diff options
Diffstat (limited to 'secure/lib/libcrypto/man/man3/ECDSA_sign.3')
| -rw-r--r-- | secure/lib/libcrypto/man/man3/ECDSA_sign.3 | 160 |
1 files changed, 42 insertions, 118 deletions
diff --git a/secure/lib/libcrypto/man/man3/ECDSA_sign.3 b/secure/lib/libcrypto/man/man3/ECDSA_sign.3 index 08e466880236..469664dbcf11 100644 --- a/secure/lib/libcrypto/man/man3/ECDSA_sign.3 +++ b/secure/lib/libcrypto/man/man3/ECDSA_sign.3 @@ -1,4 +1,5 @@ -.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42) +.\" -*- mode: troff; coding: utf-8 -*- +.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45) .\" .\" Standard preamble: .\" ======================================================================== @@ -15,29 +16,12 @@ .ft R .fi .. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. \*(C+ will -.\" give a nicer C++. Capital omega is used to do unbreakable dashes and -.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff, -.\" nothing in troff, for use with C<>. -.tr \(*W- -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' +.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>. .ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" . ds C` "" . ds C' "" 'br\} .el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' . ds C` . ds C' 'br\} @@ -68,87 +52,27 @@ . \} .\} .rr rF -.\" Fear. Run. Save yourself. No user-serviceable parts. -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C .\" ======================================================================== .\" .IX Title "ECDSA_SIGN 3ossl" -.TH ECDSA_SIGN 3ossl "2023-09-19" "3.0.11" "OpenSSL" +.TH ECDSA_SIGN 3ossl 2025-07-01 3.5.1 OpenSSL .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l .nh -.SH "NAME" +.SH NAME ECDSA_size, ECDSA_sign, ECDSA_do_sign, ECDSA_verify, ECDSA_do_verify, ECDSA_sign_setup, ECDSA_sign_ex, ECDSA_do_sign_ex \- deprecated low\-level elliptic curve digital signature algorithm (ECDSA) functions -.SH "SYNOPSIS" +.SH SYNOPSIS .IX Header "SYNOPSIS" .Vb 1 \& #include <openssl/ecdsa.h> .Ve .PP The following functions have been deprecated since OpenSSL 3.0, and can be -hidden entirely by defining \fB\s-1OPENSSL_API_COMPAT\s0\fR with a suitable version value, +hidden entirely by defining \fBOPENSSL_API_COMPAT\fR with a suitable version value, see \fBopenssl_user_macros\fR\|(7): .PP .Vb 1 @@ -172,58 +96,58 @@ see \fBopenssl_user_macros\fR\|(7): \& unsigned char *sig, unsigned int *siglen, \& const BIGNUM *kinv, const BIGNUM *rp, EC_KEY *eckey); .Ve -.SH "DESCRIPTION" +.SH DESCRIPTION .IX Header "DESCRIPTION" -See \fBECDSA_SIG_new\fR\|(3) for a description of the \fB\s-1ECDSA_SIG\s0\fR object. +See \fBECDSA_SIG_new\fR\|(3) for a description of the \fBECDSA_SIG\fR object. .PP See \fBi2d_ECDSA_SIG\fR\|(3) and \fBd2i_ECDSA_SIG\fR\|(3) for information about encoding -and decoding \s-1ECDSA\s0 signatures to/from \s-1DER.\s0 +and decoding ECDSA signatures to/from DER. .PP All of the functions described below are deprecated. Applications should -use the higher level \fB\s-1EVP\s0\fR interface such as \fBEVP_DigestSignInit\fR\|(3) +use the higher level \fBEVP\fR interface such as \fBEVP_DigestSignInit\fR\|(3) or \fBEVP_DigestVerifyInit\fR\|(3) instead. .PP -\&\fBECDSA_size()\fR returns the maximum length of a \s-1DER\s0 encoded \s-1ECDSA\s0 signature -created with the private \s-1EC\s0 key \fIeckey\fR. To obtain the actual signature -size use \fBEVP_PKEY_sign\fR\|(3) with a \s-1NULL\s0 \fIsig\fR parameter. +\&\fBECDSA_size()\fR returns the maximum length of a DER encoded ECDSA signature +created with the private EC key \fIeckey\fR. To obtain the actual signature +size use \fBEVP_PKEY_sign\fR\|(3) with a NULL \fIsig\fR parameter. .PP \&\fBECDSA_sign()\fR computes a digital signature of the \fIdgstlen\fR bytes hash value -\&\fIdgst\fR using the private \s-1EC\s0 key \fIeckey\fR. The \s-1DER\s0 encoded signatures is -stored in \fIsig\fR and its length is returned in \fIsig_len\fR. Note: \fIsig\fR must +\&\fIdgst\fR using the private EC key \fIeckey\fR. The DER encoded signatures is +stored in \fIsig\fR and its length is returned in \fIsiglen\fR. Note: \fIsig\fR must point to ECDSA_size(eckey) bytes of memory. The parameter \fItype\fR is currently ignored. \fBECDSA_sign()\fR is wrapper function for \fBECDSA_sign_ex()\fR with \fIkinv\fR -and \fIrp\fR set to \s-1NULL.\s0 +and \fIrp\fR set to NULL. .PP \&\fBECDSA_do_sign()\fR is similar to \fBECDSA_sign()\fR except the signature is returned -as a newly allocated \fB\s-1ECDSA_SIG\s0\fR structure (or \s-1NULL\s0 on error). \fBECDSA_do_sign()\fR +as a newly allocated \fBECDSA_SIG\fR structure (or NULL on error). \fBECDSA_do_sign()\fR is a wrapper function for \fBECDSA_do_sign_ex()\fR with \fIkinv\fR and \fIrp\fR set to -\&\s-1NULL.\s0 +NULL. .PP \&\fBECDSA_verify()\fR verifies that the signature in \fIsig\fR of size \fIsiglen\fR is a -valid \s-1ECDSA\s0 signature of the hash value \fIdgst\fR of size \fIdgstlen\fR using the +valid ECDSA signature of the hash value \fIdgst\fR of size \fIdgstlen\fR using the public key \fIeckey\fR. The parameter \fItype\fR is ignored. .PP \&\fBECDSA_do_verify()\fR is similar to \fBECDSA_verify()\fR except the signature is -presented in the form of a pointer to an \fB\s-1ECDSA_SIG\s0\fR structure. +presented in the form of a pointer to an \fBECDSA_SIG\fR structure. .PP The remaining functions utilise the internal \fIkinv\fR and \fIr\fR values used during signature computation. Most applications will never need to call these -and some external \s-1ECDSA ENGINE\s0 implementations may not support them at all if -either \fIkinv\fR or \fIr\fR is not \s-1NULL.\s0 +and some external ECDSA ENGINE implementations may not support them at all if +either \fIkinv\fR or \fIr\fR is not NULL. .PP \&\fBECDSA_sign_setup()\fR may be used to precompute parts of the signing operation. -\&\fIeckey\fR is the private \s-1EC\s0 key and \fIctx\fR is a pointer to \fB\s-1BN_CTX\s0\fR structure -(or \s-1NULL\s0). The precomputed values or returned in \fIkinv\fR and \fIrp\fR and can be +\&\fIeckey\fR is the private EC key and \fIctx\fR is a pointer to \fBBN_CTX\fR structure +(or NULL). The precomputed values or returned in \fIkinv\fR and \fIrp\fR and can be used in a later call to \fBECDSA_sign_ex()\fR or \fBECDSA_do_sign_ex()\fR. .PP \&\fBECDSA_sign_ex()\fR computes a digital signature of the \fIdgstlen\fR bytes hash value -\&\fIdgst\fR using the private \s-1EC\s0 key \fIeckey\fR and the optional pre-computed values -\&\fIkinv\fR and \fIrp\fR. The \s-1DER\s0 encoded signature is stored in \fIsig\fR and its -length is returned in \fIsig_len\fR. Note: \fIsig\fR must point to ECDSA_size(eckey) +\&\fIdgst\fR using the private EC key \fIeckey\fR and the optional pre-computed values +\&\fIkinv\fR and \fIrp\fR. The DER encoded signature is stored in \fIsig\fR and its +length is returned in \fIsiglen\fR. Note: \fIsig\fR must point to ECDSA_size(eckey) bytes of memory. The parameter \fItype\fR is ignored. .PP \&\fBECDSA_do_sign_ex()\fR is similar to \fBECDSA_sign_ex()\fR except the signature is -returned as a newly allocated \fB\s-1ECDSA_SIG\s0\fR structure (or \s-1NULL\s0 on error). +returned as a newly allocated \fBECDSA_SIG\fR structure (or NULL on error). .SH "RETURN VALUES" .IX Header "RETURN VALUES" \&\fBECDSA_size()\fR returns the maximum length signature or 0 on error. @@ -232,18 +156,18 @@ returned as a newly allocated \fB\s-1ECDSA_SIG\s0\fR structure (or \s-1NULL\s0 o or 0 on error. .PP \&\fBECDSA_do_sign()\fR and \fBECDSA_do_sign_ex()\fR return a pointer to an allocated -\&\fB\s-1ECDSA_SIG\s0\fR structure or \s-1NULL\s0 on error. +\&\fBECDSA_SIG\fR structure or NULL on error. .PP \&\fBECDSA_verify()\fR and \fBECDSA_do_verify()\fR return 1 for a valid signature, 0 for an invalid signature and \-1 on error. The error codes can be obtained by \fBERR_get_error\fR\|(3). -.SH "EXAMPLES" +.SH EXAMPLES .IX Header "EXAMPLES" -Creating an \s-1ECDSA\s0 signature of a given \s-1SHA\-256\s0 hash value using the +Creating an ECDSA signature of a given SHA\-256 hash value using the named curve prime256v1 (aka P\-256). -This example uses deprecated functionality. See \*(L"\s-1DESCRIPTION\*(R"\s0. +This example uses deprecated functionality. See "DESCRIPTION". .PP -First step: create an \s-1EC_KEY\s0 object (note: this part is \fBnot\fR \s-1ECDSA\s0 +First step: create an EC_KEY object (note: this part is \fBnot\fR ECDSA specific) .PP .Vb 3 @@ -258,7 +182,7 @@ specific) \& /* error */ .Ve .PP -Second step: compute the \s-1ECDSA\s0 signature of a \s-1SHA\-256\s0 hash value +Second step: compute the ECDSA signature of a SHA\-256 hash value using \fBECDSA_do_sign()\fR: .PP .Vb 3 @@ -280,7 +204,7 @@ or using \fBECDSA_sign()\fR: \& /* error */ .Ve .PP -Third step: verify the created \s-1ECDSA\s0 signature using \fBECDSA_do_verify()\fR: +Third step: verify the created ECDSA signature using \fBECDSA_do_verify()\fR: .PP .Vb 1 \& ret = ECDSA_do_verify(digest, 32, sig, eckey); @@ -304,8 +228,8 @@ and finally evaluate the return value: .Ve .SH "CONFORMING TO" .IX Header "CONFORMING TO" -\&\s-1ANSI X9.62, US\s0 Federal Information Processing Standard \s-1FIPS186\-2\s0 -(Digital Signature Standard, \s-1DSS\s0) +ANSI X9.62, US Federal Information Processing Standard FIPS186\-2 +(Digital Signature Standard, DSS) .SH "SEE ALSO" .IX Header "SEE ALSO" \&\fBEC_KEY_new\fR\|(3), @@ -314,14 +238,14 @@ and finally evaluate the return value: \&\fBEVP_PKEY_sign\fR\|(3) \&\fBi2d_ECDSA_SIG\fR\|(3), \&\fBd2i_ECDSA_SIG\fR\|(3) -.SH "HISTORY" +.SH HISTORY .IX Header "HISTORY" All functionality described here was deprecated in OpenSSL 3.0. -.SH "COPYRIGHT" +.SH COPYRIGHT .IX Header "COPYRIGHT" Copyright 2004\-2022 The OpenSSL Project Authors. All Rights Reserved. .PP -Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use +Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy -in the file \s-1LICENSE\s0 in the source distribution or at +in the file LICENSE in the source distribution or at <https://www.openssl.org/source/license.html>. |