libcrypto/man/EVP_DigestSignInit.3

.\" $MidnightBSD$
.\" Automatically generated by Pod::Man 4.09 (Pod::Simple 3.35)
.\"
.\" Standard preamble:
.\" ========================================================================
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
..
.de Vb \" Begin verbatim text
.ft CW
.nf
.ne \\$1
..
.de Ve \" End verbatim text
.ft R
.fi
..
.\" Set up some character translations and predefined strings.  \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
.\" double quote, and \*(R" will give a right double quote.  \*(C+ will
.\" give a nicer C++.  Capital omega is used to do unbreakable dashes and
.\" therefore won't be available.  \*(C` and \*(C' expand to `' in nroff,
.\" nothing in troff, for use with C<>.
.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
.    ds -- \(*W-
.    ds PI pi
.    if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
.    if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\"  diablo 12 pitch
.    ds L" ""
.    ds R" ""
.    ds C` ""
.    ds C' ""
'br\}
.el\{\
.    ds -- \|\(em\|
.    ds PI \(*p
.    ds L" ``
.    ds R" ''
.    ds C`
.    ds C'
'br\}
.\"
.\" Escape single quotes in literal strings from groff's Unicode transform.
.ie \n(.g .ds Aq \(aq
.el       .ds Aq '
.\"
.\" If the F register is >0, we'll generate index entries on stderr for
.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD.  Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
.\"
.\" Avoid warning from groff about undefined register 'F'.
.de IX
..
.if !\nF .nr F 0
.if \nF>0 \{\
.    de IX
.    tm Index:\\$1\t\\n%\t"\\$2"
..
.    if !\nF==2 \{\
.        nr % 0
.        nr F 2
.    \}
.\}
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear.  Run.  Save yourself.  No user-serviceable parts.
.    \" fudge factors for nroff and troff
.if n \{\
.    ds #H 0
.    ds #V .8m
.    ds #F .3m
.    ds #[ \f1
.    ds #] \fP
.\}
.if t \{\
.    ds #H ((1u-(\\\\n(.fu%2u))*.13m)
.    ds #V .6m
.    ds #F 0
.    ds #[ \&
.    ds #] \&
.\}
.    \" simple accents for nroff and troff
.if n \{\
.    ds ' \&
.    ds ` \&
.    ds ^ \&
.    ds , \&
.    ds ~ ~
.    ds /
.\}
.if t \{\
.    ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
.    ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
.    ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
.    ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
.    ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
.    ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
.\}
.    \" troff and (daisy-wheel) nroff accents
.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
.ds ae a\h'-(\w'a'u*4/10)'e
.ds Ae A\h'-(\w'A'u*4/10)'E
.    \" corrections for vroff
.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
.    \" for low resolution devices (crt and lpr)
.if \n(.H>23 .if \n(.V>19 \
\{\
.    ds : e
.    ds 8 ss
.    ds o a
.    ds d- d\h'-1'\(ga
.    ds D- D\h'-1'\(hy
.    ds th \o'bp'
.    ds Th \o'LP'
.    ds ae ae
.    ds Ae AE
.\}
.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_DigestSignInit 3"
.TH EVP_DigestSignInit 3 "2018-11-20" "1.0.2q" "OpenSSL"
.\" For nroff, turn off justification.  Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
.SH "NAME"
EVP_DigestSignInit, EVP_DigestSignUpdate, EVP_DigestSignFinal \- EVP signing functions
.SH "SYNOPSIS"
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/evp.h>
\&
\& int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
\&                        const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
\& int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
\& int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen);
.Ve
.SH "DESCRIPTION"
.IX Header "DESCRIPTION"
The \s-1EVP\s0 signature routines are a high level interface to digital signatures.
.PP
\&\fIEVP_DigestSignInit()\fR sets up signing context \fBctx\fR to use digest \fBtype\fR from
\&\s-1ENGINE\s0 \fBimpl\fR and private key \fBpkey\fR. \fBctx\fR must be initialized with
\&\fIEVP_MD_CTX_init()\fR before calling this function. If \fBpctx\fR is not \s-1NULL,\s0 the
\&\s-1EVP_PKEY_CTX\s0 of the signing operation will be written to \fB*pctx\fR: this can
be used to set alternative signing options. Note that any existing value in
\&\fB*pctx\fR is overwritten. The \s-1EVP_PKEY_CTX\s0 value returned must not be freed
directly by the application (it will be freed automatically when the \s-1EVP_MD_CTX\s0
is freed). The digest \fBtype\fR may be \s-1NULL\s0 if the signing algorithm supports it.
.PP
\&\fIEVP_DigestSignUpdate()\fR hashes \fBcnt\fR bytes of data at \fBd\fR into the
signature context \fBctx\fR. This function can be called several times on the
same \fBctx\fR to include additional data. This function is currently implemented
usig a macro.
.PP
\&\fIEVP_DigestSignFinal()\fR signs the data in \fBctx\fR places the signature in \fBsig\fR.
If \fBsig\fR is \fB\s-1NULL\s0\fR then the maximum size of the output buffer is written to
the \fBsiglen\fR parameter. If \fBsig\fR is not \fB\s-1NULL\s0\fR then before the call the
\&\fBsiglen\fR parameter should contain the length of the \fBsig\fR buffer, if the
call is successful the signature is written to \fBsig\fR and the amount of data
written to \fBsiglen\fR.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
\&\fIEVP_DigestSignInit()\fR \fIEVP_DigestSignUpdate()\fR and \fIEVP_DigestSignaFinal()\fR return
1 for success and 0 or a negative value for failure. In particular a return
value of \-2 indicates the operation is not supported by the public key
algorithm.
.PP
The error codes can be obtained from \fIERR_get_error\fR\|(3).
.SH "NOTES"
.IX Header "NOTES"
The \fB\s-1EVP\s0\fR interface to digital signatures should almost always be used in
preference to the low level interfaces. This is because the code then becomes
transparent to the algorithm used and much more flexible.
.PP
In previous versions of OpenSSL there was a link between message digest types
and public key algorithms. This meant that \*(L"clone\*(R" digests such as \fIEVP_dss1()\fR
needed to be used to sign using \s-1SHA1\s0 and \s-1DSA.\s0 This is no longer necessary and
the use of clone digest is now discouraged.
.PP
For some key types and parameters the random number generator must be seeded
or the operation will fail.
.PP
The call to \fIEVP_DigestSignFinal()\fR internally finalizes a copy of the digest
context. This means that calls to \fIEVP_DigestSignUpdate()\fR and
\&\fIEVP_DigestSignFinal()\fR can be called later to digest and sign additional data.
.PP
Since only a copy of the digest context is ever finalized the context must
be cleaned up after use by calling \fIEVP_MD_CTX_cleanup()\fR or a memory leak
will occur.
.PP
The use of \fIEVP_PKEY_size()\fR with these functions is discouraged because some
signature operations may have a signature length which depends on the
parameters set. As a result \fIEVP_PKEY_size()\fR would have to return a value
which indicates the maximum possible signature for any set of parameters.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fIEVP_DigestVerifyInit\fR\|(3),
\&\fIEVP_DigestInit\fR\|(3), \fIerr\fR\|(3),
\&\fIevp\fR\|(3), \fIhmac\fR\|(3), \fImd2\fR\|(3),
\&\fImd5\fR\|(3), \fImdc2\fR\|(3), \fIripemd\fR\|(3),
\&\fIsha\fR\|(3), \fIdgst\fR\|(1)
.SH "HISTORY"
.IX Header "HISTORY"
\&\fIEVP_DigestSignInit()\fR, \fIEVP_DigestSignUpdate()\fR and \fIEVP_DigestSignFinal()\fR 
were first added to OpenSSL 1.0.0.
Revision:	12152
Committed:	Sun Jan 20 05:38:02 2019 UTC (5 years, 3 months ago) by laffer1
Content type:	text/plain
File size:	8126 byte(s)
Log Message:	update man pages
#	Content
1	.\" $MidnightBSD$
2	.\" Automatically generated by Pod::Man 4.09 (Pod::Simple 3.35)
3	.\"
4	.\" Standard preamble:
5	.\" ========================================================================
6	.de Sp \" Vertical space (when we can't use .PP)
7	.if t .sp .5v
8	.if n .sp
9	..
10	.de Vb \" Begin verbatim text
11	.ft CW
12	.nf
13	.ne \\$1
14	..
15	.de Ve \" End verbatim text
16	.ft R
17	.fi
18	..
19	.\" Set up some character translations and predefined strings. \*(-- will
20	.\" give an unbreakable dash, \(PI will give pi, \(L" will give a left
21	.\" double quote, and \(R" will give a right double quote. \(C+ will
22	.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
23	.\" therefore won't be available. \(C` and \(C' expand to `' in nroff,
24	.\" nothing in troff, for use with C<>.
25	.tr \(*W-
26	.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
27	.ie n \{\
28	. ds -- \(*W-
29	. ds PI pi
30	. if (\n(.H=4u)&(1m=24u) .ds -- \(W\h'-12u'\(W\h'-12u'-\" diablo 10 pitch
31	. if (\n(.H=4u)&(1m=20u) .ds -- \(W\h'-12u'\(W\h'-8u'-\" diablo 12 pitch
32	. ds L" ""
33	. ds R" ""
34	. ds C` ""
35	. ds C' ""
36	'br\}
37	.el\{\
38	. ds -- \\|\(em\\|
39	. ds PI \(*p
40	. ds L" ``
41	. ds R" ''
42	. ds C`
43	. ds C'
44	'br\}
45	.\"
46	.\" Escape single quotes in literal strings from groff's Unicode transform.
47	.ie \n(.g .ds Aq \(aq
48	.el .ds Aq '
49	.\"
50	.\" If the F register is >0, we'll generate index entries on stderr for
51	.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
52	.\" entries marked with X<> in POD. Of course, you'll have to process the
53	.\" output yourself in some meaningful fashion.
54	.\"
55	.\" Avoid warning from groff about undefined register 'F'.
56	.de IX
57	..
58	.if !\nF .nr F 0
59	.if \nF>0 \{\
60	. de IX
61	. tm Index:\\$1\t\\n%\t"\\$2"
62	..
63	. if !\nF==2 \{\
64	. nr % 0
65	. nr F 2
66	. \}
67	.\}
68	.\"
69	.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
70	.\" Fear. Run. Save yourself. No user-serviceable parts.
71	. \" fudge factors for nroff and troff
72	.if n \{\
73	. ds #H 0
74	. ds #V .8m
75	. ds #F .3m
76	. ds #[ \f1
77	. ds #] \fP
78	.\}
79	.if t \{\
80	. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
81	. ds #V .6m
82	. ds #F 0
83	. ds #[ \&
84	. ds #] \&
85	.\}
86	. \" simple accents for nroff and troff
87	.if n \{\
88	. ds ' \&
89	. ds ` \&
90	. ds ^ \&
91	. ds , \&
92	. ds ~ ~
93	. ds /
94	.\}
95	.if t \{\
96	. ds ' \\k:\h'-(\\n(.wu8/10-\(#H)'\'\h"\|\\n:u"
97	. ds ` \\k:\h'-(\\n(.wu8/10-\(#H)'\`\h'\|\\n:u'
98	. ds ^ \\k:\h'-(\\n(.wu10/11-\(#H)'^\h'\|\\n:u'
99	. ds , \\k:\h'-(\\n(.wu*8/10)',\h'\|\\n:u'
100	. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'\|\\n:u'
101	. ds / \\k:\h'-(\\n(.wu8/10-\(#H)'\z\(sl\h'\|\\n:u'
102	.\}
103	. \" troff and (daisy-wheel) nroff accents
104	.ds : \\k:\h'-(\\n(.wu8/10-\(#H+.1m+\(#F)'\v'-\(#V'\z.\h'.2m+\(#F'.\h'\|\\n:u'\v'\(#V'
105	.ds 8 \h'\(#H'\(b\h'-\*(#H'
106	.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\(#H)/2u'\v'-.3n'\(#[\z\(de\v'.3n'\h'\|\\n:u'\*(#]
107	.ds d- \h'\(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\(#H'
108	.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'\|\\n:u'
109	.ds th \(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u2/3)'\s-1o\s+1\*(#]
110	.ds Th \(#[\s+2I\s-2\h'-\w'I'u3/5'\v'-.3m'o\v'.3m'\*(#]
111	.ds ae a\h'-(\w'a'u*4/10)'e
112	.ds Ae A\h'-(\w'A'u*4/10)'E
113	. \" corrections for vroff
114	.if v .ds ~ \\k:\h'-(\\n(.wu9/10-\(#H)'\s-2\u~\d\s+2\h'\|\\n:u'
115	.if v .ds ^ \\k:\h'-(\\n(.wu10/11-\(#H)'\v'-.4m'^\v'.4m'\h'\|\\n:u'
116	. \" for low resolution devices (crt and lpr)
117	.if \n(.H>23 .if \n(.V>19 \
118	\{\
119	. ds : e
120	. ds 8 ss
121	. ds o a
122	. ds d- d\h'-1'\(ga
123	. ds D- D\h'-1'\(hy
124	. ds th \o'bp'
125	. ds Th \o'LP'
126	. ds ae ae
127	. ds Ae AE
128	.\}
129	.rm #[ #] #H #V #F C
130	.\" ========================================================================
131	.\"
132	.IX Title "EVP_DigestSignInit 3"
133	.TH EVP_DigestSignInit 3 "2018-11-20" "1.0.2q" "OpenSSL"
134	.\" For nroff, turn off justification. Always turn off hyphenation; it makes
135	.\" way too many mistakes in technical documents.
136	.if n .ad l
137	.nh
138	.SH "NAME"
139	EVP_DigestSignInit, EVP_DigestSignUpdate, EVP_DigestSignFinal \- EVP signing functions
140	.SH "SYNOPSIS"
141	.IX Header "SYNOPSIS"
142	.Vb 1
143	\& #include <openssl/evp.h>
144	\&
145	\& int EVP_DigestSignInit(EVP_MD_CTX ctx, EVP_PKEY_CTX *pctx,
146	\& const EVP_MD type, ENGINE e, EVP_PKEY *pkey);
147	\& int EVP_DigestSignUpdate(EVP_MD_CTX ctx, const void d, size_t cnt);
148	\& int EVP_DigestSignFinal(EVP_MD_CTX ctx, unsigned char sig, size_t *siglen);
149	.Ve
150	.SH "DESCRIPTION"
151	.IX Header "DESCRIPTION"
152	The \s-1EVP\s0 signature routines are a high level interface to digital signatures.
153	.PP
154	\&\fIEVP_DigestSignInit()\fR sets up signing context \fBctx\fR to use digest \fBtype\fR from
155	\&\s-1ENGINE\s0 \fBimpl\fR and private key \fBpkey\fR. \fBctx\fR must be initialized with
156	\&\fIEVP_MD_CTX_init()\fR before calling this function. If \fBpctx\fR is not \s-1NULL,\s0 the
157	\&\s-1EVP_PKEY_CTX\s0 of the signing operation will be written to \fB*pctx\fR: this can
158	be used to set alternative signing options. Note that any existing value in
159	\&\fB*pctx\fR is overwritten. The \s-1EVP_PKEY_CTX\s0 value returned must not be freed
160	directly by the application (it will be freed automatically when the \s-1EVP_MD_CTX\s0
161	is freed). The digest \fBtype\fR may be \s-1NULL\s0 if the signing algorithm supports it.
162	.PP
163	\&\fIEVP_DigestSignUpdate()\fR hashes \fBcnt\fR bytes of data at \fBd\fR into the
164	signature context \fBctx\fR. This function can be called several times on the
165	same \fBctx\fR to include additional data. This function is currently implemented
166	usig a macro.
167	.PP
168	\&\fIEVP_DigestSignFinal()\fR signs the data in \fBctx\fR places the signature in \fBsig\fR.
169	If \fBsig\fR is \fB\s-1NULL\s0\fR then the maximum size of the output buffer is written to
170	the \fBsiglen\fR parameter. If \fBsig\fR is not \fB\s-1NULL\s0\fR then before the call the
171	\&\fBsiglen\fR parameter should contain the length of the \fBsig\fR buffer, if the
172	call is successful the signature is written to \fBsig\fR and the amount of data
173	written to \fBsiglen\fR.
174	.SH "RETURN VALUES"
175	.IX Header "RETURN VALUES"
176	\&\fIEVP_DigestSignInit()\fR \fIEVP_DigestSignUpdate()\fR and \fIEVP_DigestSignaFinal()\fR return
177	1 for success and 0 or a negative value for failure. In particular a return
178	value of \-2 indicates the operation is not supported by the public key
179	algorithm.
180	.PP
181	The error codes can be obtained from \fIERR_get_error\fR\\|(3).
182	.SH "NOTES"
183	.IX Header "NOTES"
184	The \fB\s-1EVP\s0\fR interface to digital signatures should almost always be used in
185	preference to the low level interfaces. This is because the code then becomes
186	transparent to the algorithm used and much more flexible.
187	.PP
188	In previous versions of OpenSSL there was a link between message digest types
189	and public key algorithms. This meant that \(L"clone\(R" digests such as \fIEVP_dss1()\fR
190	needed to be used to sign using \s-1SHA1\s0 and \s-1DSA.\s0 This is no longer necessary and
191	the use of clone digest is now discouraged.
192	.PP
193	For some key types and parameters the random number generator must be seeded
194	or the operation will fail.
195	.PP
196	The call to \fIEVP_DigestSignFinal()\fR internally finalizes a copy of the digest
197	context. This means that calls to \fIEVP_DigestSignUpdate()\fR and
198	\&\fIEVP_DigestSignFinal()\fR can be called later to digest and sign additional data.
199	.PP
200	Since only a copy of the digest context is ever finalized the context must
201	be cleaned up after use by calling \fIEVP_MD_CTX_cleanup()\fR or a memory leak
202	will occur.
203	.PP
204	The use of \fIEVP_PKEY_size()\fR with these functions is discouraged because some
205	signature operations may have a signature length which depends on the
206	parameters set. As a result \fIEVP_PKEY_size()\fR would have to return a value
207	which indicates the maximum possible signature for any set of parameters.
208	.SH "SEE ALSO"
209	.IX Header "SEE ALSO"
210	\&\fIEVP_DigestVerifyInit\fR\\|(3),
211	\&\fIEVP_DigestInit\fR\\|(3), \fIerr\fR\\|(3),
212	\&\fIevp\fR\\|(3), \fIhmac\fR\\|(3), \fImd2\fR\\|(3),
213	\&\fImd5\fR\\|(3), \fImdc2\fR\\|(3), \fIripemd\fR\\|(3),
214	\&\fIsha\fR\\|(3), \fIdgst\fR\\|(1)
215	.SH "HISTORY"
216	.IX Header "HISTORY"
217	\&\fIEVP_DigestSignInit()\fR, \fIEVP_DigestSignUpdate()\fR and \fIEVP_DigestSignFinal()\fR
218	were first added to OpenSSL 1.0.0.
Name	Value
svn:eol-style	native
svn:keywords	MidnightBSD=%H
svn:mime-type	text/plain