Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
29cf84c6
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
1 年多 前同步成功
通知
9
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
29cf84c6
编写于
7月 12, 2006
作者:
D
Dr. Stephen Henson
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
New docs for EVP_Digest{Sign,Verify}*() function. Update existing docs.
上级
e4549295
变更
8
隐藏空白更改
内联
并排
Showing
8 changed file
with
203 addition
and
17 deletion
+203
-17
crypto/evp/bio_md.c
crypto/evp/bio_md.c
+3
-7
crypto/evp/evp.h
crypto/evp/evp.h
+2
-5
doc/crypto/BIO_f_md.pod
doc/crypto/BIO_f_md.pod
+6
-0
doc/crypto/EVP_DigestSignInit.pod
doc/crypto/EVP_DigestSignInit.pod
+87
-0
doc/crypto/EVP_DigestVerifyInit.pod
doc/crypto/EVP_DigestVerifyInit.pod
+82
-0
doc/crypto/EVP_PKEY_verify.pod
doc/crypto/EVP_PKEY_verify.pod
+5
-5
doc/crypto/EVP_SignInit.pod
doc/crypto/EVP_SignInit.pod
+9
-0
doc/crypto/EVP_VerifyInit.pod
doc/crypto/EVP_VerifyInit.pod
+9
-0
未找到文件。
crypto/evp/bio_md.c
浏览文件 @
29cf84c6
...
...
@@ -192,13 +192,9 @@ static long md_ctrl(BIO *b, int cmd, long num, void *ptr)
ret
=
0
;
break
;
case
BIO_C_GET_MD_CTX
:
if
(
b
->
init
)
{
pctx
=
ptr
;
*
pctx
=
ctx
;
}
else
ret
=
0
;
pctx
=
ptr
;
*
pctx
=
ctx
;
b
->
init
=
1
;
break
;
case
BIO_C_DO_STATE_MACHINE
:
BIO_clear_retry_flags
(
b
);
...
...
crypto/evp/evp.h
浏览文件 @
29cf84c6
...
...
@@ -453,11 +453,8 @@ typedef int (EVP_PBE_KEYGEN)(EVP_CIPHER_CTX *ctx, const char *pass, int passlen,
#define EVP_VerifyUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
#define EVP_OpenUpdate(a,b,c,d,e) EVP_DecryptUpdate(a,b,c,d,e)
#define EVP_SealUpdate(a,b,c,d,e) EVP_EncryptUpdate(a,b,c,d,e)
#define EVP_SignDigestUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
#define EVP_VerifyDigestUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
#define EVP_DigestSignUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
#define EVP_DigestVerifyUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
#define EVP_DigestSignUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
#define EVP_DigestVerifyUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
#ifdef CONST_STRICT
void
BIO_set_md
(
BIO
*
,
const
EVP_MD
*
md
);
...
...
doc/crypto/BIO_f_md.pod
浏览文件 @
29cf84c6
...
...
@@ -58,6 +58,12 @@ If an application needs to call BIO_gets() or BIO_puts() through
a chain containing digest BIOs then this can be done by prepending
a buffering BIO.
Before OpenSSL 0.9.9 the call to BIO_get_md_ctx() would only work if the BIO
had been initialized for example by calling BIO_set_md() ). In OpenSSL
0.9.9 and later the context is always returned and the BIO is state is set
to initialized. This allows applications to initialize the context externally
if the standard calls such as BIO_set_md() are not sufficiently flexible.
=head1 RETURN VALUES
BIO_f_md() returns the digest BIO method.
...
...
doc/crypto/EVP_DigestSignInit.pod
0 → 100644
浏览文件 @
29cf84c6
=pod
=head1 NAME
EVP_DigestSignInit, EVP_DigestSignUpdate, EVP_DigestSignFinal - EVP signing functions
=head1 SYNOPSIS
#include <openssl/evp.h>
int EVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen);
=head1 DESCRIPTION
The EVP signature routines are a high level interface to digital signatures.
EVP_DigestSignInit() sets up signing context B<ctx> to use digest B<type> from
ENGINE B<impl> and private key B<pkey>. B<ctx> must be initialized with
EVP_MD_CTX_init() before calling this function. If B<pctx> is not NULL the
EVP_PKEY_CTX of the signing operation will be written to B<*pctx>: this can
be used to set alternative signing options.
EVP_DigestSignUpdate() hashes B<cnt> bytes of data at B<d> into the
signature context B<ctx>. This function can be called several times on the
same B<ctx> to include additional data. This function is currently implemented
usig a macro.
EVP_DigestSignFinal() signs the data in B<ctx> places the signature in B<sig>.
If B<sig> is B<NULL> then the maximum size of the output buffer is written to
the B<siglen> parameter. If B<sig> is not B<NULL> then before the call the
B<siglen> parameter should contain the length of the B<sig> buffer, if the
call is successful the signature is written to B<sig> and the amount of data
written to B<siglen>.
=head1 RETURN VALUES
EVP_DigestSignInit() EVP_DigestSignUpdate() and EVP_DigestSignaFinal() return
1 for success and 0 or a negative value for failure. In particular a return
value of -2 indicates the operation is not supported by the public key
algorithm.
The error codes can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>.
=head1 NOTES
The B<EVP> interface to digital signatures should almost always be used in
preference to the low level interfaces. This is because the code then becomes
transparent to the algorithm used and much more flexible.
In previous versions of OpenSSL there was a link between message digest types
and public key algorithms. This meant that "clone" digests such as EVP_dss1()
needed to be used to sign using SHA1 and DSA. This is no longer necessary and
the use of clone digest is now discouraged.
For some key types and parameters the random number generator must be seeded
or the operation will fail.
The call to EVP_DigestSignFinal() internally finalizes a copy of the digest
context. This means that calls to EVP_DigestSignUpdate() and
EVP_DigestSignFinal() can be called later to digest and sign additional data.
Since only a copy of the digest context is ever finalized the context must
be cleaned up after use by calling EVP_MD_CTX_cleanup() or a memory leak
will occur.
The use of EVP_PKEY_size() with these functions is discouraged because some
signature operations may have a signature length which depends on the
parameters set. As a result EVP_PKEY_size() would have to return a value
which indicates the maximum possible signature for any set of parameters.
=head1 SEE ALSO
L<EVP_DigestVerifyInit(3)|EVP_DigestVerifyInit(3)>,
L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
=head1 HISTORY
EVP_DigestSignInit(), EVP_DigestSignUpdate() and EVP_DigestSignFinal()
were first added to OpenSSL 0.9.9.
=cut
doc/crypto/EVP_DigestVerifyInit.pod
0 → 100644
浏览文件 @
29cf84c6
=pod
=head1 NAME
EVP_DigestVerifyInit, EVP_DigestVerifyUpdate, EVP_DigestVerifyFinal - EVP signature verification functions
=head1 SYNOPSIS
#include <openssl/evp.h>
int EVP_DigestVerifyInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
const EVP_MD *type, ENGINE *e, EVP_PKEY *pkey);
int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt);
int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, unsigned char *sig, size_t siglen);
=head1 DESCRIPTION
The EVP signature routines are a high level interface to digital signatures.
EVP_DigestVerifyInit() sets up verification context B<ctx> to use digest
B<type> from ENGINE B<impl> and public key B<pkey>. B<ctx> must be initialized
with EVP_MD_CTX_init() before calling this function. If B<pctx> is not NULL the
EVP_PKEY_CTX of the verification operation will be written to B<*pctx>: this
can be used to set alternative verification options.
EVP_DigestVerifyUpdate() hashes B<cnt> bytes of data at B<d> into the
verification context B<ctx>. This function can be called several times on the
same B<ctx> to include additional data. This function is currently implemented
using a macro.
EVP_DigestVerifyFinal() verifies the data in B<ctx> against the signature in
B<sig> of length B<siglen>.
=head1 RETURN VALUES
EVP_DigestVerifyInit() and EVP_DigestVerifyUpdate() return 1 for success and 0
or a negative value for failure. In particular a return value of -2 indicates
the operation is not supported by the public key algorithm.
Unlike other functions the return value 0 from EVP_DigestVerifyFinal() only
indicates that the signature did not not verify successfully (that is tbs did
not match the original data or the signature was of invalid form) it is not an
indication of a more serious error.
The error codes can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>.
=head1 NOTES
The B<EVP> interface to digital signatures should almost always be used in
preference to the low level interfaces. This is because the code then becomes
transparent to the algorithm used and much more flexible.
In previous versions of OpenSSL there was a link between message digest types
and public key algorithms. This meant that "clone" digests such as EVP_dss1()
needed to be used to sign using SHA1 and DSA. This is no longer necessary and
the use of clone digest is now discouraged.
For some key types and parameters the random number generator must be seeded
or the operation will fail.
The call to EVP_DigestVerifyFinal() internally finalizes a copy of the digest
context. This means that calls to EVP_VerifyUpdate() and EVP_VerifyFinal() can
be called later to digest and verify additional data.
Since only a copy of the digest context is ever finalized the context must
be cleaned up after use by calling EVP_MD_CTX_cleanup() or a memory leak
will occur.
=head1 SEE ALSO
L<EVP_DigestSignInit(3)|EVP_DigestSignInit(3)>,
L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
=head1 HISTORY
EVP_DigestVerifyInit(), EVP_DigestVerifyUpdate() and EVP_DigestVerifyFinal()
were first added to OpenSSL 0.9.9.
=cut
doc/crypto/EVP_PKEY_verify.pod
浏览文件 @
29cf84c6
...
...
@@ -34,11 +34,11 @@ context if several operations are performed using the same parameters.
=head1 RETURN VALUES
EVP_PKEY_verify_init() and EVP_PKEY_verify() return 1 if the verification
was successful and 0 if it failed. Unlike other functions the return value
0 only indicates that the signature did not not verify successfully (that is
tbs did not match the original data or the signature was of invalid form)
it is not an indication of a more serious error.
EVP_PKEY_verify_init() and EVP_PKEY_verify() return 1 if the verification
was
successful and 0 if it failed. Unlike other functions the return value 0 from
EVP_PKEY_verify() only indicates that the signature did not not verify
successfully (that is tbs did not match the original data or the signature was
of invalid form)
it is not an indication of a more serious error.
A negative value indicates an error other that signature verification failure.
In particular a return value of -2 indicates the operation is not supported by
...
...
doc/crypto/EVP_SignInit.pod
浏览文件 @
29cf84c6
...
...
@@ -77,6 +77,15 @@ will occur.
Older versions of this documentation wrongly stated that calls to
EVP_SignUpdate() could not be made after calling EVP_SignFinal().
Since the private key is passed in the call to EVP_SignFinal() any error
relating to the private key (for example an unsuitable key and digest
combination) will not be indicated until after potentially large amounts of
data have been passed through EVP_SignUpdate().
It is not possible to change the signing parameters using these function.
The previous two bugs are fixed in the newer EVP_SignDigest*() function.
=head1 SEE ALSO
L<EVP_VerifyInit(3)|EVP_VerifyInit(3)>,
...
...
doc/crypto/EVP_VerifyInit.pod
浏览文件 @
29cf84c6
...
...
@@ -67,6 +67,15 @@ will occur.
Older versions of this documentation wrongly stated that calls to
EVP_VerifyUpdate() could not be made after calling EVP_VerifyFinal().
Since the public key is passed in the call to EVP_SignFinal() any error
relating to the private key (for example an unsuitable key and digest
combination) will not be indicated until after potentially large amounts of
data have been passed through EVP_SignUpdate().
It is not possible to change the signing parameters using these function.
The previous two bugs are fixed in the newer EVP_VerifyDigest*() function.
=head1 SEE ALSO
L<evp(3)|evp(3)>,
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录