diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2006-07-08 11:13:01 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2006-07-08 11:13:01 +0000 |
commit | 64cee65ebc4a5a23d9f6d6f73cb25e78a80af5c2 (patch) | |
tree | 4032097fd1e2acd608d132fbc3ef83cce3c5b94c /doc | |
parent | ba544377fb48336b4e29fd494a7faf7c0ba6b1dc (diff) |
New docs.
Diffstat (limited to 'doc')
-rw-r--r-- | doc/crypto/EVP_PKEY_sign.pod | 2 | ||||
-rw-r--r-- | doc/crypto/EVP_PKEY_verifyrecover.pod | 71 |
2 files changed, 72 insertions, 1 deletions
diff --git a/doc/crypto/EVP_PKEY_sign.pod b/doc/crypto/EVP_PKEY_sign.pod index 63d41c9b05..98daf91541 100644 --- a/doc/crypto/EVP_PKEY_sign.pod +++ b/doc/crypto/EVP_PKEY_sign.pod @@ -2,7 +2,7 @@ =head1 NAME -EVP_PKEY_encrypt_init, EVP_PKEY_encrypt - encrypt using a public key algorithm +EVP_PKEY_sign_init, EVP_PKEY_sign - sign using a public key algorithm =head1 SYNOPSIS diff --git a/doc/crypto/EVP_PKEY_verifyrecover.pod b/doc/crypto/EVP_PKEY_verifyrecover.pod new file mode 100644 index 0000000000..a3d997aaaf --- /dev/null +++ b/doc/crypto/EVP_PKEY_verifyrecover.pod @@ -0,0 +1,71 @@ +=pod + +=head1 NAME + +EVP_PKEY_verifyrecover_init, EVP_PKEY_verifyrecover - recover signature using a public key algorithm + +=head1 SYNOPSIS + + #include <openssl/evp.h> + + int EVP_PKEY_verifyrecover_init(EVP_PKEY_CTX *ctx); + int EVP_PKEY_verifyrecover(EVP_PKEY_CTX *ctx, + unsigned char *rout, size_t *routlen, + const unsigned char *sig, size_t siglen); + +=head1 DESCRIPTION + +The EVP_PKEY_verifyrecover_init() function initializes a public key algorithm +context using key B<pkey> for a verify recover operation. + +The EVP_PKEY_verifyrecover() function recovers signed data +using B<ctx>. The signature is specified using the B<sig> and +B<siglen> parameters. If B<rout> is B<NULL> then the maximum size of the output +buffer is written to the B<routlen> parameter. If B<rout> is not B<NULL> then +before the call the B<routlen> parameter should contain the length of the +B<rout> buffer, if the call is successful recovered data is written to +B<rout> and the amount of data written to B<routlen>. + +=head1 NOTES + +Normally an application is only interested in whether a signature verification +operation is successful in those cases the EVP_verify() function should be +used. + +Sometimes however it is useful to obtain the data originally signed using a +signing operation. Only certain public key algorithms can recover a signature +in this way (for example RSA in PKCS padding mode). + +After the call to EVP_PKEY_verifyrecover_init() algorithm specific control +operations can be performed to set any appropriate parameters for the +operation. + +The function EVP_PKEY_verifyrecover() can be called more than once on the same +context if several operations are performed using the same parameters. + +=head1 RETURN VALUES + +EVP_PKEY_verifyrecover_init() and EVP_PKEY_verifyrecover() return 1 for success +and 0 or a negative value for failure. In particular a return value of -2 +indicates the operation is not supported by the public key algorithm. + +=head1 EXAMPLE + +Recover digest originally signed using PKCS#1 and SHA256 digest: + +[to be added] + +=head1 SEE ALSO + +L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>, +L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>, +L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>, +L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>, +L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>, +L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)> + +=head1 HISTORY + +These functions were first added to OpenSSL 0.9.9. + +=cut |