1 .\" $OpenBSD: EVP_DigestVerifyInit.3,v 1.5 2018/03/23 04:34:23 schwarze Exp $
2 .\" OpenSSL fb552ac6 Sep 30 23:43:01 2009 +0000
4 .\" This file was written by Dr. Stephen Henson <steve@openssl.org>.
5 .\" Copyright (c) 2006, 2009, 2014, 2015, 2016 The OpenSSL Project.
6 .\" All rights reserved.
8 .\" Redistribution and use in source and binary forms, with or without
9 .\" modification, are permitted provided that the following conditions
12 .\" 1. Redistributions of source code must retain the above copyright
13 .\" notice, this list of conditions and the following disclaimer.
15 .\" 2. Redistributions in binary form must reproduce the above copyright
16 .\" notice, this list of conditions and the following disclaimer in
17 .\" the documentation and/or other materials provided with the
20 .\" 3. All advertising materials mentioning features or use of this
21 .\" software must display the following acknowledgment:
22 .\" "This product includes software developed by the OpenSSL Project
23 .\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
25 .\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 .\" endorse or promote products derived from this software without
27 .\" prior written permission. For written permission, please contact
28 .\" openssl-core@openssl.org.
30 .\" 5. Products derived from this software may not be called "OpenSSL"
31 .\" nor may "OpenSSL" appear in their names without prior written
32 .\" permission of the OpenSSL Project.
34 .\" 6. Redistributions of any form whatsoever must retain the following
36 .\" "This product includes software developed by the OpenSSL Project
37 .\" for use in the OpenSSL Toolkit (http://www.openssl.org/)"
39 .\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 .\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 .\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 .\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 .\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 .\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 .\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 .\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
52 .Dd $Mdocdate: March 23 2018 $
53 .Dt EVP_DIGESTVERIFYINIT 3
56 .Nm EVP_DigestVerifyInit ,
57 .Nm EVP_DigestVerifyUpdate ,
58 .Nm EVP_DigestVerifyFinal
59 .Nd EVP signature verification functions
63 .Fo EVP_DigestVerifyInit
65 .Fa "EVP_PKEY_CTX **pctx"
66 .Fa "const EVP_MD *type"
71 .Fo EVP_DigestVerifyUpdate
77 .Fo EVP_DigestVerifyFinal
79 .Fa "unsigned char *sig"
83 The EVP signature routines are a high level interface to digital
86 .Fn EVP_DigestVerifyInit
87 sets up verification context
97 must be initialized with
99 before calling this function.
106 of the verification operation will be written to
108 this can be used to set alternative verification options.
110 .Fn EVP_DigestVerifyUpdate
115 into the verification context
117 This function can be called several times on the same
119 to include additional data.
120 This function is currently implemented using a macro.
122 .Fn EVP_DigestVerifyFinal
125 against the signature in
130 The EVP interface to digital signatures should almost always be
131 used in preference to the low level interfaces.
132 This is because the code then becomes transparent to the algorithm used
133 and much more flexible.
135 In previous versions of OpenSSL, there was a link between message digest
136 types and public key algorithms.
137 This meant that "clone" digests such as
139 needed to be used to sign using SHA1 and DSA.
140 This is no longer necessary and the use of clone digest is now
144 .Fn EVP_DigestVerifyFinal
145 internally finalizes a copy of the digest context.
147 .Xr EVP_VerifyUpdate 3
149 .Xr EVP_VerifyFinal 3
150 can be called later to digest and verify additional data.
152 Since only a copy of the digest context is ever finalized, the context
153 must be cleaned up after use by calling
154 .Xr EVP_MD_CTX_cleanup 3
155 or a memory leak will occur.
157 .Fn EVP_DigestVerifyInit
159 .Fn EVP_DigestVerifyUpdate
160 return 1 for success and 0 or a negative value for failure.
161 In particular a return value of -2 indicates the operation is not
162 supported by the public key algorithm.
164 .Fn EVP_DigestVerifyFinal
165 returns 1 for success; any other value indicates failure.
166 A return value of 0 indicates that the signature did not verify
167 successfully (that is, the signature did not match the original
168 data or the signature had an invalid form), while other values
169 indicate a more serious error (and sometimes also indicate an invalid
172 The error codes can be obtained from
173 .Xr ERR_get_error 3 .
177 .Xr EVP_DigestInit 3 ,
178 .Xr EVP_DigestSignInit 3 ,
179 .Xr EVP_PKEY_meth_set_verifyctx 3
181 .Fn EVP_DigestVerifyInit ,
182 .Fn EVP_DigestVerifyUpdate ,
184 .Fn EVP_DigestVerifyFinal
185 first appeared in OpenSSL 1.0.0 and have been available since