126 lines
4.9 KiB
HTML
Executable File
126 lines
4.9 KiB
HTML
Executable File
<?xml version="1.0" ?>
|
|
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
|
|
<html xmlns="http://www.w3.org/1999/xhtml">
|
|
<head>
|
|
<title>EVP_VerifyInit</title>
|
|
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
|
|
<link rev="made" href="mailto:root@localhost" />
|
|
</head>
|
|
|
|
<body style="background-color: white">
|
|
|
|
|
|
<!-- INDEX BEGIN -->
|
|
<div name="index">
|
|
<p><a name="__index__"></a></p>
|
|
|
|
<ul>
|
|
|
|
<li><a href="#name">NAME</a></li>
|
|
<li><a href="#synopsis">SYNOPSIS</a></li>
|
|
<li><a href="#description">DESCRIPTION</a></li>
|
|
<li><a href="#return_values">RETURN VALUES</a></li>
|
|
<li><a href="#notes">NOTES</a></li>
|
|
<li><a href="#bugs">BUGS</a></li>
|
|
<li><a href="#see_also">SEE ALSO</a></li>
|
|
<li><a href="#copyright">COPYRIGHT</a></li>
|
|
</ul>
|
|
|
|
<hr name="index" />
|
|
</div>
|
|
<!-- INDEX END -->
|
|
|
|
<p>
|
|
</p>
|
|
<hr />
|
|
<h1><a name="name">NAME</a></h1>
|
|
<p>EVP_VerifyInit_ex,
|
|
EVP_VerifyInit, EVP_VerifyUpdate, EVP_VerifyFinal
|
|
- EVP signature verification functions</p>
|
|
<p>
|
|
</p>
|
|
<hr />
|
|
<h1><a name="synopsis">SYNOPSIS</a></h1>
|
|
<pre>
|
|
#include <openssl/evp.h></pre>
|
|
<pre>
|
|
int EVP_VerifyInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
|
|
int EVP_VerifyUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
|
|
int EVP_VerifyFinal(EVP_MD_CTX *ctx, unsigned char *sigbuf, unsigned int siglen,
|
|
EVP_PKEY *pkey);</pre>
|
|
<pre>
|
|
int EVP_VerifyInit(EVP_MD_CTX *ctx, const EVP_MD *type);</pre>
|
|
<p>
|
|
</p>
|
|
<hr />
|
|
<h1><a name="description">DESCRIPTION</a></h1>
|
|
<p>The EVP signature verification routines are a high level interface to digital
|
|
signatures.</p>
|
|
<p><code>EVP_VerifyInit_ex()</code> sets up verification context <strong>ctx</strong> to use digest
|
|
<strong>type</strong> from ENGINE <strong>impl</strong>. <strong>ctx</strong> must be created by calling
|
|
<code>EVP_MD_CTX_new()</code> before calling this function.</p>
|
|
<p><code>EVP_VerifyUpdate()</code> hashes <strong>cnt</strong> bytes of data at <strong>d</strong> into the
|
|
verification context <strong>ctx</strong>. This function can be called several times on the
|
|
same <strong>ctx</strong> to include additional data.</p>
|
|
<p><code>EVP_VerifyFinal()</code> verifies the data in <strong>ctx</strong> using the public key <strong>pkey</strong>
|
|
and against the <strong>siglen</strong> bytes at <strong>sigbuf</strong>.</p>
|
|
<p><code>EVP_VerifyInit()</code> initializes verification context <strong>ctx</strong> to use the default
|
|
implementation of digest <strong>type</strong>.</p>
|
|
<p>
|
|
</p>
|
|
<hr />
|
|
<h1><a name="return_values">RETURN VALUES</a></h1>
|
|
<p><code>EVP_VerifyInit_ex()</code> and <code>EVP_VerifyUpdate()</code> return 1 for success and 0 for
|
|
failure.</p>
|
|
<p><code>EVP_VerifyFinal()</code> returns 1 for a correct signature, 0 for failure and -1 if some
|
|
other error occurred.</p>
|
|
<p>The error codes can be obtained by <em>ERR_get_error(3)</em>.</p>
|
|
<p>
|
|
</p>
|
|
<hr />
|
|
<h1><a name="notes">NOTES</a></h1>
|
|
<p>The <strong>EVP</strong> interface to digital signatures should almost always be used in
|
|
preference to the low level interfaces. This is because the code then becomes
|
|
transparent to the algorithm used and much more flexible.</p>
|
|
<p>The call to <code>EVP_VerifyFinal()</code> internally finalizes a copy of the digest context.
|
|
This means that calls to <code>EVP_VerifyUpdate()</code> and <code>EVP_VerifyFinal()</code> can be called
|
|
later to digest and verify additional data.</p>
|
|
<p>Since only a copy of the digest context is ever finalized the context must
|
|
be cleaned up after use by calling <code>EVP_MD_CTX_free()</code> or a memory leak
|
|
will occur.</p>
|
|
<p>
|
|
</p>
|
|
<hr />
|
|
<h1><a name="bugs">BUGS</a></h1>
|
|
<p>Older versions of this documentation wrongly stated that calls to
|
|
<code>EVP_VerifyUpdate()</code> could not be made after calling <code>EVP_VerifyFinal()</code>.</p>
|
|
<p>Since the public key is passed in the call to <code>EVP_SignFinal()</code> any error
|
|
relating to the private key (for example an unsuitable key and digest
|
|
combination) will not be indicated until after potentially large amounts of
|
|
data have been passed through <code>EVP_SignUpdate()</code>.</p>
|
|
<p>It is not possible to change the signing parameters using these function.</p>
|
|
<p>The previous two bugs are fixed in the newer EVP_DigestVerify*() function.</p>
|
|
<p>
|
|
</p>
|
|
<hr />
|
|
<h1><a name="see_also">SEE ALSO</a></h1>
|
|
<p><em>evp(7)</em>,
|
|
<em>EVP_SignInit(3)</em>,
|
|
<em>EVP_DigestInit(3)</em>,
|
|
<em>evp(7)</em>, <em>HMAC(3)</em>, <em>MD2(3)</em>,
|
|
<em>MD5(3)</em>, <em>MDC2(3)</em>, <em>RIPEMD160(3)</em>,
|
|
<em>SHA1(3)</em>, <em>openssl-dgst(1)</em></p>
|
|
<p>
|
|
</p>
|
|
<hr />
|
|
<h1><a name="copyright">COPYRIGHT</a></h1>
|
|
<p>Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.</p>
|
|
<p>Licensed under the Apache License 2.0 (the "License"). You may not use
|
|
this file except in compliance with the License. You can obtain a copy
|
|
in the file LICENSE in the source distribution or at
|
|
<a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
|
|
|
|
</body>
|
|
|
|
</html>
|