As I understand, signing a message means getting its hash/digest and then encrypting the digest with your private key. So I would assume that RSA_sign would take as parameter the message, the hash algorithm ID and the private key.
However, according to the documentation of RSA_sign (3), it takes the digest itself rather than the message. So I should compute the digest myself, using whatever hash algorithm, and then pass both the algorithm ID and the digest to RSA_sign? Then why does it need the algorithm identifier if I have hashed it already? And what's the difference between RSA_sign and RSA_private_encrypt then? Thanks for any help Judith ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
