1 files changed, 167 insertions, 0 deletions
diff --git a/src/lib/libcrypto/man/EVP_SignInit.3 b/src/lib/libcrypto/man/EVP_SignInit.3
new file mode 100644
index 0000000000..22f81148a2
--- /dev/null
+++ b/src/lib/libcrypto/man/EVP_SignInit.3
@@ -0,0 +1,167 @@
+.Dd $Mdocdate: November 3 2016 $
+.Dt EVP_SIGNINIT 3
+.Os
+.Sh NAME
+.Nm EVP_SignInit ,
+.Nm EVP_SignUpdate ,
+.Nm EVP_SignFinal ,
+.Nm EVP_PKEY_size
+.Nd EVP signing functions
+.Sh SYNOPSIS
+.In openssl/evp.h
+.Ft int
+.Fo EVP_SignInit_ex
+.Fa "EVP_MD_CTX *ctx"
+.Fa "const EVP_MD *type"
+.Fa "ENGINE *impl"
+.Fc
+.Ft int
+.Fo EVP_SignUpdate
+.Fa "EVP_MD_CTX *ctx"
+.Fa "const void *d"
+.Fa "unsigned int cnt"
+.Fc
+.Ft int
+.Fo EVP_SignFinal
+.Fa "EVP_MD_CTX *ctx"
+.Fa "unsigned char *sig"
+.Fa "unsigned int *s"
+.Fa "EVP_PKEY *pkey"
+.Fc
+.Ft void
+.Fo EVP_SignInit
+.Fa "EVP_MD_CTX *ctx"
+.Fa "const EVP_MD *type"
+.Fc
+.Ft int
+.Fo EVP_PKEY_size
+.Fa "EVP_PKEY *pkey"
+.Fc
+.Sh DESCRIPTION
+The EVP signature routines are a high level interface to digital
+signatures.
+.Pp
+.Fn EVP_SignInit_ex
+sets up a signing context
+.Fa ctx
+to use the digest
+.Fa type
+from
+.Vt ENGINE
+.Fa impl .
+.Fa ctx
+must be initialized with
+.Xr EVP_MD_CTX_init 3
+before calling this function.
+.Pp
+.Fn EVP_SignUpdate
+hashes
+.Fa cnt
+bytes of data at
+.Fa d
+into the signature context
+.Fa ctx .
+This function can be called several times on the same
+.Fa ctx
+to include additional data.
+.Pp
+.Fn EVP_SignFinal
+signs the data in
+.Fa ctx
+using the private key
+.Fa pkey
+and places the signature in
+.Fa sig .
+.Fa sig
+must be at least
+.Fn EVP_PKEY_size pkey
+bytes in size.
+.Fa s
+is an OUT parameter, and not used as an IN parameter.
+The number of bytes of data written (i.e.
+the length of the signature) will be written to the integer at
+.Fa s .
+At most
+.Fn EVP_PKEY_size pkey
+bytes will be written.
+.Pp
+.Fn EVP_SignInit
+initializes a signing context
+.Fa ctx
+to use the default implementation of digest
+.Fa type .
+.Pp
+.Fn EVP_PKEY_size
+returns the maximum size of a signature in bytes.
+The actual signature returned by
+.Fn EVP_SignFinal
+may be smaller.
+.Pp
+The EVP interface to digital signatures should almost always be
+used in preference to the low level interfaces.
+This is because the code then becomes transparent to the algorithm used
+and much more flexible.
+.Pp
+Due to the link between message digests and public key algorithms the
+correct digest algorithm must be used with the correct public key type.
+A list of algorithms and associated public key algorithms appears in
+.Xr EVP_DigestInit 3 .
+.Pp
+The call to
+.Fn EVP_SignFinal
+internally finalizes a copy of the digest context.
+This means that calls to
+.Fn EVP_SignUpdate
+and
+.Fn EVP_SignFinal
+can be called later to digest and sign additional data.
+.Pp
+Since only a copy of the digest context is ever finalized, the context
+must be cleaned up after use by calling
+.Xr EVP_MD_CTX_cleanup 3
+or a memory leak will occur.
+.Sh RETURN VALUES
+.Fn EVP_SignInit_ex ,
+.Fn EVP_SignUpdate ,
+and
+.Fn EVP_SignFinal
+return 1 for success and 0 for failure.
+.Pp
+.Fn EVP_PKEY_size
+returns the maximum size of a signature in bytes.
+.Pp
+The error codes can be obtained by
+.Xr ERR_get_error 3 .
+.Sh SEE ALSO
+.Xr ERR 3 ,
+.Xr evp 3 ,
+.Xr EVP_DigestInit 3 ,
+.Xr EVP_VerifyInit 3
+.Sh HISTORY
+.Fn EVP_SignInit ,
+.Fn EVP_SignUpdate ,
+and
+.Fn EVP_SignFinal
+are available in all versions of SSLeay and OpenSSL.
+.Pp
+.Fn EVP_SignInit_ex
+was added in OpenSSL 0.9.7.
+.Sh BUGS
+Older versions of this documentation wrongly stated that calls to
+.Fn EVP_SignUpdate
+could not be made after calling
+.Fn EVP_SignFinal .
+.Pp
+Since the private key is passed in the call to
+.Fn EVP_SignFinal
+any error relating to the private key (for example an unsuitable key and
+digest combination) will not be indicated until after potentially large
+amounts of data have been passed through
+.Fn EVP_SignUpdate .
+.Pp
+It is not possible to change the signing parameters using these
+function.
+.Pp
+The previous two bugs are fixed in the newer
+.Xr EVP_SignDigest* 3
+function.

diff --git a/src/lib/libcrypto/man/EVP_SignInit.3 b/src/lib/libcrypto/man/EVP_SignInit.3 new file mode 100644 index 0000000000..22f81148a2 --- /dev/null +++ b/src/lib/libcrypto/man/EVP_SignInit.3
@@ -0,0 +1,167 @@
	1	.Dd $Mdocdate: November 3 2016 $
	2	.Dt EVP_SIGNINIT 3
	3	.Os
	4	.Sh NAME
	5	.Nm EVP_SignInit ,
	6	.Nm EVP_SignUpdate ,
	7	.Nm EVP_SignFinal ,
	8	.Nm EVP_PKEY_size
	9	.Nd EVP signing functions
	10	.Sh SYNOPSIS
	11	.In openssl/evp.h
	12	.Ft int
	13	.Fo EVP_SignInit_ex
	14	.Fa "EVP_MD_CTX *ctx"
	15	.Fa "const EVP_MD *type"
	16	.Fa "ENGINE *impl"
	17	.Fc
	18	.Ft int
	19	.Fo EVP_SignUpdate
	20	.Fa "EVP_MD_CTX *ctx"
	21	.Fa "const void *d"
	22	.Fa "unsigned int cnt"
	23	.Fc
	24	.Ft int
	25	.Fo EVP_SignFinal
	26	.Fa "EVP_MD_CTX *ctx"
	27	.Fa "unsigned char *sig"
	28	.Fa "unsigned int *s"
	29	.Fa "EVP_PKEY *pkey"
	30	.Fc
	31	.Ft void
	32	.Fo EVP_SignInit
	33	.Fa "EVP_MD_CTX *ctx"
	34	.Fa "const EVP_MD *type"
	35	.Fc
	36	.Ft int
	37	.Fo EVP_PKEY_size
	38	.Fa "EVP_PKEY *pkey"
	39	.Fc
	40	.Sh DESCRIPTION
	41	The EVP signature routines are a high level interface to digital
	42	signatures.
	43	.Pp
	44	.Fn EVP_SignInit_ex
	45	sets up a signing context
	46	.Fa ctx
	47	to use the digest
	48	.Fa type
	49	from
	50	.Vt ENGINE
	51	.Fa impl .
	52	.Fa ctx
	53	must be initialized with
	54	.Xr EVP_MD_CTX_init 3
	55	before calling this function.
	56	.Pp
	57	.Fn EVP_SignUpdate
	58	hashes
	59	.Fa cnt
	60	bytes of data at
	61	.Fa d
	62	into the signature context
	63	.Fa ctx .
	64	This function can be called several times on the same
	65	.Fa ctx
	66	to include additional data.
	67	.Pp
	68	.Fn EVP_SignFinal
	69	signs the data in
	70	.Fa ctx
	71	using the private key
	72	.Fa pkey
	73	and places the signature in
	74	.Fa sig .
	75	.Fa sig
	76	must be at least
	77	.Fn EVP_PKEY_size pkey
	78	bytes in size.
	79	.Fa s
	80	is an OUT parameter, and not used as an IN parameter.
	81	The number of bytes of data written (i.e.
	82	the length of the signature) will be written to the integer at
	83	.Fa s .
	84	At most
	85	.Fn EVP_PKEY_size pkey
	86	bytes will be written.
	87	.Pp
	88	.Fn EVP_SignInit
	89	initializes a signing context
	90	.Fa ctx
	91	to use the default implementation of digest
	92	.Fa type .
	93	.Pp
	94	.Fn EVP_PKEY_size
	95	returns the maximum size of a signature in bytes.
	96	The actual signature returned by
	97	.Fn EVP_SignFinal
	98	may be smaller.
	99	.Pp
	100	The EVP interface to digital signatures should almost always be
	101	used in preference to the low level interfaces.
	102	This is because the code then becomes transparent to the algorithm used
	103	and much more flexible.
	104	.Pp
	105	Due to the link between message digests and public key algorithms the
	106	correct digest algorithm must be used with the correct public key type.
	107	A list of algorithms and associated public key algorithms appears in
	108	.Xr EVP_DigestInit 3 .
	109	.Pp
	110	The call to
	111	.Fn EVP_SignFinal
	112	internally finalizes a copy of the digest context.
	113	This means that calls to
	114	.Fn EVP_SignUpdate
	115	and
	116	.Fn EVP_SignFinal
	117	can be called later to digest and sign additional data.
	118	.Pp
	119	Since only a copy of the digest context is ever finalized, the context
	120	must be cleaned up after use by calling
	121	.Xr EVP_MD_CTX_cleanup 3
	122	or a memory leak will occur.
	123	.Sh RETURN VALUES
	124	.Fn EVP_SignInit_ex ,
	125	.Fn EVP_SignUpdate ,
	126	and
	127	.Fn EVP_SignFinal
	128	return 1 for success and 0 for failure.
	129	.Pp
	130	.Fn EVP_PKEY_size
	131	returns the maximum size of a signature in bytes.
	132	.Pp
	133	The error codes can be obtained by
	134	.Xr ERR_get_error 3 .
	135	.Sh SEE ALSO
	136	.Xr ERR 3 ,
	137	.Xr evp 3 ,
	138	.Xr EVP_DigestInit 3 ,
	139	.Xr EVP_VerifyInit 3
	140	.Sh HISTORY
	141	.Fn EVP_SignInit ,
	142	.Fn EVP_SignUpdate ,
	143	and
	144	.Fn EVP_SignFinal
	145	are available in all versions of SSLeay and OpenSSL.
	146	.Pp
	147	.Fn EVP_SignInit_ex
	148	was added in OpenSSL 0.9.7.
	149	.Sh BUGS
	150	Older versions of this documentation wrongly stated that calls to
	151	.Fn EVP_SignUpdate
	152	could not be made after calling
	153	.Fn EVP_SignFinal .
	154	.Pp
	155	Since the private key is passed in the call to
	156	.Fn EVP_SignFinal
	157	any error relating to the private key (for example an unsuitable key and
	158	digest combination) will not be indicated until after potentially large
	159	amounts of data have been passed through
	160	.Fn EVP_SignUpdate .
	161	.Pp
	162	It is not possible to change the signing parameters using these
	163	function.
	164	.Pp
	165	The previous two bugs are fixed in the newer
	166	.Xr EVP_SignDigest* 3
	167	function.