1EVP_DigestSignInit(3)               OpenSSL              EVP_DigestSignInit(3)
2
3
4

NAME

6       EVP_DigestSignInit, EVP_DigestSignUpdate, EVP_DigestSignFinal - EVP
7       signing functions
8

SYNOPSIS

10        #include <openssl/evp.h>
11
12        int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
13                               const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
14        int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);
15        int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen);
16

DESCRIPTION

18       The EVP signature routines are a high level interface to digital
19       signatures.
20
21       EVP_DigestSignInit() sets up signing context ctx to use digest type
22       from ENGINE impl and private key pkey. ctx must be initialized with
23       EVP_MD_CTX_init() before calling this function. If pctx is not NULL the
24       EVP_PKEY_CTX of the signing operation will be written to *pctx: this
25       can be used to set alternative signing options.
26
27       EVP_DigestSignUpdate() hashes cnt bytes of data at d into the signature
28       context ctx. This function can be called several times on the same ctx
29       to include additional data. This function is currently implemented usig
30       a macro.
31
32       EVP_DigestSignFinal() signs the data in ctx places the signature in
33       sig.  If sig is NULL then the maximum size of the output buffer is
34       written to the siglen parameter. If sig is not NULL then before the
35       call the siglen parameter should contain the length of the sig buffer,
36       if the call is successful the signature is written to sig and the
37       amount of data written to siglen.
38

RETURN VALUES

40       EVP_DigestSignInit() EVP_DigestSignUpdate() and EVP_DigestSignaFinal()
41       return 1 for success and 0 or a negative value for failure. In
42       particular a return value of -2 indicates the operation is not
43       supported by the public key algorithm.
44
45       The error codes can be obtained from ERR_get_error(3).
46

NOTES

48       The EVP interface to digital signatures should almost always be used in
49       preference to the low level interfaces. This is because the code then
50       becomes transparent to the algorithm used and much more flexible.
51
52       In previous versions of OpenSSL there was a link between message digest
53       types and public key algorithms. This meant that "clone" digests such
54       as EVP_dss1() needed to be used to sign using SHA1 and DSA. This is no
55       longer necessary and the use of clone digest is now discouraged.
56
57       For some key types and parameters the random number generator must be
58       seeded or the operation will fail.
59
60       The call to EVP_DigestSignFinal() internally finalizes a copy of the
61       digest context. This means that calls to EVP_DigestSignUpdate() and
62       EVP_DigestSignFinal() can be called later to digest and sign additional
63       data.
64
65       Since only a copy of the digest context is ever finalized the context
66       must be cleaned up after use by calling EVP_MD_CTX_cleanup() or a
67       memory leak will occur.
68
69       The use of EVP_PKEY_size() with these functions is discouraged because
70       some signature operations may have a signature length which depends on
71       the parameters set. As a result EVP_PKEY_size() would have to return a
72       value which indicates the maximum possible signature for any set of
73       parameters.
74

SEE ALSO

76       EVP_DigestVerifyInit(3), EVP_DigestInit(3), err(3), evp(3), hmac(3),
77       md2(3), md5(3), mdc2(3), ripemd(3), sha(3), dgst(1)
78

HISTORY

80       EVP_DigestSignInit(), EVP_DigestSignUpdate() and EVP_DigestSignFinal()
81       were first added to OpenSSL 1.0.0.
82
83
84
851.0.2o                            2020-01-28             EVP_DigestSignInit(3)
Impressum