Update files for OpenSSL-1.0.0f import.
[dragonfly.git] / secure / lib / libcrypto / man / EVP_PKEY_verify.3
CommitLineData
e3261593 1.\" Automatically generated by Pod::Man 2.25 (Pod::Simple 3.19)
01185282
PA
2.\"
3.\" Standard preamble:
4.\" ========================================================================
5.de Sp \" Vertical space (when we can't use .PP)
6.if t .sp .5v
7.if n .sp
8..
9.de Vb \" Begin verbatim text
10.ft CW
11.nf
12.ne \\$1
13..
14.de Ve \" End verbatim text
15.ft R
16.fi
17..
18.\" Set up some character translations and predefined strings. \*(-- will
19.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
20.\" double quote, and \*(R" will give a right double quote. \*(C+ will
21.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
22.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
23.\" nothing in troff, for use with C<>.
24.tr \(*W-
25.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
26.ie n \{\
27. ds -- \(*W-
28. ds PI pi
29. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
30. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
31. ds L" ""
32. ds R" ""
33. ds C` ""
34. ds C' ""
35'br\}
36.el\{\
37. ds -- \|\(em\|
38. ds PI \(*p
39. ds L" ``
40. ds R" ''
41'br\}
42.\"
43.\" Escape single quotes in literal strings from groff's Unicode transform.
44.ie \n(.g .ds Aq \(aq
45.el .ds Aq '
46.\"
47.\" If the F register is turned on, we'll generate index entries on stderr for
48.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
49.\" entries marked with X<> in POD. Of course, you'll have to process the
50.\" output yourself in some meaningful fashion.
51.ie \nF \{\
52. de IX
53. tm Index:\\$1\t\\n%\t"\\$2"
54..
55. nr % 0
56. rr F
57.\}
58.el \{\
59. de IX
60..
61.\}
62.\"
63.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
64.\" Fear. Run. Save yourself. No user-serviceable parts.
65. \" fudge factors for nroff and troff
66.if n \{\
67. ds #H 0
68. ds #V .8m
69. ds #F .3m
70. ds #[ \f1
71. ds #] \fP
72.\}
73.if t \{\
74. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
75. ds #V .6m
76. ds #F 0
77. ds #[ \&
78. ds #] \&
79.\}
80. \" simple accents for nroff and troff
81.if n \{\
82. ds ' \&
83. ds ` \&
84. ds ^ \&
85. ds , \&
86. ds ~ ~
87. ds /
88.\}
89.if t \{\
90. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
91. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
92. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
93. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
94. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
95. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
96.\}
97. \" troff and (daisy-wheel) nroff accents
98.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
99.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
100.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
101.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
102.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
103.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
104.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
105.ds ae a\h'-(\w'a'u*4/10)'e
106.ds Ae A\h'-(\w'A'u*4/10)'E
107. \" corrections for vroff
108.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
109.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
110. \" for low resolution devices (crt and lpr)
111.if \n(.H>23 .if \n(.V>19 \
112\{\
113. ds : e
114. ds 8 ss
115. ds o a
116. ds d- d\h'-1'\(ga
117. ds D- D\h'-1'\(hy
118. ds th \o'bp'
119. ds Th \o'LP'
120. ds ae ae
121. ds Ae AE
122.\}
123.rm #[ #] #H #V #F C
124.\" ========================================================================
125.\"
126.IX Title "EVP_PKEY_verify 3"
e3261593 127.TH EVP_PKEY_verify 3 "2012-01-04" "1.0.0f" "OpenSSL"
01185282
PA
128.\" For nroff, turn off justification. Always turn off hyphenation; it makes
129.\" way too many mistakes in technical documents.
130.if n .ad l
131.nh
132.SH "NAME"
133EVP_PKEY_verify_init, EVP_PKEY_verify \- signature verification using a public key algorithm
134.SH "SYNOPSIS"
135.IX Header "SYNOPSIS"
136.Vb 1
137\& #include <openssl/evp.h>
138\&
139\& int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx);
140\& int EVP_PKEY_verify(EVP_PKEY_CTX *ctx,
141\& const unsigned char *sig, size_t siglen,
142\& const unsigned char *tbs, size_t tbslen);
143.Ve
144.SH "DESCRIPTION"
145.IX Header "DESCRIPTION"
146The \fIEVP_PKEY_verify_init()\fR function initializes a public key algorithm
147context using key \fBpkey\fR for a signature verification operation.
148.PP
149The \fIEVP_PKEY_verify()\fR function performs a public key verification operation
150using \fBctx\fR. The signature is specified using the \fBsig\fR and
151\&\fBsiglen\fR parameters. The verified data (i.e. the data believed originally
152signed) is specified using the \fBtbs\fR and \fBtbslen\fR parameters.
153.SH "NOTES"
154.IX Header "NOTES"
155After the call to \fIEVP_PKEY_verify_init()\fR algorithm specific control
156operations can be performed to set any appropriate parameters for the
157operation.
158.PP
159The function \fIEVP_PKEY_verify()\fR can be called more than once on the same
160context if several operations are performed using the same parameters.
161.SH "RETURN VALUES"
162.IX Header "RETURN VALUES"
163\&\fIEVP_PKEY_verify_init()\fR and \fIEVP_PKEY_verify()\fR return 1 if the verification was
164successful and 0 if it failed. Unlike other functions the return value 0 from
165\&\fIEVP_PKEY_verify()\fR only indicates that the signature did not not verify
166successfully (that is tbs did not match the original data or the signature was
167of invalid form) it is not an indication of a more serious error.
168.PP
169A negative value indicates an error other that signature verification failure.
170In particular a return value of \-2 indicates the operation is not supported by
171the public key algorithm.
172.SH "EXAMPLE"
173.IX Header "EXAMPLE"
174Verify signature using PKCS#1 and \s-1SHA256\s0 digest:
175.PP
176.Vb 2
177\& #include <openssl/evp.h>
178\& #include <openssl/rsa.h>
179\&
180\& EVP_PKEY_CTX *ctx;
181\& unsigned char *md, *sig;
182\& size_t mdlen, siglen;
183\& EVP_PKEY *verify_key;
184\& /* NB: assumes verify_key, sig, siglen md and mdlen are already set up
185\& * and that verify_key is an RSA public key
186\& */
187\& ctx = EVP_PKEY_CTX_new(verify_key);
188\& if (!ctx)
189\& /* Error occurred */
190\& if (EVP_PKEY_verify_init(ctx) <= 0)
191\& /* Error */
192\& if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0)
193\& /* Error */
194\& if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) <= 0)
195\& /* Error */
196\&
197\& /* Perform operation */
b911043f 198\& ret = EVP_PKEY_verify(ctx, sig, siglen, md, mdlen);
01185282
PA
199\&
200\& /* ret == 1 indicates success, 0 verify failure and < 0 for some
201\& * other error.
202\& */
203.Ve
204.SH "SEE ALSO"
205.IX Header "SEE ALSO"
206\&\fIEVP_PKEY_CTX_new\fR\|(3),
207\&\fIEVP_PKEY_encrypt\fR\|(3),
208\&\fIEVP_PKEY_decrypt\fR\|(3),
209\&\fIEVP_PKEY_sign\fR\|(3),
210\&\fIEVP_PKEY_verifyrecover\fR\|(3),
211\&\fIEVP_PKEY_derive\fR\|(3)
212.SH "HISTORY"
213.IX Header "HISTORY"
214These functions were first added to OpenSSL 1.0.0.