]>
Commit | Line | Data |
---|---|---|
6535bd42 DSH |
1 | =pod |
2 | ||
3 | =head1 NAME | |
4 | ||
5 | EVP_PKEY_verify_init, EVP_PKEY_verify - signature verification using a public key algorithm | |
6 | ||
7 | =head1 SYNOPSIS | |
8 | ||
9 | #include <openssl/evp.h> | |
10 | ||
11 | int EVP_PKEY_verify_init(EVP_PKEY_CTX *ctx); | |
12 | int EVP_PKEY_verify(EVP_PKEY_CTX *ctx, | |
13 | const unsigned char *sig, size_t siglen, | |
14 | const unsigned char *tbs, size_t tbslen); | |
15 | ||
16 | =head1 DESCRIPTION | |
17 | ||
18 | The EVP_PKEY_verify_init() function initializes a public key algorithm | |
19 | context using key B<pkey> for a signature verification operation. | |
20 | ||
21 | The EVP_PKEY_verify() function performs a public key verification operation | |
22 | using B<ctx>. The signature is specified using the B<sig> and | |
23 | B<siglen> parameters. The verified data (i.e. the data believed originally | |
24 | signed) is specified using the B<tbs> and B<tbslen> parameters. | |
25 | ||
26 | =head1 NOTES | |
27 | ||
28 | After the call to EVP_PKEY_verify_init() algorithm specific control | |
29 | operations can be performed to set any appropriate parameters for the | |
30 | operation. | |
31 | ||
32 | The function EVP_PKEY_verify() can be called more than once on the same | |
33 | context if several operations are performed using the same parameters. | |
34 | ||
35 | =head1 RETURN VALUES | |
36 | ||
37 | EVP_PKEY_verify_init() and EVP_PKEY_verify() return 1 if the verification | |
38 | was successful and 0 if it failed. Unlike other functions the return value | |
39 | 0 only indicates that the signature did not not verify successfully (that is | |
40 | tbs did not match the original data or the signature was of invalid form) | |
41 | it is not an indication of a more serious error. | |
42 | ||
43 | A negative value indicates an error other that signature verification failure. | |
44 | In particular a return value of -2 indicates the operation is not supported by | |
45 | the public key algorithm. | |
46 | ||
47 | =head1 EXAMPLE | |
48 | ||
49 | Verify signature using PKCS#1 and SHA256 digest: | |
50 | ||
51 | [to be added] | |
52 | ||
53 | =head1 SEE ALSO | |
54 | ||
55 | L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>, | |
56 | L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>, | |
57 | L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>, | |
58 | L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>, | |
59 | L<EVP_PKEY_verifyrecover(3)|EVP_PKEY_verifyrecover(3)>, | |
60 | L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)> | |
61 | ||
62 | =head1 HISTORY | |
63 | ||
64 | These functions were first added to OpenSSL 0.9.9. | |
65 | ||
66 | =cut |