diff options
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/libcrypto/man/EVP_DigestVerifyInit.3 | 41 |
1 files changed, 37 insertions, 4 deletions
diff --git a/src/lib/libcrypto/man/EVP_DigestVerifyInit.3 b/src/lib/libcrypto/man/EVP_DigestVerifyInit.3 index dc212cf129..3ff7ef81e8 100644 --- a/src/lib/libcrypto/man/EVP_DigestVerifyInit.3 +++ b/src/lib/libcrypto/man/EVP_DigestVerifyInit.3 | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | .\" $OpenBSD: EVP_DigestVerifyInit.3,v 1.8 2019/06/10 14:58:48 schwarze Exp $ | 1 | .\" $OpenBSD: EVP_DigestVerifyInit.3,v 1.9 2021/05/11 15:26:21 tb Exp $ |
| 2 | .\" OpenSSL fb552ac6 Sep 30 23:43:01 2009 +0000 | 2 | .\" OpenSSL fb552ac6 Sep 30 23:43:01 2009 +0000 |
| 3 | .\" | 3 | .\" |
| 4 | .\" This file was written by Dr. Stephen Henson <steve@openssl.org>. | 4 | .\" This file was written by Dr. Stephen Henson <steve@openssl.org>. |
| @@ -49,13 +49,14 @@ | |||
| 49 | .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | 49 | .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED |
| 50 | .\" OF THE POSSIBILITY OF SUCH DAMAGE. | 50 | .\" OF THE POSSIBILITY OF SUCH DAMAGE. |
| 51 | .\" | 51 | .\" |
| 52 | .Dd $Mdocdate: June 10 2019 $ | 52 | .Dd $Mdocdate: May 11 2021 $ |
| 53 | .Dt EVP_DIGESTVERIFYINIT 3 | 53 | .Dt EVP_DIGESTVERIFYINIT 3 |
| 54 | .Os | 54 | .Os |
| 55 | .Sh NAME | 55 | .Sh NAME |
| 56 | .Nm EVP_DigestVerifyInit , | 56 | .Nm EVP_DigestVerifyInit , |
| 57 | .Nm EVP_DigestVerifyUpdate , | 57 | .Nm EVP_DigestVerifyUpdate , |
| 58 | .Nm EVP_DigestVerifyFinal | 58 | .Nm EVP_DigestVerifyFinal , |
| 59 | .Nm EVP_DigestVerify | ||
| 59 | .Nd EVP signature verification functions | 60 | .Nd EVP signature verification functions |
| 60 | .Sh SYNOPSIS | 61 | .Sh SYNOPSIS |
| 61 | .In openssl/evp.h | 62 | .In openssl/evp.h |
| @@ -79,6 +80,14 @@ | |||
| 79 | .Fa "const unsigned char *sig" | 80 | .Fa "const unsigned char *sig" |
| 80 | .Fa "size_t siglen" | 81 | .Fa "size_t siglen" |
| 81 | .Fc | 82 | .Fc |
| 83 | .Ft int | ||
| 84 | .Fo EVP_DigestVerify | ||
| 85 | .Fa "EVP_MD_CTX *ctx" | ||
| 86 | .Fa "const unsigned char *sig" | ||
| 87 | .Fa "size_t siglen" | ||
| 88 | .Fa "const unsigned char *tbs" | ||
| 89 | .Fa "size_t *tbslen" | ||
| 90 | .Fc | ||
| 82 | .Sh DESCRIPTION | 91 | .Sh DESCRIPTION |
| 83 | The EVP signature routines are a high level interface to digital | 92 | The EVP signature routines are a high level interface to digital |
| 84 | signatures. | 93 | signatures. |
| @@ -127,6 +136,26 @@ against the signature in | |||
| 127 | of length | 136 | of length |
| 128 | .Fa siglen . | 137 | .Fa siglen . |
| 129 | .Pp | 138 | .Pp |
| 139 | .Fn EVP_DigestVerify | ||
| 140 | verifies | ||
| 141 | .Fa tbslen | ||
| 142 | bytes at | ||
| 143 | .Fa tbs | ||
| 144 | against the signature in | ||
| 145 | .Fa sig | ||
| 146 | of length | ||
| 147 | .Fa siglen | ||
| 148 | .Fn EVP_DigestVerify | ||
| 149 | is a one shot operation which verifies a single block of data | ||
| 150 | in one function call. | ||
| 151 | For algorithms that support streaming it is equivalent to calling | ||
| 152 | .Fn EVP_DigestVerifyUpdate | ||
| 153 | and | ||
| 154 | .Fn EVP_DigestVerifyFinal . | ||
| 155 | .\" For algorithms which do not support streaming | ||
| 156 | .\" (e.g. PureEdDSA) | ||
| 157 | .\" it is the only way to verify data. | ||
| 158 | .Pp | ||
| 130 | The EVP interface to digital signatures should almost always be | 159 | The EVP interface to digital signatures should almost always be |
| 131 | used in preference to the low level interfaces. | 160 | used in preference to the low level interfaces. |
| 132 | This is because the code then becomes transparent to the algorithm used | 161 | This is because the code then becomes transparent to the algorithm used |
| @@ -162,7 +191,8 @@ In particular a return value of -2 indicates the operation is not | |||
| 162 | supported by the public key algorithm. | 191 | supported by the public key algorithm. |
| 163 | .Pp | 192 | .Pp |
| 164 | .Fn EVP_DigestVerifyFinal | 193 | .Fn EVP_DigestVerifyFinal |
| 165 | returns 1 for success; any other value indicates failure. | 194 | .Fn EVP_DigestVerify |
| 195 | return 1 for success; any other value indicates failure. | ||
| 166 | A return value of 0 indicates that the signature did not verify | 196 | A return value of 0 indicates that the signature did not verify |
| 167 | successfully (that is, the signature did not match the original | 197 | successfully (that is, the signature did not match the original |
| 168 | data or the signature had an invalid form), while other values | 198 | data or the signature had an invalid form), while other values |
| @@ -183,3 +213,6 @@ and | |||
| 183 | .Fn EVP_DigestVerifyFinal | 213 | .Fn EVP_DigestVerifyFinal |
| 184 | first appeared in OpenSSL 1.0.0 and have been available since | 214 | first appeared in OpenSSL 1.0.0 and have been available since |
| 185 | .Ox 4.9 . | 215 | .Ox 4.9 . |
| 216 | .Fn EVP_DigestVerify | ||
| 217 | first appeared in OpenSSL 1.1.1 and has been available since | ||
| 218 | .Ox 7.0 . | ||