| Current Path : /usr/opt/openssl11/share/doc/openssl/html/man3/ |
FreeBSD hs32.drive.ne.jp 9.1-RELEASE FreeBSD 9.1-RELEASE #1: Wed Jan 14 12:18:08 JST 2015 root@hs32.drive.ne.jp:/sys/amd64/compile/hs32 amd64 |
| Current File : //usr/opt/openssl11/share/doc/openssl/html/man3/EVP_DigestSignUpdate.html |
<?xml version="1.0" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>EVP_DigestSignInit</title>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<link rev="made" href="mailto:root@hsxx.drive.ne.jp" />
</head>
<body style="background-color: white">
<!-- INDEX BEGIN -->
<div name="index">
<p><a name="__index__"></a></p>
<ul>
<li><a href="#name">NAME</a></li>
<li><a href="#synopsis">SYNOPSIS</a></li>
<li><a href="#description">DESCRIPTION</a></li>
<li><a href="#return_values">RETURN VALUES</a></li>
<li><a href="#notes">NOTES</a></li>
<li><a href="#see_also">SEE ALSO</a></li>
<li><a href="#history">HISTORY</a></li>
<li><a href="#copyright">COPYRIGHT</a></li>
</ul>
<hr name="index" />
</div>
<!-- INDEX END -->
<p>
</p>
<hr />
<h1><a name="name">NAME</a></h1>
<p>EVP_DigestSignInit, EVP_DigestSignUpdate, EVP_DigestSignFinal,
EVP_DigestSign - EVP signing functions</p>
<p>
</p>
<hr />
<h1><a name="synopsis">SYNOPSIS</a></h1>
<pre>
#include <openssl/evp.h></pre>
<pre>
int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen);</pre>
<pre>
int EVP_DigestSign(EVP_MD_CTX *ctx, unsigned char *sigret,
size_t *siglen, const unsigned char *tbs,
size_t tbslen);</pre>
<p>
</p>
<hr />
<h1><a name="description">DESCRIPTION</a></h1>
<p>The EVP signature routines are a high-level interface to digital signatures.</p>
<p><code>EVP_DigestSignInit()</code> sets up signing context <strong>ctx</strong> to use digest <strong>type</strong> from
ENGINE <strong>e</strong> and private key <strong>pkey</strong>. <strong>ctx</strong> must be created with
<code>EVP_MD_CTX_new()</code> before calling this function. If <strong>pctx</strong> is not NULL, the
EVP_PKEY_CTX of the signing operation will be written to <strong>*pctx</strong>: this can
be used to set alternative signing options. Note that any existing value in
<strong>*pctx</strong> is overwritten. The EVP_PKEY_CTX value returned must not be freed
directly by the application if <strong>ctx</strong> is not assigned an EVP_PKEY_CTX value before
being passed to <code>EVP_DigestSignInit()</code> (which means the EVP_PKEY_CTX is created
inside <code>EVP_DigestSignInit()</code> and it will be freed automatically when the
EVP_MD_CTX is freed).</p>
<p>The digest <strong>type</strong> may be NULL if the signing algorithm supports it.</p>
<p>No <strong>EVP_PKEY_CTX</strong> will be created by <code>EVP_DigestSignInit()</code> if the passed <strong>ctx</strong>
has already been assigned one via <em>EVP_MD_CTX_set_pkey_ctx(3)</em>. See also <em>SM2(7)</em>.</p>
<p>Only EVP_PKEY types that support signing can be used with these functions. This
includes MAC algorithms where the MAC generation is considered as a form of
"signing". Built-in EVP_PKEY types supported by these functions are CMAC,
Poly1305, DSA, ECDSA, HMAC, RSA, SipHash, Ed25519 and Ed448.</p>
<p>Not all digests can be used for all key types. The following combinations apply.</p>
<dl>
<dt><strong><a name="dsa" class="item">DSA</a></strong></dt>
<dd>
<p>Supports SHA1, SHA224, SHA256, SHA384 and SHA512</p>
</dd>
<dt><strong><a name="ecdsa" class="item">ECDSA</a></strong></dt>
<dd>
<p>Supports SHA1, SHA224, SHA256, SHA384, SHA512 and SM3</p>
</dd>
<dt><strong><a name="rsa_with_no_padding" class="item">RSA with no padding</a></strong></dt>
<dd>
<p>Supports no digests (the digest <strong>type</strong> must be NULL)</p>
</dd>
<dt><strong><a name="rsa_with_x931_padding" class="item">RSA with X931 padding</a></strong></dt>
<dd>
<p>Supports SHA1, SHA256, SHA384 and SHA512</p>
</dd>
<dt><strong><a name="all_other_rsa_padding_types" class="item">All other RSA padding types</a></strong></dt>
<dd>
<p>Support SHA1, SHA224, SHA256, SHA384, SHA512, MD5, MD5_SHA1, MD2, MD4, MDC2,
SHA3-224, SHA3-256, SHA3-384, SHA3-512</p>
</dd>
<dt><strong><a name="ed25519_and_ed448" class="item">Ed25519 and Ed448</a></strong></dt>
<dd>
<p>Support no digests (the digest <strong>type</strong> must be NULL)</p>
</dd>
<dt><strong><a name="hmac" class="item">HMAC</a></strong></dt>
<dd>
<p>Supports any digest</p>
</dd>
<dt><strong><a name="cmac_poly1305_and_siphash" class="item">CMAC, Poly1305 and SipHash</a></strong></dt>
<dd>
<p>Will ignore any digest provided.</p>
</dd>
</dl>
<p>If RSA-PSS is used and restrictions apply then the digest must match.</p>
<p><code>EVP_DigestSignUpdate()</code> hashes <strong>cnt</strong> bytes of data at <strong>d</strong> into the
signature context <strong>ctx</strong>. This function can be called several times on the
same <strong>ctx</strong> to include additional data. This function is currently implemented
using a macro.</p>
<p><code>EVP_DigestSignFinal()</code> signs the data in <strong>ctx</strong> and places the signature in <strong>sig</strong>.
If <strong>sig</strong> is <strong>NULL</strong> then the maximum size of the output buffer is written to
the <strong>siglen</strong> parameter. If <strong>sig</strong> is not <strong>NULL</strong> then before the call the
<strong>siglen</strong> parameter should contain the length of the <strong>sig</strong> buffer. If the
call is successful the signature is written to <strong>sig</strong> and the amount of data
written to <strong>siglen</strong>.</p>
<p><code>EVP_DigestSign()</code> signs <strong>tbslen</strong> bytes of data at <strong>tbs</strong> and places the
signature in <strong>sig</strong> and its length in <strong>siglen</strong> in a similar way to
<code>EVP_DigestSignFinal()</code>.</p>
<p>
</p>
<hr />
<h1><a name="return_values">RETURN VALUES</a></h1>
<p><code>EVP_DigestSignInit()</code>, <code>EVP_DigestSignUpdate()</code>, <code>EVP_DigestSignFinal()</code> and
<code>EVP_DigestSign()</code> return 1 for success and 0 for failure.</p>
<p>The error codes can be obtained from <em>ERR_get_error(3)</em>.</p>
<p>
</p>
<hr />
<h1><a name="notes">NOTES</a></h1>
<p>The <strong>EVP</strong> interface to digital signatures should almost always be used in
preference to the low-level interfaces. This is because the code then becomes
transparent to the algorithm used and much more flexible.</p>
<p><code>EVP_DigestSign()</code> is a one shot operation which signs a single block of data
in one function. For algorithms that support streaming it is equivalent to
calling <code>EVP_DigestSignUpdate()</code> and <code>EVP_DigestSignFinal()</code>. For algorithms which
do not support streaming (e.g. PureEdDSA) it is the only way to sign data.</p>
<p>In previous versions of OpenSSL there was a link between message digest types
and public key algorithms. This meant that "clone" digests such as EVP_dss1()
needed to be used to sign using SHA1 and DSA. This is no longer necessary and
the use of clone digest is now discouraged.</p>
<p>For some key types and parameters the random number generator must be seeded.
If the automatic seeding or reseeding of the OpenSSL CSPRNG fails due to
external circumstances (see <em>RAND(7)</em>), the operation will fail.</p>
<p>The call to <code>EVP_DigestSignFinal()</code> internally finalizes a copy of the digest
context. This means that calls to <code>EVP_DigestSignUpdate()</code> and
<code>EVP_DigestSignFinal()</code> can be called later to digest and sign additional data.</p>
<p>Since only a copy of the digest context is ever finalized, the context must
be cleaned up after use by calling <code>EVP_MD_CTX_free()</code> or a memory leak
will occur.</p>
<p>The use of <code>EVP_PKEY_size()</code> with these functions is discouraged because some
signature operations may have a signature length which depends on the
parameters set. As a result <code>EVP_PKEY_size()</code> would have to return a value
which indicates the maximum possible signature for any set of parameters.</p>
<p>
</p>
<hr />
<h1><a name="see_also">SEE ALSO</a></h1>
<p><em>EVP_DigestVerifyInit(3)</em>,
<em>EVP_DigestInit(3)</em>,
<em>evp(7)</em>, <a href="#hmac">HMAC(3)</a>, <em>MD2(3)</em>,
<em>MD5(3)</em>, <em>MDC2(3)</em>, <em>RIPEMD160(3)</em>,
<em>SHA1(3)</em>, <em>dgst(1)</em>,
<em>RAND(7)</em></p>
<p>
</p>
<hr />
<h1><a name="history">HISTORY</a></h1>
<p><code>EVP_DigestSignInit()</code>, <code>EVP_DigestSignUpdate()</code> and <code>EVP_DigestSignFinal()</code>
were added in OpenSSL 1.0.0.</p>
<p>
</p>
<hr />
<h1><a name="copyright">COPYRIGHT</a></h1>
<p>Copyright 2006-2020 The OpenSSL Project Authors. All Rights Reserved.</p>
<p>Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file LICENSE in the source distribution or at
<a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
</body>
</html>