provider-signature.7 - OpenGrok cross reference for /freebsd/secure/lib/libcrypto/man/man7/provider-signature.7

Lines Matching +full:single +full:- +full:shot
1 .\" -*- mode: troff; coding: utf-8 -*-
29 .\" Escape single quotes in literal strings from groff's Unicode transform.
57 .IX Title "PROVIDER-SIGNATURE 7ossl"
58 .TH PROVIDER-SIGNATURE 7ossl 2025-09-30 3.5.4 OpenSSL
64 provider\-signature \- The signature library <\-> provider functions
173 (see "Provider Functions" in \fBprovider\-base\fR\|(7)).
188 macros in \fBopenssl\-core_dispatch.h\fR\|(7), as follows:
273 When present, it should return a NULL-terminated array of strings
281 See \fBprovider\-keymgmt\fR\|(7) for further details.
308 \&\fBprovider\-keymgmt\fR\|(7)).
324 RSA\-SHA256.
333 \&\fBprovider\-keymgmt\fR\|(7)).
341 \&\fBOSSL_FUNC_signature_sign()\fR can be used for one-shot signature calls.  In that
360 \&\fBprovider\-keymgmt\fR\|(7)).
372 accumulation, such as RSA\-SHA256.
381 \&\fBprovider\-keymgmt\fR\|(7)).
392 \&\fBOSSL_FUNC_signature_verify()\fR can be used for one-shot verification calls.  In
404 \&\fBprovider\-keymgmt\fR\|(7)).
425 key management (OSSL_OP_KEYMGMT) operation (see \fBprovider\-keymgmt\fR\|(7)).
443 \&\fBOSSL_FUNC_signature_digest_sign()\fR implements a "one shot" digest sign operation
461 key management (OSSL_OP_KEYMGMT) operation (see \fBprovider\-keymgmt\fR\|(7)).
476 \&\fBOSSL_FUNC_signature_digest_verify()\fR implements a "one shot" digest verify operation
495 Common parameters currently recognised by built-in signature algorithms are as
500 signature functions. It is required in order to calculate the "algorithm-id".
507 like RSA\-SHA256, the "digest" and "properties" parameters should not be used.
516 .IP """digest-size"" (\fBOSSL_SIGNATURE_PARAM_DIGEST_SIZE\fR) <unsigned integer>" 4
517 .IX Item """digest-size"" (OSSL_SIGNATURE_PARAM_DIGEST_SIZE) <unsigned integer>"
520 The length of the "digest-size" parameter should not exceed that of a \fBsize_t\fR.
521 .IP """algorithm-id"" (\fBOSSL_SIGNATURE_PARAM_ALGORITHM_ID\fR) <octet string>" 4
522 .IX Item """algorithm-id"" (OSSL_SIGNATURE_PARAM_ALGORITHM_ID) <octet string>"
523 Gets the DER-encoded AlgorithmIdentifier for the signature operation.
530 .IP """nonce-type"" (\fBOSSL_SIGNATURE_PARAM_NONCE_TYPE\fR) <unsigned integer>" 4
531 .IX Item """nonce-type"" (OSSL_SIGNATURE_PARAM_NONCE_TYPE) <unsigned integer>"
538 "nonce-type" is 0 and results in a random value being used for the
539 nonce \fBk\fR as defined in FIPS 186\-4 Section 6.3 "Secret Number
547 In the normal mode of operation \- new random values are chosen until the
557 .IP """fips-indicator"" (\fBOSSL_SIGNATURE_PARAM_FIPS_APPROVED_INDICATOR\fR) <integer>" 4
558 .IX Item """fips-indicator"" (OSSL_SIGNATURE_PARAM_FIPS_APPROVED_INDICATOR) <integer>"
561 return 0 if either the "digest-check", "key-check", or "sign-check" are set to 0.
562 .IP """verify-message"" (\fBOSSL_SIGNATURE_PARAM_FIPS_VERIFY_MESSAGE\fR <integer>" 4
563 .IX Item """verify-message"" (OSSL_SIGNATURE_PARAM_FIPS_VERIFY_MESSAGE <integer>"
566 indicates likely non-approved usage of the FIPS provider.  This flag is
569 compliance.  See FIPS 140\-3 IG 2.4.B for further information.
570 .IP """key-check"" (\fBOSSL_SIGNATURE_PARAM_FIPS_KEY_CHECK\fR) <integer>" 4
571 .IX Item """key-check"" (OSSL_SIGNATURE_PARAM_FIPS_KEY_CHECK) <integer>"
577 This option breaks FIPS compliance if it causes the approved "fips-indicator"
579 .IP """digest-check"" (\fBOSSL_SIGNATURE_PARAM_FIPS_DIGEST_CHECK\fR) <integer>" 4
580 .IX Item """digest-check"" (OSSL_SIGNATURE_PARAM_FIPS_DIGEST_CHECK) <integer>"
584 the error and set the approved "fips-indicator" to 0.
585 This option breaks FIPS compliance if it causes the approved "fips-indicator"
587 .IP """sign-check"" (\fBOSSL_SIGNATURE_PARAM_FIPS_SIGN_CHECK\fR) <integer>" 4
588 .IX Item """sign-check"" (OSSL_SIGNATURE_PARAM_FIPS_SIGN_CHECK) <integer>"
592 Setting this to 0 will ignore the error and set the approved "fips-indicator" to 0.
593 This option breaks FIPS compliance if it causes the approved "fips-indicator" to
595 .IP """sign\-x931\-pad\-check"" (\fBOSSL_SIGNATURE_PARAM_FIPS_SIGN_X931_PAD_CHECK\fR) <integer>" 4
596 .IX Item """sign-x931-pad-check"" (OSSL_SIGNATURE_PARAM_FIPS_SIGN_X931_PAD_CHECK) <integer>"
600 approved "fips-indicator" to 0.
601 This option breaks FIPS compliance if it causes the approved "fips-indicator"
623 Parameters currently recognised by built-in signature algorithms are the same
624 as those for built-in digest algorithms. See
625 "Digest Parameters" in \fBprovider\-digest\fR\|(7) for further information.
641 \&\fBOSSL_FUNC_signature_query_key_types()\fR should return a NULL-terminated array of strings.
644 0 for a non-matching signature, and a negative value for operation failure.
650 \&\fBprovider\fR\|(7), "Provider Functions" in \fBprovider\-base\fR\|(7),
657 The Signature Parameters "fips-indicator", "key-check" and "digest-check"
661 Copyright 2019\-2025 The OpenSSL Project Authors. All Rights Reserved.