From aa4d426b4d3527d7e166df1a05058c9a4a0f6683 Mon Sep 17 00:00:00 2001 From: Wojtek Kosior Date: Fri, 30 Apr 2021 00:33:56 +0200 Subject: initial/final commit --- openssl-1.1.0h/doc/crypto/EVP_VerifyInit.pod | 94 ++++++++++++++++++++++++++++ 1 file changed, 94 insertions(+) create mode 100644 openssl-1.1.0h/doc/crypto/EVP_VerifyInit.pod (limited to 'openssl-1.1.0h/doc/crypto/EVP_VerifyInit.pod') diff --git a/openssl-1.1.0h/doc/crypto/EVP_VerifyInit.pod b/openssl-1.1.0h/doc/crypto/EVP_VerifyInit.pod new file mode 100644 index 0000000..9214609 --- /dev/null +++ b/openssl-1.1.0h/doc/crypto/EVP_VerifyInit.pod @@ -0,0 +1,94 @@ +=pod + +=head1 NAME + +EVP_VerifyInit_ex, +EVP_VerifyInit, EVP_VerifyUpdate, EVP_VerifyFinal +- EVP signature verification functions + +=head1 SYNOPSIS + + #include + + int EVP_VerifyInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl); + int EVP_VerifyUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt); + int EVP_VerifyFinal(EVP_MD_CTX *ctx, unsigned char *sigbuf, unsigned int siglen, EVP_PKEY *pkey); + + int EVP_VerifyInit(EVP_MD_CTX *ctx, const EVP_MD *type); + +=head1 DESCRIPTION + +The EVP signature verification routines are a high level interface to digital +signatures. + +EVP_VerifyInit_ex() sets up verification context B to use digest +B from ENGINE B. B must be created by calling +EVP_MD_CTX_new() before calling this function. + +EVP_VerifyUpdate() hashes B bytes of data at B into the +verification context B. This function can be called several times on the +same B to include additional data. + +EVP_VerifyFinal() verifies the data in B using the public key B +and against the B bytes at B. + +EVP_VerifyInit() initializes verification context B to use the default +implementation of digest B. + +=head1 RETURN VALUES + +EVP_VerifyInit_ex() and EVP_VerifyUpdate() return 1 for success and 0 for +failure. + +EVP_VerifyFinal() returns 1 for a correct signature, 0 for failure and -1 if some +other error occurred. + +The error codes can be obtained by L. + +=head1 NOTES + +The B interface to digital signatures should almost always be used in +preference to the low level interfaces. This is because the code then becomes +transparent to the algorithm used and much more flexible. + +The call to EVP_VerifyFinal() internally finalizes a copy of the digest context. +This means that calls to EVP_VerifyUpdate() and EVP_VerifyFinal() can be called +later to digest and verify additional data. + +Since only a copy of the digest context is ever finalized the context must +be cleaned up after use by calling EVP_MD_CTX_cleanup() or a memory leak +will occur. + +=head1 BUGS + +Older versions of this documentation wrongly stated that calls to +EVP_VerifyUpdate() could not be made after calling EVP_VerifyFinal(). + +Since the public key is passed in the call to EVP_SignFinal() any error +relating to the private key (for example an unsuitable key and digest +combination) will not be indicated until after potentially large amounts of +data have been passed through EVP_SignUpdate(). + +It is not possible to change the signing parameters using these function. + +The previous two bugs are fixed in the newer EVP_VerifyDigest*() function. + +=head1 SEE ALSO + +L, +L, +L, +L, L, L, +L, L, L, +L, L + +=head1 COPYRIGHT + +Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the OpenSSL license (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L. + +=cut -- cgit v1.2.3