#include
int EVP_VerifyInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl); int EVP_VerifyUpdate(EVP_MD_CTX *ctx, const void *d, unsigned int cnt); int EVP_VerifyFinal(EVP_MD_CTX *ctx,unsigned char *sigbuf, unsigned int siglen,EVP_PKEY *pkey);
int EVP_VerifyInit(EVP_MD_CTX *ctx, const EVP_MD *type);
_E_V_P___V_e_r_i_f_y_I_n_i_t___e_x_(_) sets up verification context ccttxx to use digest ttyyppee from ENGINE iimmppll. ccttxx must be initialized by calling _E_V_P___M_D___C_T_X___i_n_i_t_(_) before calling this function.
_E_V_P___V_e_r_i_f_y_U_p_d_a_t_e_(_) hashes ccnntt bytes of data at dd into the verification context ccttxx. This function can be called several times on the same ccttxx to include additional data.
_E_V_P___V_e_r_i_f_y_F_i_n_a_l_(_) verifies the data in ccttxx using the public key ppkkeeyy and against the ssiigglleenn bytes at ssiiggbbuuff.
_E_V_P___V_e_r_i_f_y_I_n_i_t_(_) initializes verification context ccttxx to use the default implementation of digest ttyyppee.
_E_V_P___V_e_r_i_f_y_F_i_n_a_l_(_) returns 1 for a correct signature, 0 for failure and -1 if some other error occurred.
The error codes can be obtained by _E_R_R___g_e_t___e_r_r_o_r(3).
Due to the link between message digests and public key algorithms the correct digest algorithm must be used with the correct public key type. A list of algorithms and associated public key algorithms appears in _E_V_P___D_i_g_e_s_t_I_n_i_t(3).
The call to _E_V_P___V_e_r_i_f_y_F_i_n_a_l_(_) internally finalizes a copy of the digest context. This means that calls to _E_V_P___V_e_r_i_f_y_U_p_d_a_t_e_(_) and _E_V_P___V_e_r_i_f_y_F_i_n_a_l_(_) can be called later to digest and verify additional data.
Since only a copy of the digest context is ever finalized the context must be cleaned up after use by calling _E_V_P___M_D___C_T_X___c_l_e_a_n_u_p_(_) or a memory leak will occur.
Since the public key is passed in the call to _E_V_P___S_i_g_n_F_i_n_a_l_(_) any error relating to the private key (for example an unsuitable key and digest combination) will not be indicated until after potentially large amounts of data have been passed through _E_V_P___S_i_g_n_U_p_d_a_t_e_(_).
It is not possible to change the signing parameters using these function.
The previous two bugs are fixed in the newer EVP_VerifyDigest*() function.
_E_V_P___V_e_r_i_f_y_I_n_i_t___e_x_(_) was added in OpenSSL 0.9.7