]>
Commit | Line | Data |
---|---|---|
f7173262 DSH |
1 | =pod |
2 | ||
3 | =head1 NAME | |
4 | ||
c952780c | 5 | EVP_PKEY_size, |
6a2da303 PY |
6 | EVP_SignInit, EVP_SignInit_ex, EVP_SignUpdate, EVP_SignFinal, |
7 | EVP_PKEY_security_bits - EVP signing | |
3d866ea6 | 8 | functions |
f7173262 DSH |
9 | |
10 | =head1 SYNOPSIS | |
11 | ||
12 | #include <openssl/evp.h> | |
13 | ||
3811eed8 DSH |
14 | int EVP_SignInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl); |
15 | int EVP_SignUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt); | |
aebb9aac | 16 | int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sig, unsigned int *s, EVP_PKEY *pkey); |
f7173262 | 17 | |
3811eed8 DSH |
18 | void EVP_SignInit(EVP_MD_CTX *ctx, const EVP_MD *type); |
19 | ||
47ec2367 | 20 | int EVP_PKEY_size(const EVP_PKEY *pkey); |
6a2da303 | 21 | int EVP_PKEY_security_bits(const EVP_PKEY *pkey); |
f7173262 DSH |
22 | |
23 | =head1 DESCRIPTION | |
24 | ||
25 | The EVP signature routines are a high level interface to digital | |
26 | signatures. | |
27 | ||
3811eed8 | 28 | EVP_SignInit_ex() sets up signing context B<ctx> to use digest |
25191fff RL |
29 | B<type> from ENGINE B<impl>. B<ctx> must be created with |
30 | EVP_MD_CTX_new() before calling this function. | |
f7173262 DSH |
31 | |
32 | EVP_SignUpdate() hashes B<cnt> bytes of data at B<d> into the | |
c8973693 | 33 | signature context B<ctx>. This function can be called several times on the |
f7173262 DSH |
34 | same B<ctx> to include additional data. |
35 | ||
e27a2596 | 36 | EVP_SignFinal() signs the data in B<ctx> using the private key B<pkey> and |
6e6ba36d | 37 | places the signature in B<sig>. B<sig> must be at least EVP_PKEY_size(pkey) |
1afd7fa9 | 38 | bytes in size. B<s> is an OUT parameter, and not used as an IN parameter. |
6e6ba36d JW |
39 | The number of bytes of data written (i.e. the length of the signature) |
40 | will be written to the integer at B<s>, at most EVP_PKEY_size(pkey) bytes | |
41 | will be written. | |
3811eed8 DSH |
42 | |
43 | EVP_SignInit() initializes a signing context B<ctx> to use the default | |
44 | implementation of digest B<type>. | |
f7173262 DSH |
45 | |
46 | EVP_PKEY_size() returns the maximum size of a signature in bytes. The actual | |
47 | signature returned by EVP_SignFinal() may be smaller. | |
48 | ||
6a2da303 PY |
49 | EVP_PKEY_security_bits() returns the number of security bits of the given B<pkey>, |
50 | bits of security is defined in NIST SP800-57. | |
51 | ||
f7173262 DSH |
52 | =head1 RETURN VALUES |
53 | ||
3811eed8 DSH |
54 | EVP_SignInit_ex(), EVP_SignUpdate() and EVP_SignFinal() return 1 |
55 | for success and 0 for failure. | |
f7173262 DSH |
56 | |
57 | EVP_PKEY_size() returns the maximum size of a signature in bytes. | |
58 | ||
9b86974e | 59 | The error codes can be obtained by L<ERR_get_error(3)>. |
f7173262 | 60 | |
6a2da303 PY |
61 | EVP_PKEY_security_bits() returns the number of security bits. |
62 | ||
f7173262 DSH |
63 | =head1 NOTES |
64 | ||
65 | The B<EVP> interface to digital signatures should almost always be used in | |
66 | preference to the low level interfaces. This is because the code then becomes | |
67 | transparent to the algorithm used and much more flexible. | |
68 | ||
262c0088 DMSP |
69 | When signing with DSA private keys the random number generator must be seeded. |
70 | If the automatic seeding or reseeding of the OpenSSL CSPRNG fails due to | |
71 | external circumstances (see L<RAND(7)>), the operation will fail. | |
72 | This requirement does not hold for RSA signatures. | |
f7173262 | 73 | |
3811eed8 DSH |
74 | The call to EVP_SignFinal() internally finalizes a copy of the digest context. |
75 | This means that calls to EVP_SignUpdate() and EVP_SignFinal() can be called | |
76 | later to digest and sign additional data. | |
77 | ||
78 | Since only a copy of the digest context is ever finalized the context must | |
c12a2d27 | 79 | be cleaned up after use by calling EVP_MD_CTX_free() or a memory leak |
3811eed8 DSH |
80 | will occur. |
81 | ||
f7173262 DSH |
82 | =head1 BUGS |
83 | ||
1bc74519 | 84 | Older versions of this documentation wrongly stated that calls to |
3811eed8 | 85 | EVP_SignUpdate() could not be made after calling EVP_SignFinal(). |
f7173262 | 86 | |
29cf84c6 DSH |
87 | Since the private key is passed in the call to EVP_SignFinal() any error |
88 | relating to the private key (for example an unsuitable key and digest | |
89 | combination) will not be indicated until after potentially large amounts of | |
90 | data have been passed through EVP_SignUpdate(). | |
91 | ||
92 | It is not possible to change the signing parameters using these function. | |
93 | ||
94 | The previous two bugs are fixed in the newer EVP_SignDigest*() function. | |
95 | ||
f7173262 DSH |
96 | =head1 SEE ALSO |
97 | ||
9b86974e | 98 | L<EVP_VerifyInit(3)>, |
73fb82b7 | 99 | L<EVP_DigestInit(3)>, |
b97fdb57 RL |
100 | L<evp(7)>, L<HMAC(3)>, L<MD2(3)>, |
101 | L<MD5(3)>, L<MDC2(3)>, L<RIPEMD160(3)>, | |
102 | L<SHA1(3)>, L<dgst(1)> | |
f7173262 | 103 | |
e2f92610 RS |
104 | =head1 COPYRIGHT |
105 | ||
c4d3c19b | 106 | Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved. |
e2f92610 | 107 | |
4746f25a | 108 | Licensed under the Apache License 2.0 (the "License"). You may not use |
e2f92610 RS |
109 | this file except in compliance with the License. You can obtain a copy |
110 | in the file LICENSE in the source distribution or at | |
111 | L<https://www.openssl.org/source/license.html>. | |
112 | ||
113 | =cut |