diff options
| author | Matt Caswell <matt@openssl.org> | 2018-08-23 11:37:22 +0100 |
|---|---|---|
| committer | Matt Caswell <matt@openssl.org> | 2018-09-04 11:16:05 +0100 |
| commit | f097e8759820f6f9b78adb99eb4bfced2945d623 (patch) | |
| tree | 206619aff64dffb7b3ab4dad4d2febede8393dad /doc | |
| parent | f273ff953abfafbb5fc4d68904469f862fbeae8a (diff) | |
Clarify the EVP_DigestSignInit docs
They did not make it clear how the memory management works for the |pctx|
parameter.
Fixes #7037
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7042)
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/man3/EVP_DigestSignInit.pod | 8 | ||||
| -rw-r--r-- | doc/man3/EVP_DigestVerifyInit.pod | 7 |
2 files changed, 10 insertions, 5 deletions
diff --git a/doc/man3/EVP_DigestSignInit.pod b/doc/man3/EVP_DigestSignInit.pod index 19198016e0..fe2be7bbf5 100644 --- a/doc/man3/EVP_DigestSignInit.pod +++ b/doc/man3/EVP_DigestSignInit.pod @@ -24,10 +24,12 @@ The EVP signature routines are a high level interface to digital signatures. EVP_DigestSignInit() sets up signing context B<ctx> to use digest B<type> from ENGINE B<e> and private key B<pkey>. B<ctx> must be created with -EVP_MD_CTX_new() before calling this function. If B<pctx> is not NULL the +EVP_MD_CTX_new() before calling this function. If B<pctx> is not NULL, the EVP_PKEY_CTX of the signing operation will be written to B<*pctx>: this can -be used to set alternative signing options. The digest B<type> may be NULL if -the signing algorithm supports it. +be used to set alternative signing options. Note that any existing value in +B<*pctx> is overwritten. The EVP_PKEY_CTX value returned must not be freed +directly by the application (it will be freed automatically when the EVP_MD_CTX +is freed). The digest B<type> may be NULL if the signing algorithm supports it. Only EVP_PKEY types that support signing can be used with these functions. This includes MAC algorithms where the MAC generation is considered as a form of diff --git a/doc/man3/EVP_DigestVerifyInit.pod b/doc/man3/EVP_DigestVerifyInit.pod index e24a925cfb..0d25debcb1 100644 --- a/doc/man3/EVP_DigestVerifyInit.pod +++ b/doc/man3/EVP_DigestVerifyInit.pod @@ -23,9 +23,12 @@ The EVP signature routines are a high level interface to digital signatures. EVP_DigestVerifyInit() sets up verification context B<ctx> to use digest B<type> from ENGINE B<e> and public key B<pkey>. B<ctx> must be created -with EVP_MD_CTX_new() before calling this function. If B<pctx> is not NULL the +with EVP_MD_CTX_new() before calling this function. If B<pctx> is not NULL, the EVP_PKEY_CTX of the verification operation will be written to B<*pctx>: this -can be used to set alternative verification options. +can be used to set alternative verification options. Note that any existing +value in B<*pctx> is overwritten. The EVP_PKEY_CTX value returned must not be +freed directly by the application (it will be freed automatically when the +EVP_MD_CTX is freed). EVP_DigestVerifyUpdate() hashes B<cnt> bytes of data at B<d> into the verification context B<ctx>. This function can be called several times on the |