projects / thirdparty / openssl.git / blame
| Commit | Line | Data |
|---|---|---|
| 6535bd42 DSH |
1 | =pod |
| 2 | ||
| 3 | =head1 NAME | |
| 4 | ||
| 5 | EVP_PKEY_verify_init, EVP_PKEY_verify - signature verification using a public key algorithm | |
| 6 | ||
| 7 | =head1 SYNOPSIS | |
| 8 | ||
| 9 | #include <openssl/evp.h> | |
| 10 | ||
| 11 | int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx); | |
| 12 | int EVP_PKEY_verify(EVP_PKEY_CTX *ctx, | |
| 13 | const unsigned char *sig, size_t siglen, | |
| 14 | const unsigned char *tbs, size_t tbslen); | |
| 15 | ||
| 16 | =head1 DESCRIPTION | |
| 17 | ||
| 18 | The EVP_PKEY_verify_init() function initializes a public key algorithm | |
| 19 | context using key B<pkey> for a signature verification operation. | |
| 20 | ||
| 21 | The EVP_PKEY_verify() function performs a public key verification operation | |
| 22 | using B<ctx>. The signature is specified using the B<sig> and | |
| 23 | B<siglen> parameters. The verified data (i.e. the data believed originally | |
| 24 | signed) is specified using the B<tbs> and B<tbslen> parameters. | |
| 25 | ||
| 26 | =head1 NOTES | |
| 27 | ||
| 28 | After the call to EVP_PKEY_verify_init() algorithm specific control | |
| 29 | operations can be performed to set any appropriate parameters for the | |
| 30 | operation. | |
| 31 | ||
| 32 | The function EVP_PKEY_verify() can be called more than once on the same | |
| 33 | context if several operations are performed using the same parameters. | |
| 34 | ||
| 35 | =head1 RETURN VALUES | |
| 36 | ||
| 37 | EVP_PKEY_verify_init() and EVP_PKEY_verify() return 1 if the verification | |
| 38 | was successful and 0 if it failed. Unlike other functions the return value | |
| 39 | 0 only indicates that the signature did not not verify successfully (that is | |
| 40 | tbs did not match the original data or the signature was of invalid form) | |
| 41 | it is not an indication of a more serious error. | |
| 42 | ||
| 43 | A negative value indicates an error other that signature verification failure. | |
| 44 | In particular a return value of -2 indicates the operation is not supported by | |
| 45 | the public key algorithm. | |
| 46 | ||
| 47 | =head1 EXAMPLE | |
| 48 | ||
| 49 | Verify signature using PKCS#1 and SHA256 digest: | |
| 50 | ||
| 51 | [to be added] | |
| 52 | ||
| 53 | =head1 SEE ALSO | |
| 54 | ||
| 55 | L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>, | |
| 56 | L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>, | |
| 57 | L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>, | |
| 58 | L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>, | |
| 59 | L<EVP_PKEY_verifyrecover(3)|EVP_PKEY_verifyrecover(3)>, | |
| 60 | L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)> | |
| 61 | ||
| 62 | =head1 HISTORY | |
| 63 | ||
| 64 | These functions were first added to OpenSSL 0.9.9. | |
| 65 | ||
| 66 | =cut |