summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/man/EVP_PKEY_verify_recover.3
diff options
context:
space:
mode:
authorschwarze <>2016-11-03 09:35:34 +0000
committerschwarze <>2016-11-03 09:35:34 +0000
commit4d607f17ea3eb38ed9f7703afd423f6055c686d4 (patch)
tree58d82d0d7f6aeee380eaadbcfaa231ecbe6b90a0 /src/lib/libcrypto/man/EVP_PKEY_verify_recover.3
parentcf67afe5881727d740e9f6c772aa478123f7d698 (diff)
downloadopenbsd-4d607f17ea3eb38ed9f7703afd423f6055c686d4.tar.gz
openbsd-4d607f17ea3eb38ed9f7703afd423f6055c686d4.tar.bz2
openbsd-4d607f17ea3eb38ed9f7703afd423f6055c686d4.zip
convert EVP manuals from pod to mdoc
Diffstat (limited to 'src/lib/libcrypto/man/EVP_PKEY_verify_recover.3')
-rw-r--r--src/lib/libcrypto/man/EVP_PKEY_verify_recover.3131
1 files changed, 131 insertions, 0 deletions
diff --git a/src/lib/libcrypto/man/EVP_PKEY_verify_recover.3 b/src/lib/libcrypto/man/EVP_PKEY_verify_recover.3
new file mode 100644
index 0000000000..fc26152ae6
--- /dev/null
+++ b/src/lib/libcrypto/man/EVP_PKEY_verify_recover.3
@@ -0,0 +1,131 @@
1.Dd $Mdocdate: November 3 2016 $
2.Dt EVP_PKEY_VERIFY_RECOVER 3
3.Os
4.Sh NAME
5.Nm EVP_PKEY_verify_recover_init ,
6.Nm EVP_PKEY_verify_recover
7.Nd recover signature using a public key algorithm
8.Sh SYNOPSIS
9.In openssl/evp.h
10.Ft int
11.Fo EVP_PKEY_verify_recover_init
12.Fa "EVP_PKEY_CTX *ctx"
13.Fc
14.Ft int
15.Fo EVP_PKEY_verify_recover
16.Fa "EVP_PKEY_CTX *ctx"
17.Fa "unsigned char *rout"
18.Fa "size_t *routlen"
19.Fa "const unsigned char *sig"
20.Fa "size_t siglen"
21.Fc
22.Sh DESCRIPTION
23The
24.Fn EVP_PKEY_verify_recover_init
25function initializes a public key algorithm context using key
26.Fa ctx->pkey
27for a verify recover operation.
28.Pp
29The
30.Fn EVP_PKEY_verify_recover
31function recovers signed data using
32.Fa ctx .
33The signature is specified using the
34.Fa sig
35and
36.Fa siglen
37parameters.
38If
39.Fa rout
40is
41.Dv NULL ,
42then the maximum size of the output buffer is written to the
43.Fa routlen
44parameter.
45If
46.Fa rout
47is not
48.Dv NULL ,
49then before the call the
50.Fa routlen
51parameter should contain the length of the
52.Fa rout
53buffer.
54If the call is successful, recovered data is written to
55.Fa rout
56and the amount of data written to
57.Fa routlen .
58.Pp
59Normally an application is only interested in whether a signature
60verification operation is successful.
61In those cases, the
62.Xr EVP_verify 3
63function should be used.
64.Pp
65Sometimes however it is useful to obtain the data originally signed
66using a signing operation.
67Only certain public key algorithms can recover a signature in this way
68(for example RSA in PKCS padding mode).
69.Pp
70After the call to
71.Fn EVP_PKEY_verify_recover_init ,
72algorithm specific control operations can be performed to set any
73appropriate parameters for the operation.
74.Pp
75The function
76.Fn EVP_PKEY_verify_recover
77can be called more than once on the same context if several operations
78are performed using the same parameters.
79.Sh RETURN VALUES
80.Fn EVP_PKEY_verify_recover_init
81and
82.Fn EVP_PKEY_verify_recover
83return 1 for success and 0 or a negative value for failure.
84In particular, a return value of -2 indicates the operation is not
85supported by the public key algorithm.
86.Sh EXAMPLES
87Recover digest originally signed using PKCS#1 and SHA256 digest:
88.Bd -literal
89#include <openssl/evp.h>
90#include <openssl/rsa.h>
91
92EVP_PKEY_CTX *ctx;
93unsigned char *rout, *sig;
94size_t routlen, siglen;
95EVP_PKEY *verify_key;
96/* NB: assumes verify_key, sig and siglen are already set up
97 * and that verify_key is an RSA public key
98 */
99ctx = EVP_PKEY_CTX_new(verify_key);
100if (!ctx)
101 /* Error occurred */
102if (EVP_PKEY_verify_recover_init(ctx) <= 0)
103 /* Error */
104if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0)
105 /* Error */
106if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) <= 0)
107 /* Error */
108
109/* Determine buffer length */
110if (EVP_PKEY_verify_recover(ctx, NULL, &routlen, sig, siglen) <= 0)
111 /* Error */
112
113rout = malloc(routlen);
114
115if (!rout)
116 /* malloc failure */
117
118if (EVP_PKEY_verify_recover(ctx, rout, &routlen, sig, siglen) <= 0)
119 /* Error */
120
121/* Recovered data is routlen bytes written to buffer rout */
122.Ed
123.Sh SEE ALSO
124.Xr EVP_PKEY_CTX_new 3 ,
125.Xr EVP_PKEY_encrypt 3 ,
126.Xr EVP_PKEY_decrypt 3 ,
127.Xr EVP_PKEY_sign 3 ,
128.Xr EVP_PKEY_verify 3 ,
129.Xr EVP_PKEY_derive 3
130.Sh HISTORY
131These functions were first added to OpenSSL 1.0.0.