EVP_SignInit(3)EVP_SignInit(3)NAME
EVP_SignInit, EVP_SignUpdate, EVP_SignFinal - EVP signing functions
SYNOPSIS
#include <openssl/evp.h>
void EVP_SignInit(
EVP_MD_CTX *ctx, const EVP_MD *type ); void EVP_SignUpdate(
EVP_MD_CTX *ctx, const void *d, unsigned int cnt ); int
EVP_SignFinal(
EVP_MD_CTX *ctx,unsigned char *sig,unsigned int *s, EVP_PKEY
*pkey ); int EVP_PKEY_size(
EVP_PKEY *pkey );
DESCRIPTION
The EVP signature routines are a high level interface to digital signa‐
tures.
The EVP_SignInit() function initializes a signing context ctx to using
digest type. This typically will be supplied by a function such as
EVP_sha1().
The EVP_SignUpdate() function hashes cnt bytes of data at d into the
signature context ctx. This function can be called several times on the
same ctx to include additional data.
The EVP_SignFinal() function signs the data in ctx using the private
key pkey and places the signature in sig. If the s parameter is not
NULL then the number of bytes of data written (i.e. the length of the
signature) will be written to the integer at s, at most
EVP_PKEY_size(pkey) bytes will be written. After calling EVP_SignFi‐
nal(), no additional calls to EVP_SignUpdate() can be made, but the
EVP_SignInit() function can be called to initialize a new signature
operation.
The EVP_PKEY_size() function returns the maximum size of a signature in
bytes. The actual signature returned by the EVP_SignFinal() function
may be smaller.
NOTES
The EVP interface to digital signatures should be used in preference to
the low level interfaces. This is because the code then becomes trans‐
parent to the algorithm used and much more flexible.
Due to the link between message digests and public key algorithms the
correct digest algorithm must be used with the correct public key type.
A list of algorithms and associated public key algorithms appears in
EVP_DigestInit(3).
When signing with DSA private keys the random number generator must be
seeded or the operation will fail. The random number generator does not
need to be seeded for RSA signatures.
RESTRICTIONS
Several of the functions do not return values. Although the internal
digest operations will never fail some future hardware based operations
might.
RETURN VALUES
The EVP_SignInit() and EVP_SignUpdate() functions do not return values.
The EVP_SignFinal() function returns 1 for success and 0 for failure.
The EVP_PKEY_size() function returns the maximum size of a signature in
bytes.
The error codes can be obtained by using ERR_get_error().
HISTORY
The EVP_SignInit(), EVP_SignUpdate(), and EVP_SignFinal() functions are
available in all versions of SSLeay and OpenSSL.
SEE ALSO
Commands: dgst(1)
Functions: EVP_VerifyInit(3), EVP_DigestInit(3), err(3), evp(3),
hmac(3), md2(3), md5(3), mdc2(3), ripemd(3), sha(3),
EVP_SignInit(3)