fn sign<R: CryptoRngCore + ?Sized>(
rng: Option<&mut R>,
priv_key: &RsaPrivateKey,
prefix: &[u8],
hashed: &[u8],
) -> Result<Vec<u8>>Expand description
Calculates the signature of hashed using
RSASSA-PKCS1-V1_5-SIGN from RSA PKCS#1 v1.5. Note that hashed must
be the result of hashing the input message using the given hash
function. If hash is None, hashed is signed directly. This isn’t
advisable except for interoperability.
If rng is not None then RSA blinding will be used to avoid timing
side-channel attacks.
This function is deterministic. Thus, if the set of possible messages is small, an attacker may be able to build a map from messages to signatures and identify the signed messages. As ever, signatures provide authenticity, not confidentiality.