Add EVP signature with libctx methods.

[thirdparty/openssl.git] / doc / man3 / EVP_SignInit.pod

diff --git a/doc/man3/EVP_SignInit.pod b/doc/man3/EVP_SignInit.pod
index 13bba5b50701b2f487a300fd9ffe8dc66a2c6b68..f6165f0468b23996f1972ad77c362018ee515dc0 100644 (file)
--- a/doc/man3/EVP_SignInit.pod
+++ b/doc/man3/EVP_SignInit.pod
@@ -2,7 +2,8 @@
 
 =head1 NAME
 
-EVP_SignInit, EVP_SignInit_ex, EVP_SignUpdate, EVP_SignFinal
+EVP_SignInit, EVP_SignInit_ex, EVP_SignUpdate,
+EVP_SignFinal_with_libctx, EVP_SignFinal
 - EVP signing functions
 
 =head1 SYNOPSIS
@@ -11,7 +12,11 @@ EVP_SignInit, EVP_SignInit_ex, EVP_SignUpdate, EVP_SignFinal
 
  int EVP_SignInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
  int EVP_SignUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
- int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sig, unsigned int *s, EVP_PKEY *pkey);
+ int EVP_SignFinal_with_libctx(EVP_MD_CTX *ctx, unsigned char *md,
+                               unsigned int *s, EVP_PKEY *pkey,
+                               OPENSSL_CTX *libctx, const char *propq);
+ int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sig, unsigned int *s,
+                   EVP_PKEY *pkey);
 
  void EVP_SignInit(EVP_MD_CTX *ctx, const EVP_MD *type);
 
@@ -28,20 +33,25 @@ EVP_SignUpdate() hashes I<cnt> bytes of data at I<d> into the
 signature context I<ctx>. This function can be called several times on the
 same I<ctx> to include additional data.
 
-EVP_SignFinal() signs the data in I<ctx> using the private key I<pkey> and
-places the signature in I<sig>. I<sig> must be at least C<EVP_PKEY_size(pkey)>
-bytes in size. I<s> is an OUT parameter, and not used as an IN parameter.
+EVP_SignFinal_with_libctx() signs the data in I<ctx> using the private key
+I<pkey> and places the signature in I<sig>. The library context I<libctx> and
+property query I<propq> are used when creating a context to use with the key
+I<pkey>. I<sig> must be at least C<EVP_PKEY_size(pkey)> bytes in size. I<s> is
+an OUT parameter, and not used as an IN parameter.
 The number of bytes of data written (i.e. the length of the signature)
 will be written to the integer at I<s>, at most C<EVP_PKEY_size(pkey)> bytes
 will be written.
 
+EVP_SignFinal() is similar to EVP_SignFinal_with_libctx() but uses default
+values of NULL for the library context I<libctx> and the property query I<propq>.
+
 EVP_SignInit() initializes a signing context I<ctx> to use the default
 implementation of digest I<type>.
 
 =head1 RETURN VALUES
 
-EVP_SignInit_ex(), EVP_SignUpdate() and EVP_SignFinal() return 1
-for success and 0 for failure.
+EVP_SignInit_ex(), EVP_SignUpdate(), EVP_SignFinal_with_libctx() and
+EVP_SignFinal() return 1 for success and 0 for failure.
 
 The error codes can be obtained by L<ERR_get_error(3)>.
 
@@ -87,6 +97,10 @@ L<evp(7)>, L<HMAC(3)>, L<MD2(3)>,
 L<MD5(3)>, L<MDC2(3)>, L<RIPEMD160(3)>,
 L<SHA1(3)>, L<openssl-dgst(1)>
 
+=head1 HISTORY
+
+The function EVP_SignFinal_with_libctx() was added in OpenSSL 3.0.
+
 =head1 COPYRIGHT
 
 Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.