Update files for OpenSSL-1.0.0f import.
[dragonfly.git] / secure / lib / libcrypto / man / EVP_DigestVerifyInit.3
CommitLineData
e3261593 1.\" Automatically generated by Pod::Man 2.25 (Pod::Simple 3.19)
01185282
PA
2.\"
3.\" Standard preamble:
4.\" ========================================================================
5.de Sp \" Vertical space (when we can't use .PP)
6.if t .sp .5v
7.if n .sp
8..
9.de Vb \" Begin verbatim text
10.ft CW
11.nf
12.ne \\$1
13..
14.de Ve \" End verbatim text
15.ft R
16.fi
17..
18.\" Set up some character translations and predefined strings. \*(-- will
19.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
20.\" double quote, and \*(R" will give a right double quote. \*(C+ will
21.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
22.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
23.\" nothing in troff, for use with C<>.
24.tr \(*W-
25.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
26.ie n \{\
27. ds -- \(*W-
28. ds PI pi
29. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
30. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
31. ds L" ""
32. ds R" ""
33. ds C` ""
34. ds C' ""
35'br\}
36.el\{\
37. ds -- \|\(em\|
38. ds PI \(*p
39. ds L" ``
40. ds R" ''
41'br\}
42.\"
43.\" Escape single quotes in literal strings from groff's Unicode transform.
44.ie \n(.g .ds Aq \(aq
45.el .ds Aq '
46.\"
47.\" If the F register is turned on, we'll generate index entries on stderr for
48.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
49.\" entries marked with X<> in POD. Of course, you'll have to process the
50.\" output yourself in some meaningful fashion.
51.ie \nF \{\
52. de IX
53. tm Index:\\$1\t\\n%\t"\\$2"
54..
55. nr % 0
56. rr F
57.\}
58.el \{\
59. de IX
60..
61.\}
62.\"
63.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
64.\" Fear. Run. Save yourself. No user-serviceable parts.
65. \" fudge factors for nroff and troff
66.if n \{\
67. ds #H 0
68. ds #V .8m
69. ds #F .3m
70. ds #[ \f1
71. ds #] \fP
72.\}
73.if t \{\
74. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
75. ds #V .6m
76. ds #F 0
77. ds #[ \&
78. ds #] \&
79.\}
80. \" simple accents for nroff and troff
81.if n \{\
82. ds ' \&
83. ds ` \&
84. ds ^ \&
85. ds , \&
86. ds ~ ~
87. ds /
88.\}
89.if t \{\
90. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
91. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
92. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
93. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
94. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
95. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
96.\}
97. \" troff and (daisy-wheel) nroff accents
98.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
99.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
100.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
101.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
102.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
103.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
104.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
105.ds ae a\h'-(\w'a'u*4/10)'e
106.ds Ae A\h'-(\w'A'u*4/10)'E
107. \" corrections for vroff
108.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
109.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
110. \" for low resolution devices (crt and lpr)
111.if \n(.H>23 .if \n(.V>19 \
112\{\
113. ds : e
114. ds 8 ss
115. ds o a
116. ds d- d\h'-1'\(ga
117. ds D- D\h'-1'\(hy
118. ds th \o'bp'
119. ds Th \o'LP'
120. ds ae ae
121. ds Ae AE
122.\}
123.rm #[ #] #H #V #F C
124.\" ========================================================================
125.\"
126.IX Title "EVP_DigestVerifyInit 3"
e3261593 127.TH EVP_DigestVerifyInit 3 "2012-01-04" "1.0.0f" "OpenSSL"
01185282
PA
128.\" For nroff, turn off justification. Always turn off hyphenation; it makes
129.\" way too many mistakes in technical documents.
130.if n .ad l
131.nh
132.SH "NAME"
133EVP_DigestVerifyInit, EVP_DigestVerifyUpdate, EVP_DigestVerifyFinal \- EVP signature verification functions
134.SH "SYNOPSIS"
135.IX Header "SYNOPSIS"
136.Vb 1
137\& #include <openssl/evp.h>
138\&
139\& int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
140\& const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
141\& int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
142\& int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, unsigned char *sig, size_t siglen);
143.Ve
144.SH "DESCRIPTION"
145.IX Header "DESCRIPTION"
146The \s-1EVP\s0 signature routines are a high level interface to digital signatures.
147.PP
148\&\fIEVP_DigestVerifyInit()\fR sets up verification context \fBctx\fR to use digest
149\&\fBtype\fR from \s-1ENGINE\s0 \fBimpl\fR and public key \fBpkey\fR. \fBctx\fR must be initialized
150with \fIEVP_MD_CTX_init()\fR before calling this function. If \fBpctx\fR is not \s-1NULL\s0 the
151\&\s-1EVP_PKEY_CTX\s0 of the verification operation will be written to \fB*pctx\fR: this
152can be used to set alternative verification options.
153.PP
154\&\fIEVP_DigestVerifyUpdate()\fR hashes \fBcnt\fR bytes of data at \fBd\fR into the
155verification context \fBctx\fR. This function can be called several times on the
156same \fBctx\fR to include additional data. This function is currently implemented
157using a macro.
158.PP
159\&\fIEVP_DigestVerifyFinal()\fR verifies the data in \fBctx\fR against the signature in
160\&\fBsig\fR of length \fBsiglen\fR.
161.SH "RETURN VALUES"
162.IX Header "RETURN VALUES"
163\&\fIEVP_DigestVerifyInit()\fR and \fIEVP_DigestVerifyUpdate()\fR return 1 for success and 0
164or a negative value for failure. In particular a return value of \-2 indicates
165the operation is not supported by the public key algorithm.
166.PP
167Unlike other functions the return value 0 from \fIEVP_DigestVerifyFinal()\fR only
168indicates that the signature did not not verify successfully (that is tbs did
169not match the original data or the signature was of invalid form) it is not an
170indication of a more serious error.
171.PP
172The error codes can be obtained from \fIERR_get_error\fR\|(3).
173.SH "NOTES"
174.IX Header "NOTES"
175The \fB\s-1EVP\s0\fR interface to digital signatures should almost always be used in
176preference to the low level interfaces. This is because the code then becomes
177transparent to the algorithm used and much more flexible.
178.PP
179In previous versions of OpenSSL there was a link between message digest types
180and public key algorithms. This meant that \*(L"clone\*(R" digests such as \fIEVP_dss1()\fR
181needed to be used to sign using \s-1SHA1\s0 and \s-1DSA\s0. This is no longer necessary and
182the use of clone digest is now discouraged.
183.PP
184For some key types and parameters the random number generator must be seeded
185or the operation will fail.
186.PP
187The call to \fIEVP_DigestVerifyFinal()\fR internally finalizes a copy of the digest
188context. This means that calls to \fIEVP_VerifyUpdate()\fR and \fIEVP_VerifyFinal()\fR can
189be called later to digest and verify additional data.
190.PP
191Since only a copy of the digest context is ever finalized the context must
192be cleaned up after use by calling \fIEVP_MD_CTX_cleanup()\fR or a memory leak
193will occur.
194.SH "SEE ALSO"
195.IX Header "SEE ALSO"
196\&\fIEVP_DigestSignInit\fR\|(3),
197\&\fIEVP_DigestInit\fR\|(3), \fIerr\fR\|(3),
198\&\fIevp\fR\|(3), \fIhmac\fR\|(3), \fImd2\fR\|(3),
199\&\fImd5\fR\|(3), \fImdc2\fR\|(3), \fIripemd\fR\|(3),
200\&\fIsha\fR\|(3), \fIdgst\fR\|(1)
201.SH "HISTORY"
202.IX Header "HISTORY"
203\&\fIEVP_DigestVerifyInit()\fR, \fIEVP_DigestVerifyUpdate()\fR and \fIEVP_DigestVerifyFinal()\fR
204were first added to OpenSSL 1.0.0.