SIG_ function
The signature functions SIG_Sign* and SIG_Verify*
allow the signature algorithm to be specified either by a szAlgName string or by using a flag in nOptions.
If the szAlgName contains a non-empty string, then its value is used and overrides any signature algorithm flag in
nOptions.
If szAlgName is empty ("") then the PKI_SIG_ flag in nOptions is used.
| szAlgName | Equivalent nOptions flag |
|---|---|
| "sha1WithRSAEncryption" or "RSA-SHA1" (default) | PKI_SIG_RSA_SHA1 (0) |
| "sha224WithRSAEncryption" or "RSA-SHA224" | PKI_SIG_RSA_SHA224 |
| "sha256WithRSAEncryption" or "RSA-SHA256" | PKI_SIG_RSA_SHA256 |
| "sha384WithRSAEncryption" or "RSA-SHA384" | PKI_SIG_RSA_SHA384 |
| "sha512WithRSAEncryption" or "RSA-SHA512" | PKI_SIG_RSA_SHA512 |
| "md5WithRSAEncryption" or "RSA-MD5" | PKI_SIG_RSA_MD5 |
| "ecdsaWithSHA1" or "ECDSA-SHA1" | PKI_SIG_ECDSA_SHA1 |
| "ecdsaWithSHA224" or "ECDSA-SHA224" | PKI_SIG_ECDSA_SHA224 |
| "ecdsaWithSHA256" or "ECDSA-SHA256" | PKI_SIG_ECDSA_SHA256 |
| "ecdsaWithSHA384" or "ECDSA-SHA384" | PKI_SIG_ECDSA_SHA384 |
| "ecdsaWithSHA512" or "ECDSA-SHA512" | PKI_SIG_ECDSA_SHA512 |
| "RSA-PSS-SHA1" | PKI_SIG_RSA_PSS_SHA1 |
| "RSA-PSS-SHA224" | PKI_SIG_RSA_PSS_SHA224 |
| "RSA-PSS-SHA256" | PKI_SIG_RSA_PSS_SHA256 |
| "RSA-PSS-SHA384" | PKI_SIG_RSA_PSS_SHA384 |
| "RSA-PSS-SHA512" | PKI_SIG_RSA_PSS_SHA512 |
| "Ed25519" | PKI_SIG_ED25519 |
| "Ed448" | PKI_SIG_ED448 |
Note that the combination szAlgName="" and nOptions=0 results in the default
"sha1WithRSAEncryption".