EVP_PKEY_verifyrecover.pod 3.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103
  1. =pod
  2. =head1 NAME
  3. EVP_PKEY_verifyrecover_init, EVP_PKEY_verifyrecover - recover signature using a public key algorithm
  4. =head1 SYNOPSIS
  5. #include <openssl/evp.h>
  6. int EVP_PKEY_verifyrecover_init(EVP_PKEY_CTX *ctx);
  7. int EVP_PKEY_verifyrecover(EVP_PKEY_CTX *ctx,
  8. unsigned char *rout, size_t *routlen,
  9. const unsigned char *sig, size_t siglen);
  10. =head1 DESCRIPTION
  11. The EVP_PKEY_verifyrecover_init() function initializes a public key algorithm
  12. context using key B<pkey> for a verify recover operation.
  13. The EVP_PKEY_verifyrecover() function recovers signed data
  14. using B<ctx>. The signature is specified using the B<sig> and
  15. B<siglen> parameters. If B<rout> is B<NULL> then the maximum size of the output
  16. buffer is written to the B<routlen> parameter. If B<rout> is not B<NULL> then
  17. before the call the B<routlen> parameter should contain the length of the
  18. B<rout> buffer, if the call is successful recovered data is written to
  19. B<rout> and the amount of data written to B<routlen>.
  20. =head1 NOTES
  21. Normally an application is only interested in whether a signature verification
  22. operation is successful in those cases the EVP_verify() function should be
  23. used.
  24. Sometimes however it is useful to obtain the data originally signed using a
  25. signing operation. Only certain public key algorithms can recover a signature
  26. in this way (for example RSA in PKCS padding mode).
  27. After the call to EVP_PKEY_verifyrecover_init() algorithm specific control
  28. operations can be performed to set any appropriate parameters for the
  29. operation.
  30. The function EVP_PKEY_verifyrecover() can be called more than once on the same
  31. context if several operations are performed using the same parameters.
  32. =head1 RETURN VALUES
  33. EVP_PKEY_verifyrecover_init() and EVP_PKEY_verifyrecover() return 1 for success
  34. and 0 or a negative value for failure. In particular a return value of -2
  35. indicates the operation is not supported by the public key algorithm.
  36. =head1 EXAMPLE
  37. Recover digest originally signed using PKCS#1 and SHA256 digest:
  38. #include <openssl/evp.h>
  39. #include <openssl/rsa.h>
  40. EVP_PKEY_CTX *ctx;
  41. unsigned char *rout, *sig;
  42. size_t routlen, siglen;
  43. EVP_PKEY *verify_key;
  44. /* NB: assumes verify_key, sig and siglen are already set up
  45. * and that verify_key is an RSA public key
  46. */
  47. ctx = EVP_PKEY_CTX_new(verify_key);
  48. if (!ctx)
  49. /* Error occurred */
  50. if (EVP_PKEY_verifyrecover_init(ctx) <= 0)
  51. /* Error */
  52. if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0)
  53. /* Error */
  54. if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) <= 0)
  55. /* Error */
  56. /* Determine buffer length */
  57. if (EVP_PKEY_verifyrecover(ctx, rout, &routlen, sig, siglen) <= 0)
  58. /* Error */
  59. rout = OPENSSL_malloc(routlen);
  60. if (!rout)
  61. /* malloc failure */
  62. if (EVP_PKEY_verifyrecover(ctx, rout, &routlen, sig, siglen) <= 0)
  63. /* Error */
  64. /* Recovered data is routlen bytes written to buffer rout */
  65. =head1 SEE ALSO
  66. L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
  67. L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
  68. L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
  69. L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
  70. L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
  71. L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
  72. =head1 HISTORY
  73. These functions were first added to OpenSSL 1.0.0.
  74. =cut