NetBSD/lib/libcrypto/man/EVP_SignInit.3
itojun c0fa60f50c fix manpage paths to meet 0.9.6a. most of short names are escaped as
openssl_xx(1) or openssl_xx(3), as they are way too generic.
2001-04-12 10:45:33 +00:00

224 lines
7.0 KiB
Groff

.\" $NetBSD: EVP_SignInit.3,v 1.5 2001/04/12 10:45:37 itojun Exp $
.\"
.\" Automatically generated by Pod::Man version 1.02
.\" Thu Apr 12 19:27:01 2001
.\"
.\" Standard preamble:
.\" ======================================================================
.de Sh \" Subsection heading
.br
.if t .Sp
.ne 5
.PP
\fB\\$1\fR
.PP
..
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Ip \" List item
.br
.ie \\n(.$>=3 .ne \\$3
.el .ne 3
.IP "\\$1" \\$2
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote. | will give a
.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used
.\" to do unbreakable dashes and therefore won't be available. \*(C` and
.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<>
.tr \(*W-|\(bv\*(Tr
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
. ds PI pi
. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
. ds L" ""
. ds R" ""
. ds C` `
. ds C' '
'br\}
.el\{\
. ds -- \|\(em\|
. ds PI \(*p
. ds L" ``
. ds R" ''
'br\}
.\"
.\" If the F register is turned on, we'll generate index entries on stderr
.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and
.\" index entries marked with X<> in POD. Of course, you'll have to process
.\" the output yourself in some meaningful fashion.
.if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
. .
. nr % 0
. rr F
.\}
.\"
.\" For nroff, turn off justification. Always turn off hyphenation; it
.\" makes way too many mistakes in technical documents.
.hy 0
.if n .na
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
.bd B 3
. \" fudge factors for nroff and troff
.if n \{\
. ds #H 0
. ds #V .8m
. ds #F .3m
. ds #[ \f1
. ds #] \fP
.\}
.if t \{\
. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
. ds #V .6m
. ds #F 0
. ds #[ \&
. ds #] \&
.\}
. \" simple accents for nroff and troff
.if n \{\
. ds ' \&
. ds ` \&
. ds ^ \&
. ds , \&
. ds ~ ~
. ds /
.\}
.if t \{\
. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
. \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
. \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
. \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
. ds : e
. ds 8 ss
. ds o a
. ds d- d\h'-1'\(ga
. ds D- D\h'-1'\(hy
. ds th \o'bp'
. ds Th \o'LP'
. ds ae ae
. ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ======================================================================
.\"
.IX Title "EVP_SignInit 3"
.TH EVP_SignInit 3 "0.9.6a" "2001-04-12" "OpenSSL"
.UC
.SH "NAME"
EVP_SignInit, EVP_SignUpdate, EVP_SignFinal \- \s-1EVP\s0 signing functions
.SH "LIBRARY"
libcrypto, -lcrypto
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/evp.h>
.Ve
.Vb 3
\& void EVP_SignInit(EVP_MD_CTX *ctx, const EVP_MD *type);
\& void EVP_SignUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
\& int EVP_SignFinal(EVP_MD_CTX *ctx,unsigned char *sig,unsigned int *s, EVP_PKEY *pkey);
.Ve
.Vb 1
\& int EVP_PKEY_size(EVP_PKEY *pkey);
.Ve
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The \s-1EVP\s0 signature routines are a high level interface to digital
signatures.
.PP
\&\fIEVP_SignInit()\fR initializes a signing context \fBctx\fR to using digest
\&\fBtype\fR: this will typically be supplied by a function such as
\&\fIEVP_sha1()\fR.
.PP
\&\fIEVP_SignUpdate()\fR hashes \fBcnt\fR bytes of data at \fBd\fR into the
signature context \fBctx\fR. This function can be called several times on the
same \fBctx\fR to include additional data.
.PP
\&\fIEVP_SignFinal()\fR signs the data in \fBctx\fR using the private key \fBpkey\fR
and places the signature in \fBsig\fR. If the \fBs\fR parameter is not \s-1NULL\s0
then the number of bytes of data written (i.e. the length of the signature)
will be written to the integer at \fBs\fR, at most EVP_PKEY_size(pkey) bytes
will be written. After calling \fIEVP_SignFinal()\fR no additional calls to
\&\fIEVP_SignUpdate()\fR can be made, but \fIEVP_SignInit()\fR can be called to initialize
a new signature operation.
.PP
\&\fIEVP_PKEY_size()\fR returns the maximum size of a signature in bytes. The actual
signature returned by \fIEVP_SignFinal()\fR may be smaller.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fIEVP_SignInit()\fR and \fIEVP_SignUpdate()\fR do not return values.
.PP
\&\fIEVP_SignFinal()\fR returns 1 for success and 0 for failure.
.PP
\&\fIEVP_PKEY_size()\fR returns the maximum size of a signature in bytes.
.PP
The error codes can be obtained by ERR_get_error(3).
.SH "NOTES"
.IX Header "NOTES"
The \fB\s-1EVP\s0\fR interface to digital signatures should almost always be used in
preference to the low level interfaces. This is because the code then becomes
transparent to the algorithm used and much more flexible.
.PP
Due to the link between message digests and public key algorithms the correct
digest algorithm must be used with the correct public key type. A list of
algorithms and associated public key algorithms appears in
EVP_DigestInit(3).
.PP
When signing with \s-1DSA\s0 private keys the random number generator must be seeded
or the operation will fail. The random number generator does not need to be
seeded for \s-1RSA\s0 signatures.
.SH "BUGS"
.IX Header "BUGS"
Several of the functions do not return values: maybe they should. Although the
internal digest operations will never fail some future hardware based operations
might.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
EVP_VerifyInit(3),
EVP_DigestInit(3), openssl_err(3),
openssl_evp(3), openssl_hmac(3), md2(3),
openssl_md5(3), openssl_mdc2(3), openssl_ripemd(3),
openssl_sha(3), digest(1)
.SH "HISTORY"
.IX Header "HISTORY"
\&\fIEVP_SignInit()\fR, \fIEVP_SignUpdate()\fR and \fIEVP_SignFinal()\fR are
available in all versions of SSLeay and OpenSSL.