Local adjustments for OpenSSL-1.0.1p.
[dragonfly.git] / secure / lib / libcrypto / man / EVP_SignInit.3
CommitLineData
5a44c043 1.\" Automatically generated by Pod::Man 2.27 (Pod::Simple 3.28)
8b0cefbb
JR
2.\"
3.\" Standard preamble:
4.\" ========================================================================
8b0cefbb 5.de Sp \" Vertical space (when we can't use .PP)
984263bc
MD
6.if t .sp .5v
7.if n .sp
8..
8b0cefbb 9.de Vb \" Begin verbatim text
984263bc
MD
10.ft CW
11.nf
12.ne \\$1
13..
8b0cefbb 14.de Ve \" End verbatim text
984263bc 15.ft R
984263bc
MD
16.fi
17..
8b0cefbb
JR
18.\" Set up some character translations and predefined strings. \*(-- will
19.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
e257b235
PA
20.\" double quote, and \*(R" will give a right double quote. \*(C+ will
21.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
22.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
23.\" nothing in troff, for use with C<>.
24.tr \(*W-
8b0cefbb 25.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
984263bc 26.ie n \{\
8b0cefbb
JR
27. ds -- \(*W-
28. ds PI pi
29. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
30. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
31. ds L" ""
32. ds R" ""
33. ds C` ""
34. ds C' ""
984263bc
MD
35'br\}
36.el\{\
8b0cefbb
JR
37. ds -- \|\(em\|
38. ds PI \(*p
39. ds L" ``
40. ds R" ''
5a44c043
SW
41. ds C`
42. ds C'
984263bc 43'br\}
8b0cefbb 44.\"
e257b235
PA
45.\" Escape single quotes in literal strings from groff's Unicode transform.
46.ie \n(.g .ds Aq \(aq
47.el .ds Aq '
48.\"
8b0cefbb 49.\" If the F register is turned on, we'll generate index entries on stderr for
01185282 50.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
8b0cefbb
JR
51.\" entries marked with X<> in POD. Of course, you'll have to process the
52.\" output yourself in some meaningful fashion.
5a44c043
SW
53.\"
54.\" Avoid warning from groff about undefined register 'F'.
55.de IX
984263bc 56..
5a44c043
SW
57.nr rF 0
58.if \n(.g .if rF .nr rF 1
59.if (\n(rF:(\n(.g==0)) \{
60. if \nF \{
61. de IX
62. tm Index:\\$1\t\\n%\t"\\$2"
e257b235 63..
5a44c043
SW
64. if !\nF==2 \{
65. nr % 0
66. nr F 2
67. \}
68. \}
e257b235 69.\}
5a44c043 70.rr rF
aac4ff6f 71.\"
8b0cefbb
JR
72.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
73.\" Fear. Run. Save yourself. No user-serviceable parts.
74. \" fudge factors for nroff and troff
984263bc 75.if n \{\
8b0cefbb
JR
76. ds #H 0
77. ds #V .8m
78. ds #F .3m
79. ds #[ \f1
80. ds #] \fP
984263bc
MD
81.\}
82.if t \{\
8b0cefbb
JR
83. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
84. ds #V .6m
85. ds #F 0
86. ds #[ \&
87. ds #] \&
984263bc 88.\}
8b0cefbb 89. \" simple accents for nroff and troff
984263bc 90.if n \{\
8b0cefbb
JR
91. ds ' \&
92. ds ` \&
93. ds ^ \&
94. ds , \&
95. ds ~ ~
96. ds /
984263bc
MD
97.\}
98.if t \{\
8b0cefbb
JR
99. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
100. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
101. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
102. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
103. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
104. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
984263bc 105.\}
8b0cefbb 106. \" troff and (daisy-wheel) nroff accents
984263bc
MD
107.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
108.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
109.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
110.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
111.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
112.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
113.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
114.ds ae a\h'-(\w'a'u*4/10)'e
115.ds Ae A\h'-(\w'A'u*4/10)'E
8b0cefbb 116. \" corrections for vroff
984263bc
MD
117.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
118.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
8b0cefbb 119. \" for low resolution devices (crt and lpr)
984263bc
MD
120.if \n(.H>23 .if \n(.V>19 \
121\{\
8b0cefbb
JR
122. ds : e
123. ds 8 ss
124. ds o a
125. ds d- d\h'-1'\(ga
126. ds D- D\h'-1'\(hy
127. ds th \o'bp'
128. ds Th \o'LP'
129. ds ae ae
130. ds Ae AE
984263bc
MD
131.\}
132.rm #[ #] #H #V #F C
8b0cefbb
JR
133.\" ========================================================================
134.\"
135.IX Title "EVP_SignInit 3"
7dc78669 136.TH EVP_SignInit 3 "2015-07-09" "1.0.1p" "OpenSSL"
e257b235
PA
137.\" For nroff, turn off justification. Always turn off hyphenation; it makes
138.\" way too many mistakes in technical documents.
139.if n .ad l
140.nh
984263bc 141.SH "NAME"
74dab6c2 142EVP_SignInit, EVP_SignUpdate, EVP_SignFinal \- EVP signing functions
984263bc 143.SH "SYNOPSIS"
8b0cefbb 144.IX Header "SYNOPSIS"
984263bc
MD
145.Vb 1
146\& #include <openssl/evp.h>
e257b235 147\&
984263bc
MD
148\& int EVP_SignInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
149\& int EVP_SignUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
150\& int EVP_SignFinal(EVP_MD_CTX *ctx,unsigned char *sig,unsigned int *s, EVP_PKEY *pkey);
e257b235 151\&
984263bc 152\& void EVP_SignInit(EVP_MD_CTX *ctx, const EVP_MD *type);
e257b235 153\&
984263bc
MD
154\& int EVP_PKEY_size(EVP_PKEY *pkey);
155.Ve
156.SH "DESCRIPTION"
8b0cefbb
JR
157.IX Header "DESCRIPTION"
158The \s-1EVP\s0 signature routines are a high level interface to digital
984263bc
MD
159signatures.
160.PP
8b0cefbb 161\&\fIEVP_SignInit_ex()\fR sets up signing context \fBctx\fR to use digest
5a44c043 162\&\fBtype\fR from \s-1ENGINE \s0\fBimpl\fR. \fBctx\fR must be initialized with
8b0cefbb 163\&\fIEVP_MD_CTX_init()\fR before calling this function.
984263bc 164.PP
8b0cefbb 165\&\fIEVP_SignUpdate()\fR hashes \fBcnt\fR bytes of data at \fBd\fR into the
984263bc
MD
166signature context \fBctx\fR. This function can be called several times on the
167same \fBctx\fR to include additional data.
168.PP
a561f9ff 169\&\fIEVP_SignFinal()\fR signs the data in \fBctx\fR using the private key \fBpkey\fR and
ecf90583
SW
170places the signature in \fBsig\fR. \fBsig\fR must be at least EVP_PKEY_size(pkey)
171bytes in size. \fBs\fR is an \s-1OUT\s0 paramter, and not used as an \s-1IN\s0 parameter.
172The number of bytes of data written (i.e. the length of the signature)
173will be written to the integer at \fBs\fR, at most EVP_PKEY_size(pkey) bytes
174will be written.
984263bc 175.PP
8b0cefbb 176\&\fIEVP_SignInit()\fR initializes a signing context \fBctx\fR to use the default
984263bc
MD
177implementation of digest \fBtype\fR.
178.PP
8b0cefbb 179\&\fIEVP_PKEY_size()\fR returns the maximum size of a signature in bytes. The actual
984263bc
MD
180signature returned by \fIEVP_SignFinal()\fR may be smaller.
181.SH "RETURN VALUES"
8b0cefbb
JR
182.IX Header "RETURN VALUES"
183\&\fIEVP_SignInit_ex()\fR, \fIEVP_SignUpdate()\fR and \fIEVP_SignFinal()\fR return 1
984263bc
MD
184for success and 0 for failure.
185.PP
8b0cefbb 186\&\fIEVP_PKEY_size()\fR returns the maximum size of a signature in bytes.
984263bc 187.PP
8b0cefbb 188The error codes can be obtained by \fIERR_get_error\fR\|(3).
984263bc 189.SH "NOTES"
8b0cefbb
JR
190.IX Header "NOTES"
191The \fB\s-1EVP\s0\fR interface to digital signatures should almost always be used in
984263bc
MD
192preference to the low level interfaces. This is because the code then becomes
193transparent to the algorithm used and much more flexible.
194.PP
195Due to the link between message digests and public key algorithms the correct
196digest algorithm must be used with the correct public key type. A list of
197algorithms and associated public key algorithms appears in
8b0cefbb 198\&\fIEVP_DigestInit\fR\|(3).
984263bc 199.PP
8b0cefbb 200When signing with \s-1DSA\s0 private keys the random number generator must be seeded
984263bc 201or the operation will fail. The random number generator does not need to be
8b0cefbb 202seeded for \s-1RSA\s0 signatures.
984263bc
MD
203.PP
204The call to \fIEVP_SignFinal()\fR internally finalizes a copy of the digest context.
205This means that calls to \fIEVP_SignUpdate()\fR and \fIEVP_SignFinal()\fR can be called
206later to digest and sign additional data.
207.PP
208Since only a copy of the digest context is ever finalized the context must
209be cleaned up after use by calling \fIEVP_MD_CTX_cleanup()\fR or a memory leak
210will occur.
211.SH "BUGS"
8b0cefbb 212.IX Header "BUGS"
984263bc 213Older versions of this documentation wrongly stated that calls to
8b0cefbb 214\&\fIEVP_SignUpdate()\fR could not be made after calling \fIEVP_SignFinal()\fR.
01185282
PA
215.PP
216Since the private key is passed in the call to \fIEVP_SignFinal()\fR any error
217relating to the private key (for example an unsuitable key and digest
218combination) will not be indicated until after potentially large amounts of
219data have been passed through \fIEVP_SignUpdate()\fR.
220.PP
221It is not possible to change the signing parameters using these function.
222.PP
223The previous two bugs are fixed in the newer EVP_SignDigest*() function.
984263bc 224.SH "SEE ALSO"
8b0cefbb
JR
225.IX Header "SEE ALSO"
226\&\fIEVP_VerifyInit\fR\|(3),
227\&\fIEVP_DigestInit\fR\|(3), \fIerr\fR\|(3),
228\&\fIevp\fR\|(3), \fIhmac\fR\|(3), \fImd2\fR\|(3),
229\&\fImd5\fR\|(3), \fImdc2\fR\|(3), \fIripemd\fR\|(3),
230\&\fIsha\fR\|(3), \fIdgst\fR\|(1)
984263bc 231.SH "HISTORY"
8b0cefbb
JR
232.IX Header "HISTORY"
233\&\fIEVP_SignInit()\fR, \fIEVP_SignUpdate()\fR and \fIEVP_SignFinal()\fR are
984263bc
MD
234available in all versions of SSLeay and OpenSSL.
235.PP
8b0cefbb 236\&\fIEVP_SignInit_ex()\fR was added in OpenSSL 0.9.7.