function definition that the above > "meth->rsa_sign " might point to , which can be called as this forward > declaration is not allowed anymore . Maybe "RSA_sign()" ?? No need to check the flag. Just call RSA_sign(). Matt
