Skip to main content
  • Home
  • login
  • Browse the archive

    swh mirror partner logo
swh logo
SoftwareHeritage
Software
Heritage
Mirror
Features
  • Search

  • Downloads

  • Save code now

  • Add forge now

  • Help

  • 1a432a1
  • /
  • crypto
  • /
  • EVP_DigestVerifyInit.pod
Raw File
Permalinks

To reference or cite the objects present in the Software Heritage archive, permalinks based on SoftWare Hash IDentifiers (SWHIDs) must be used.
Select below a type of object currently browsed in order to display its associated SWHID and permalink.

  • content
  • directory
content badge Iframe embedding
swh:1:cnt:2e2c0fdc8f5b77b7d8f0470cf7bd37ba271e6839
directory badge Iframe embedding
swh:1:dir:5e9a7b2f755109b19d8346547fdf285360c78427
EVP_DigestVerifyInit.pod
=pod

=head1 NAME

EVP_DigestVerifyInit, EVP_DigestVerifyUpdate, EVP_DigestVerifyFinal - EVP signature verification functions

=head1 SYNOPSIS

 #include <openssl/evp.h>

 int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
			const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
 int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
 int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig, size_t siglen);

=head1 DESCRIPTION

The EVP signature routines are a high level interface to digital signatures.

EVP_DigestVerifyInit() sets up verification context B<ctx> to use digest
B<type> from ENGINE B<impl> and public key B<pkey>. B<ctx> must be initialized
with EVP_MD_CTX_init() before calling this function. If B<pctx> is not NULL, the
EVP_PKEY_CTX of the verification operation will be written to B<*pctx>: this
can be used to set alternative verification options. Note that any existing
value in B<*pctx> is overwritten. The EVP_PKEY_CTX value returned must not be
freed directly by the application (it will be freed automatically when the
EVP_MD_CTX is freed).

EVP_DigestVerifyUpdate() hashes B<cnt> bytes of data at B<d> into the
verification context B<ctx>. This function can be called several times on the
same B<ctx> to include additional data. This function is currently implemented
using a macro.

EVP_DigestVerifyFinal() verifies the data in B<ctx> against the signature in
B<sig> of length B<siglen>.

=head1 RETURN VALUES

EVP_DigestVerifyInit() and EVP_DigestVerifyUpdate() return 1 for success and 0
or a negative value for failure. In particular a return value of -2 indicates
the operation is not supported by the public key algorithm.

EVP_DigestVerifyFinal() returns 1 for success; any other value indicates
failure.  A return value of zero indicates that the signature did not verify
successfully (that is, tbs did not match the original data or the signature had
an invalid form), while other values indicate a more serious error (and
sometimes also indicate an invalid signature form).

The error codes can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>.

=head1 NOTES

The B<EVP> interface to digital signatures should almost always be used in
preference to the low level interfaces. This is because the code then becomes
transparent to the algorithm used and much more flexible.

In previous versions of OpenSSL there was a link between message digest types
and public key algorithms. This meant that "clone" digests such as EVP_dss1()
needed to be used to sign using SHA1 and DSA. This is no longer necessary and
the use of clone digest is now discouraged.

For some key types and parameters the random number generator must be seeded
or the operation will fail. 

The call to EVP_DigestVerifyFinal() internally finalizes a copy of the digest
context. This means that EVP_VerifyUpdate() and EVP_VerifyFinal() can
be called later to digest and verify additional data.

Since only a copy of the digest context is ever finalized the context must
be cleaned up after use by calling EVP_MD_CTX_cleanup() or a memory leak
will occur.

=head1 SEE ALSO

L<EVP_DigestSignInit(3)|EVP_DigestSignInit(3)>,
L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>

=head1 HISTORY

EVP_DigestVerifyInit(), EVP_DigestVerifyUpdate() and EVP_DigestVerifyFinal() 
were first added to OpenSSL 1.0.0.

=cut

ENEA — Copyright (C), ENEA. License: GNU AGPLv3+.
Legal notes  ::  JavaScript license information ::  Web API

back to top