1*4724848cSchristos=pod 2*4724848cSchristos 3*4724848cSchristos=head1 NAME 4*4724848cSchristos 5*4724848cSchristosEVP_VerifyInit_ex, 6*4724848cSchristosEVP_VerifyInit, EVP_VerifyUpdate, EVP_VerifyFinal 7*4724848cSchristos- EVP signature verification functions 8*4724848cSchristos 9*4724848cSchristos=head1 SYNOPSIS 10*4724848cSchristos 11*4724848cSchristos #include <openssl/evp.h> 12*4724848cSchristos 13*4724848cSchristos int EVP_VerifyInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl); 14*4724848cSchristos int EVP_VerifyUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt); 15*4724848cSchristos int EVP_VerifyFinal(EVP_MD_CTX *ctx, unsigned char *sigbuf, unsigned int siglen, 16*4724848cSchristos EVP_PKEY *pkey); 17*4724848cSchristos 18*4724848cSchristos int EVP_VerifyInit(EVP_MD_CTX *ctx, const EVP_MD *type); 19*4724848cSchristos 20*4724848cSchristos=head1 DESCRIPTION 21*4724848cSchristos 22*4724848cSchristosThe EVP signature verification routines are a high-level interface to digital 23*4724848cSchristossignatures. 24*4724848cSchristos 25*4724848cSchristosEVP_VerifyInit_ex() sets up verification context B<ctx> to use digest 26*4724848cSchristosB<type> from ENGINE B<impl>. B<ctx> must be created by calling 27*4724848cSchristosEVP_MD_CTX_new() before calling this function. 28*4724848cSchristos 29*4724848cSchristosEVP_VerifyUpdate() hashes B<cnt> bytes of data at B<d> into the 30*4724848cSchristosverification context B<ctx>. This function can be called several times on the 31*4724848cSchristossame B<ctx> to include additional data. 32*4724848cSchristos 33*4724848cSchristosEVP_VerifyFinal() verifies the data in B<ctx> using the public key B<pkey> 34*4724848cSchristosand against the B<siglen> bytes at B<sigbuf>. 35*4724848cSchristos 36*4724848cSchristosEVP_VerifyInit() initializes verification context B<ctx> to use the default 37*4724848cSchristosimplementation of digest B<type>. 38*4724848cSchristos 39*4724848cSchristos=head1 RETURN VALUES 40*4724848cSchristos 41*4724848cSchristosEVP_VerifyInit_ex() and EVP_VerifyUpdate() return 1 for success and 0 for 42*4724848cSchristosfailure. 43*4724848cSchristos 44*4724848cSchristosEVP_VerifyFinal() returns 1 for a correct signature, 0 for failure and -1 if some 45*4724848cSchristosother error occurred. 46*4724848cSchristos 47*4724848cSchristosThe error codes can be obtained by L<ERR_get_error(3)>. 48*4724848cSchristos 49*4724848cSchristos=head1 NOTES 50*4724848cSchristos 51*4724848cSchristosThe B<EVP> interface to digital signatures should almost always be used in 52*4724848cSchristospreference to the low-level interfaces. This is because the code then becomes 53*4724848cSchristostransparent to the algorithm used and much more flexible. 54*4724848cSchristos 55*4724848cSchristosThe call to EVP_VerifyFinal() internally finalizes a copy of the digest context. 56*4724848cSchristosThis means that calls to EVP_VerifyUpdate() and EVP_VerifyFinal() can be called 57*4724848cSchristoslater to digest and verify additional data. 58*4724848cSchristos 59*4724848cSchristosSince only a copy of the digest context is ever finalized the context must 60*4724848cSchristosbe cleaned up after use by calling EVP_MD_CTX_free() or a memory leak 61*4724848cSchristoswill occur. 62*4724848cSchristos 63*4724848cSchristos=head1 BUGS 64*4724848cSchristos 65*4724848cSchristosOlder versions of this documentation wrongly stated that calls to 66*4724848cSchristosEVP_VerifyUpdate() could not be made after calling EVP_VerifyFinal(). 67*4724848cSchristos 68*4724848cSchristosSince the public key is passed in the call to EVP_SignFinal() any error 69*4724848cSchristosrelating to the private key (for example an unsuitable key and digest 70*4724848cSchristoscombination) will not be indicated until after potentially large amounts of 71*4724848cSchristosdata have been passed through EVP_SignUpdate(). 72*4724848cSchristos 73*4724848cSchristosIt is not possible to change the signing parameters using these function. 74*4724848cSchristos 75*4724848cSchristosThe previous two bugs are fixed in the newer EVP_DigestVerify*() function. 76*4724848cSchristos 77*4724848cSchristos=head1 SEE ALSO 78*4724848cSchristos 79*4724848cSchristosL<evp(7)>, 80*4724848cSchristosL<EVP_SignInit(3)>, 81*4724848cSchristosL<EVP_DigestInit(3)>, 82*4724848cSchristosL<evp(7)>, L<HMAC(3)>, L<MD2(3)>, 83*4724848cSchristosL<MD5(3)>, L<MDC2(3)>, L<RIPEMD160(3)>, 84*4724848cSchristosL<SHA1(3)>, L<dgst(1)> 85*4724848cSchristos 86*4724848cSchristos=head1 COPYRIGHT 87*4724848cSchristos 88*4724848cSchristosCopyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. 89*4724848cSchristos 90*4724848cSchristosLicensed under the OpenSSL license (the "License"). You may not use 91*4724848cSchristosthis file except in compliance with the License. You can obtain a copy 92*4724848cSchristosin the file LICENSE in the source distribution or at 93*4724848cSchristosL<https://www.openssl.org/source/license.html>. 94*4724848cSchristos 95*4724848cSchristos=cut 96