This document is a Mac OS X manual page. Manual pages are a command-line technology for providing documentation. You can view these manual pages locally using the man(1) command. These manual pages come from many different sources, and thus, have a variety of writing styles.

This manual page is associated with the Mac OS X developer tools. The software or headers described may not be present on your Mac OS X installation until you install the developer tools package. This package is available on your Mac OS X installation DVD, and the latest versions can be downloaded from developer.apple.com.

For more information about the manual page format, see the manual page for manpages(5).

EVP_VerifyInit(3)                                  OpenSSL                                 EVP_VerifyInit(3)



NAME
       EVP_VerifyInit, EVP_VerifyUpdate, EVP_VerifyFinal - EVP signature verification functions

SYNOPSIS
        #include <openssl/evp.h>

        int EVP_VerifyInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);
        int EVP_VerifyUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
        int EVP_VerifyFinal(EVP_MD_CTX *ctx,unsigned char *sigbuf, unsigned int siglen,EVP_PKEY *pkey);

        int EVP_VerifyInit(EVP_MD_CTX *ctx, const EVP_MD *type);

DESCRIPTION
       The EVP signature verification routines are a high level interface to digital signatures.

       EVP_VerifyInit_ex() sets up verification context ctx to use digest type from ENGINE impl. ctx must be
       initialized by calling EVP_MD_CTX_init() before calling this function.

       EVP_VerifyUpdate() hashes cnt bytes of data at d into the verification context ctx. This function can
       be called several times on the same ctx to include additional data.

       EVP_VerifyFinal() verifies the data in ctx using the public key pkey and against the siglen bytes at
       sigbuf.

       EVP_VerifyInit() initializes verification context ctx to use the default implementation of digest
       type.

RETURN VALUES
       EVP_VerifyInit_ex() and EVP_VerifyUpdate() return 1 for success and 0 for failure.

       EVP_VerifyFinal() returns 1 for a correct signature, 0 for failure and -1 if some other error
       occurred.

       The error codes can be obtained by ERR_get_error(3).

NOTES
       The EVP interface to digital signatures should almost always be used in preference to the low level
       interfaces. This is because the code then becomes transparent to the algorithm used and much more
       flexible.

       Due to the link between message digests and public key algorithms the correct digest algorithm must
       be used with the correct public key type. A list of algorithms and associated public key algorithms
       appears in EVP_DigestInit(3).

       The call to EVP_VerifyFinal() internally finalizes a copy of the digest context.  This means that
       calls to EVP_VerifyUpdate() and EVP_VerifyFinal() can be called later to digest and verify additional
       data.

       Since only a copy of the digest context is ever finalized the context must be cleaned up after use by
       calling EVP_MD_CTX_cleanup() or a memory leak will occur.

BUGS
       Older versions of this documentation wrongly stated that calls to EVP_VerifyUpdate() could not be
       made after calling EVP_VerifyFinal().

SEE ALSO
       evp(3), EVP_SignInit(3), EVP_DigestInit(3), err(3), evp(3), hmac(3), md2(3), md5(3), mdc2(3),
       ripemd(3), sha(3), dgst(1)

HISTORY
       EVP_VerifyInit(), EVP_VerifyUpdate() and EVP_VerifyFinal() are available in all versions of SSLeay
       and OpenSSL.

       EVP_VerifyInit_ex() was added in OpenSSL 0.9.7



0.9.7l                                           2002-07-10                                EVP_VerifyInit(3)