From d0c0ceacf41c5d7d278724824d2b6fb5730c2201 Mon Sep 17 00:00:00 2001 From: schwarze <> Date: Fri, 8 Nov 2024 22:23:35 +0000 Subject: Weed out the last remaining refences to the obsolete function EVP_MD_CTX_init(3) and talk about EVP_MD_CTX_new(3) instead. This is similar in spirit to OpenSSL commit 25191fff (Dec 1, 2015), but i'm also mentioning EVP_MD_CTX_reset(3), slightly reordering some sentences in a more systematic way, and improving some related wordings to be more precise and read better. --- src/lib/libcrypto/man/EVP_DigestVerifyInit.3 | 55 +++++++++++++++------------- 1 file changed, 29 insertions(+), 26 deletions(-) (limited to 'src/lib/libcrypto/man/EVP_DigestVerifyInit.3') diff --git a/src/lib/libcrypto/man/EVP_DigestVerifyInit.3 b/src/lib/libcrypto/man/EVP_DigestVerifyInit.3 index b3286bf201..7ecd7e94e3 100644 --- a/src/lib/libcrypto/man/EVP_DigestVerifyInit.3 +++ b/src/lib/libcrypto/man/EVP_DigestVerifyInit.3 @@ -1,8 +1,9 @@ -.\" $OpenBSD: EVP_DigestVerifyInit.3,v 1.15 2024/07/21 08:36:43 tb Exp $ -.\" OpenSSL fb552ac6 Sep 30 23:43:01 2009 +0000 +.\" $OpenBSD: EVP_DigestVerifyInit.3,v 1.16 2024/11/08 22:23:35 schwarze Exp $ +.\" full merge up to OpenSSL f097e875 Aug 23 11:37:22 2018 +0100 +.\" selective merge up to 24a535ea Sep 22 13:14:20 2020 +0100 .\" .\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2006, 2009, 2014, 2015, 2016 The OpenSSL Project. +.\" Copyright (c) 2006, 2009, 2014, 2015, 2016, 2017 The OpenSSL Project. .\" All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without @@ -49,7 +50,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: July 21 2024 $ +.Dd $Mdocdate: November 8 2024 $ .Dt EVP_DIGESTVERIFYINIT 3 .Os .Sh NAME @@ -93,39 +94,41 @@ The EVP signature routines are a high-level interface to digital signatures. .Pp .Fn EVP_DigestVerifyInit -sets up verification context +sets up the verification context .Fa ctx -to use digest +to use the digest .Fa type -and public key +and the public key .Fa pkey . +Before calling this function, obtain .Fa ctx -must be initialized with -.Xr EVP_MD_CTX_init 3 -before calling this function. +from +.Xr EVP_MD_CTX_new 3 +or call +.Xr EVP_MD_CTX_reset 3 +on it. +The +.Fa engine +argument is always ignored and passing +.Dv NULL +is recommended. +.Pp If .Fa pctx is not .Dv NULL , -the +any pointer passed in as +.Pf * Fa pctx +is ignored and overwritten by an internal pointer to the .Vt EVP_PKEY_CTX -of the verification operation will be written to -.Pf * Fa pctx : -this can be used to set alternative verification options. -Any existing value in -.Pf * .Fa pctx -is overwritten. -The +used by the verification operation: +this can be used to set alternative signing options. +The returned .Vt EVP_PKEY_CTX -value returned must not be freed directly by the application. -It will be freed automatically when the +must not be freed by the application. +It is freed automatically when the .Vt EVP_MD_CTX is freed. -The -.Fa ENGINE *engine -argument is always ignored and passing -.Dv NULL -is recommended. .Pp .Fn EVP_DigestVerifyUpdate hashes @@ -168,7 +171,7 @@ and .\" it is the only way to verify data. .Pp The EVP interface to digital signatures should almost always be -used in preference to the low level interfaces. +used in preference to the low-level interfaces. This is because the code then becomes transparent to the algorithm used and much more flexible. .Pp -- cgit v1.2.3-55-g6feb