Lines Matching full:signature

5 provider-signature - The signature library E<lt>-E<gt> provider functions
25  /* Get the key types that a signature algorithm supports */
50   * OSSL_FUNC_signature_verify_message_final requires that the signature to be
51   * verified is specified via a "signature" OSSL_PARAM, which is given with a
89  /* Signature parameters */
107 The signature (OSSL_OP_SIGNATURE) operation enables providers to implement
108 signature algorithms and make them available to applications via the API
172 A signature algorithm implementation may not implement all of these functions.
175 set of "signature" functions, i.e. at least one of:
215 indicating the key types supported by the provider for signature operations.
216 Otherwise the signature algorithm name must match the given key
217 or match the default signature algorithm name of the key,
220 A signature algorithm must also implement some mechanism for generating,
227 structure for holding context information during a signature operation.
228 A pointer to this context will be passed back in a number of the other signature
235 OSSL_FUNC_signature_freectx() is passed a pointer to the provider side signature
239 OSSL_FUNC_signature_dupctx() should duplicate the provider side signature context in
245 signature context in the I<ctx> parameter, and a pointer to a provider key object
254 A previously initialised signature context is passed in the I<ctx>
258 Unless I<sig> is NULL, the signature should be written to the location pointed
260 The length of the signature should be written to I<*siglen>.
261 If I<sig> is NULL then the maximum length of the signature should be written to
271 message given a provider side signature context in the I<ctx> parameter, and a
285 OSSL_FUNC_signature_sign() can be used for one-shot signature calls.  In that
290 if I<sig> is not NULL, the signature should be written to the location pointed
292 The length of the signature should be written to I<*siglen>.
293 If I<sig> is NULL then the maximum length of the signature should be written to
298 OSSL_FUNC_signature_verify_init() initialises a context for verifying a signature given
299 a provider side signature context in the I<ctx> parameter, and a pointer to a
308 A previously initialised signature context is passed in the I<ctx> parameter.
309 The data that the signature covers is pointed to be the I<tbs> parameter which
311 The signature is pointed to by the I<sig> parameter which is I<siglen> bytes
317 accumulate a full message and verify a signature on the result of that
321 a signature on a message given a provider side signature context in the I<ctx>
334 The signature itself must have been passed through the "signature"
335 (B<OSSL_SIGNATURE_PARAM_SIGNATURE>) L<Signature parameter|/Signature parameters>
345 signed data given a provider side signature context in the I<ctx> parameter, and
354 A previously initialised signature context is passed in the I<ctx> parameter.
355 The signature is pointed to by the I<sig> parameter which is I<siglen> bytes
366 provider side signature context in the I<ctx> parameter, and a pointer to a
378 signature context is passed in the I<ctx> parameter. This function may be called
381 OSSL_FUNC_signature_digest_sign_final() finalises a signature operation previously
385 signature context is passed in the I<ctx> parameter. Unless I<sig> is NULL, the
386 signature should be written to the location pointed to by the I<sig> parameter
387 and it should not exceed I<sigsize> bytes in length. The length of the signature
389 the signature should be written to I<*siglen>.
393 initialised signature context is passed in the I<ctx> parameter. The data to be
395 the signature should be written to the location pointed to by the I<sig>
397 signature should be written to I<*siglen>. If I<sig> is NULL then the maximum
398 length of the signature should be written to I<*siglen>.
422 verification context is passed in the I<ctx> parameter. The signature to be
428 verified is in I<tbs> which should be I<tbslen> bytes long. The signature to be
431 =head2 Signature parameters
436 OSSL_FUNC_signature_get_ctx_params() gets signature parameters associated with the
437 given provider side signature context I<ctx> and stored them in I<params>.
440 OSSL_FUNC_signature_set_ctx_params() sets the signature parameters associated with the
441 given provider side signature context I<ctx> to I<params>.
445 Common parameters currently recognised by built-in signature algorithms are as
453 signature functions. It is required in order to calculate the "algorithm-id".
462 Note that when implementing a signature algorithm that gathers a full message,
471 =item "signature" (B<OSSL_SIGNATURE_PARAM_SIGNATURE>) <octet string>
473 Sets the signature to verify, specifically when
479 signature functions.
484 Gets the DER-encoded AlgorithmIdentifier for the signature operation.
486 with a purely asymmetric signature algorithm, such as SHA256WithECDSA.
494 Set this to 1 to use deterministic digital signature generation with
498 deterministic digital signature generation, please read RFC 6979
504 The FIPS provider does not support deterministic digital signature generation.
509 calculated signature is invalid.
511 signature operation succeeds.
512 By default it retries until a signature is calculated.
533 A getter that returns 1 if a signature verification operation acted on
536 set when any signature verification initialisation function is called.
552 If required this parameter should be set before the signature digest is set.
591 given provider side digest signature context I<ctx> and stores them in I<params>.
595 given provider side digest signature context I<ctx> to I<params>.
599 Parameters currently recognised by built-in signature algorithms are the same
612 provider side signature context, or NULL on failure.
621 0 for a non-matching signature, and a negative value for operation failure.
635 The provider SIGNATURE interface was introduced in OpenSSL 3.0.
636 The Signature Parameters "fips-indicator", "key-check" and "digest-check"