diff options
author | Theo Buehler <tb@cvs.openbsd.org> | 2021-05-11 15:26:22 +0000 |
---|---|---|
committer | Theo Buehler <tb@cvs.openbsd.org> | 2021-05-11 15:26:22 +0000 |
commit | 7fe8c9e6ac65b0e41c6f1df12165e9ccbd5877df (patch) | |
tree | cdd86a18fb227cdbf5f14ddf7224109b99b52ab3 /lib/libcrypto | |
parent | c79bc3a8514d66ec21f1153e60b4cf2fe57da7b8 (diff) |
Merge documentation for EVP_DigestVerify() from OpenSSL 1.1.1.
Diffstat (limited to 'lib/libcrypto')
-rw-r--r-- | lib/libcrypto/man/EVP_DigestVerifyInit.3 | 41 |
1 files changed, 37 insertions, 4 deletions
diff --git a/lib/libcrypto/man/EVP_DigestVerifyInit.3 b/lib/libcrypto/man/EVP_DigestVerifyInit.3 index dc212cf1298..3ff7ef81e83 100644 --- a/lib/libcrypto/man/EVP_DigestVerifyInit.3 +++ b/lib/libcrypto/man/EVP_DigestVerifyInit.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: EVP_DigestVerifyInit.3,v 1.8 2019/06/10 14:58:48 schwarze Exp $ +.\" $OpenBSD: EVP_DigestVerifyInit.3,v 1.9 2021/05/11 15:26:21 tb Exp $ .\" OpenSSL fb552ac6 Sep 30 23:43:01 2009 +0000 .\" .\" This file was written by Dr. Stephen Henson <steve@openssl.org>. @@ -49,13 +49,14 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: June 10 2019 $ +.Dd $Mdocdate: May 11 2021 $ .Dt EVP_DIGESTVERIFYINIT 3 .Os .Sh NAME .Nm EVP_DigestVerifyInit , .Nm EVP_DigestVerifyUpdate , -.Nm EVP_DigestVerifyFinal +.Nm EVP_DigestVerifyFinal , +.Nm EVP_DigestVerify .Nd EVP signature verification functions .Sh SYNOPSIS .In openssl/evp.h @@ -79,6 +80,14 @@ .Fa "const unsigned char *sig" .Fa "size_t siglen" .Fc +.Ft int +.Fo EVP_DigestVerify +.Fa "EVP_MD_CTX *ctx" +.Fa "const unsigned char *sig" +.Fa "size_t siglen" +.Fa "const unsigned char *tbs" +.Fa "size_t *tbslen" +.Fc .Sh DESCRIPTION The EVP signature routines are a high level interface to digital signatures. @@ -127,6 +136,26 @@ against the signature in of length .Fa siglen . .Pp +.Fn EVP_DigestVerify +verifies +.Fa tbslen +bytes at +.Fa tbs +against the signature in +.Fa sig +of length +.Fa siglen +.Fn EVP_DigestVerify +is a one shot operation which verifies a single block of data +in one function call. +For algorithms that support streaming it is equivalent to calling +.Fn EVP_DigestVerifyUpdate +and +.Fn EVP_DigestVerifyFinal . +.\" For algorithms which do not support streaming +.\" (e.g. PureEdDSA) +.\" it is the only way to verify data. +.Pp The EVP interface to digital signatures should almost always be used in preference to the low level interfaces. This is because the code then becomes transparent to the algorithm used @@ -162,7 +191,8 @@ In particular a return value of -2 indicates the operation is not supported by the public key algorithm. .Pp .Fn EVP_DigestVerifyFinal -returns 1 for success; any other value indicates failure. +.Fn EVP_DigestVerify +return 1 for success; any other value indicates failure. A return value of 0 indicates that the signature did not verify successfully (that is, the signature did not match the original data or the signature had an invalid form), while other values @@ -183,3 +213,6 @@ and .Fn EVP_DigestVerifyFinal first appeared in OpenSSL 1.0.0 and have been available since .Ox 4.9 . +.Fn EVP_DigestVerify +first appeared in OpenSSL 1.1.1 and has been available since +.Ox 7.0 . |