diff options
author | schwarze <> | 2016-11-03 09:35:34 +0000 |
---|---|---|
committer | schwarze <> | 2016-11-03 09:35:34 +0000 |
commit | 4d607f17ea3eb38ed9f7703afd423f6055c686d4 (patch) | |
tree | 58d82d0d7f6aeee380eaadbcfaa231ecbe6b90a0 /src/lib/libcrypto/man/EVP_PKEY_verify_recover.3 | |
parent | cf67afe5881727d740e9f6c772aa478123f7d698 (diff) | |
download | openbsd-4d607f17ea3eb38ed9f7703afd423f6055c686d4.tar.gz openbsd-4d607f17ea3eb38ed9f7703afd423f6055c686d4.tar.bz2 openbsd-4d607f17ea3eb38ed9f7703afd423f6055c686d4.zip |
convert EVP manuals from pod to mdoc
Diffstat (limited to 'src/lib/libcrypto/man/EVP_PKEY_verify_recover.3')
-rw-r--r-- | src/lib/libcrypto/man/EVP_PKEY_verify_recover.3 | 131 |
1 files changed, 131 insertions, 0 deletions
diff --git a/src/lib/libcrypto/man/EVP_PKEY_verify_recover.3 b/src/lib/libcrypto/man/EVP_PKEY_verify_recover.3 new file mode 100644 index 0000000000..fc26152ae6 --- /dev/null +++ b/src/lib/libcrypto/man/EVP_PKEY_verify_recover.3 | |||
@@ -0,0 +1,131 @@ | |||
1 | .Dd $Mdocdate: November 3 2016 $ | ||
2 | .Dt EVP_PKEY_VERIFY_RECOVER 3 | ||
3 | .Os | ||
4 | .Sh NAME | ||
5 | .Nm EVP_PKEY_verify_recover_init , | ||
6 | .Nm EVP_PKEY_verify_recover | ||
7 | .Nd recover signature using a public key algorithm | ||
8 | .Sh SYNOPSIS | ||
9 | .In openssl/evp.h | ||
10 | .Ft int | ||
11 | .Fo EVP_PKEY_verify_recover_init | ||
12 | .Fa "EVP_PKEY_CTX *ctx" | ||
13 | .Fc | ||
14 | .Ft int | ||
15 | .Fo EVP_PKEY_verify_recover | ||
16 | .Fa "EVP_PKEY_CTX *ctx" | ||
17 | .Fa "unsigned char *rout" | ||
18 | .Fa "size_t *routlen" | ||
19 | .Fa "const unsigned char *sig" | ||
20 | .Fa "size_t siglen" | ||
21 | .Fc | ||
22 | .Sh DESCRIPTION | ||
23 | The | ||
24 | .Fn EVP_PKEY_verify_recover_init | ||
25 | function initializes a public key algorithm context using key | ||
26 | .Fa ctx->pkey | ||
27 | for a verify recover operation. | ||
28 | .Pp | ||
29 | The | ||
30 | .Fn EVP_PKEY_verify_recover | ||
31 | function recovers signed data using | ||
32 | .Fa ctx . | ||
33 | The signature is specified using the | ||
34 | .Fa sig | ||
35 | and | ||
36 | .Fa siglen | ||
37 | parameters. | ||
38 | If | ||
39 | .Fa rout | ||
40 | is | ||
41 | .Dv NULL , | ||
42 | then the maximum size of the output buffer is written to the | ||
43 | .Fa routlen | ||
44 | parameter. | ||
45 | If | ||
46 | .Fa rout | ||
47 | is not | ||
48 | .Dv NULL , | ||
49 | then before the call the | ||
50 | .Fa routlen | ||
51 | parameter should contain the length of the | ||
52 | .Fa rout | ||
53 | buffer. | ||
54 | If the call is successful, recovered data is written to | ||
55 | .Fa rout | ||
56 | and the amount of data written to | ||
57 | .Fa routlen . | ||
58 | .Pp | ||
59 | Normally an application is only interested in whether a signature | ||
60 | verification operation is successful. | ||
61 | In those cases, the | ||
62 | .Xr EVP_verify 3 | ||
63 | function should be used. | ||
64 | .Pp | ||
65 | Sometimes however it is useful to obtain the data originally signed | ||
66 | using a signing operation. | ||
67 | Only certain public key algorithms can recover a signature in this way | ||
68 | (for example RSA in PKCS padding mode). | ||
69 | .Pp | ||
70 | After the call to | ||
71 | .Fn EVP_PKEY_verify_recover_init , | ||
72 | algorithm specific control operations can be performed to set any | ||
73 | appropriate parameters for the operation. | ||
74 | .Pp | ||
75 | The function | ||
76 | .Fn EVP_PKEY_verify_recover | ||
77 | can be called more than once on the same context if several operations | ||
78 | are performed using the same parameters. | ||
79 | .Sh RETURN VALUES | ||
80 | .Fn EVP_PKEY_verify_recover_init | ||
81 | and | ||
82 | .Fn EVP_PKEY_verify_recover | ||
83 | return 1 for success and 0 or a negative value for failure. | ||
84 | In particular, a return value of -2 indicates the operation is not | ||
85 | supported by the public key algorithm. | ||
86 | .Sh EXAMPLES | ||
87 | Recover digest originally signed using PKCS#1 and SHA256 digest: | ||
88 | .Bd -literal | ||
89 | #include <openssl/evp.h> | ||
90 | #include <openssl/rsa.h> | ||
91 | |||
92 | EVP_PKEY_CTX *ctx; | ||
93 | unsigned char *rout, *sig; | ||
94 | size_t routlen, siglen; | ||
95 | EVP_PKEY *verify_key; | ||
96 | /* NB: assumes verify_key, sig and siglen are already set up | ||
97 | * and that verify_key is an RSA public key | ||
98 | */ | ||
99 | ctx = EVP_PKEY_CTX_new(verify_key); | ||
100 | if (!ctx) | ||
101 | /* Error occurred */ | ||
102 | if (EVP_PKEY_verify_recover_init(ctx) <= 0) | ||
103 | /* Error */ | ||
104 | if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0) | ||
105 | /* Error */ | ||
106 | if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) <= 0) | ||
107 | /* Error */ | ||
108 | |||
109 | /* Determine buffer length */ | ||
110 | if (EVP_PKEY_verify_recover(ctx, NULL, &routlen, sig, siglen) <= 0) | ||
111 | /* Error */ | ||
112 | |||
113 | rout = malloc(routlen); | ||
114 | |||
115 | if (!rout) | ||
116 | /* malloc failure */ | ||
117 | |||
118 | if (EVP_PKEY_verify_recover(ctx, rout, &routlen, sig, siglen) <= 0) | ||
119 | /* Error */ | ||
120 | |||
121 | /* Recovered data is routlen bytes written to buffer rout */ | ||
122 | .Ed | ||
123 | .Sh SEE ALSO | ||
124 | .Xr EVP_PKEY_CTX_new 3 , | ||
125 | .Xr EVP_PKEY_encrypt 3 , | ||
126 | .Xr EVP_PKEY_decrypt 3 , | ||
127 | .Xr EVP_PKEY_sign 3 , | ||
128 | .Xr EVP_PKEY_verify 3 , | ||
129 | .Xr EVP_PKEY_derive 3 | ||
130 | .Sh HISTORY | ||
131 | These functions were first added to OpenSSL 1.0.0. | ||