X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=doc%2Fcrypto%2FEVP_PKEY_sign.pod;h=21974b4b1a9cf35888551beba71a278bcefbba8f;hp=feb6c165923ab87e99520db0532e6520895033e0;hb=d64c533a207f7b6d86c3bc8ffb053e5f4d0c1ca0;hpb=436369100d360d9119f2f77ed935d0c1f8f49d09 diff --git a/doc/crypto/EVP_PKEY_sign.pod b/doc/crypto/EVP_PKEY_sign.pod index feb6c16592..21974b4b1a 100644 --- a/doc/crypto/EVP_PKEY_sign.pod +++ b/doc/crypto/EVP_PKEY_sign.pod @@ -28,9 +28,14 @@ B and the amount of data written to B. =head1 NOTES +EVP_PKEY_sign() does not hash the data to be signed, and therefore is +normally used to sign digests. For signing arbitrary messages, see the +L and +L signing interfaces instead. + After the call to EVP_PKEY_sign_init() algorithm specific control operations can be performed to set any appropriate parameters for the -operation. +operation (see L). The function EVP_PKEY_sign() can be called more than once on the same context if several operations are performed using the same parameters. @@ -49,13 +54,17 @@ Sign data using RSA with PKCS#1 padding and SHA256 digest: #include EVP_PKEY_CTX *ctx; + /* md is a SHA-256 digest in this example. */ unsigned char *md, *sig; - size_t mdlen, siglen; + size_t mdlen = 32, siglen; EVP_PKEY *signing_key; - /* NB: assumes signing_key, md and mdlen are already set up - * and that signing_key is an RSA private key + + /* + * NB: assumes signing_key and md are set up before the next + * step. signing_key must be an RSA private key and md must + * point to the SHA-256 digest to be signed. */ - ctx = EVP_PKEY_CTX_new(signing_key); + ctx = EVP_PKEY_CTX_new(signing_key, NULL /* no engine */); if (!ctx) /* Error occurred */ if (EVP_PKEY_sign_init(ctx) <= 0) @@ -83,14 +92,15 @@ Sign data using RSA with PKCS#1 padding and SHA256 digest: =head1 SEE ALSO L, +L, L, L, L, -L, +L, L =head1 HISTORY -These functions were first added to OpenSSL 0.9.9. +These functions were first added to OpenSSL 1.0.0. =cut