| /openssl/crypto/evp/ |
| H A D | signature.c | 27 if (signature == NULL) in evp_signature_new()
31 OPENSSL_free(signature); in evp_signature_new()
35 signature->prov = prov; in evp_signature_new()
38 return signature; in evp_signature_new()
368 return signature; in evp_signature_from_algorithm()
378 if (signature == NULL) in EVP_SIGNATURE_free()
399 return signature->prov; in EVP_SIGNATURE_get0_provider()
425 && evp_is_a(signature->prov, signature->name_id, NULL, name); in EVP_SIGNATURE_is_a()
461 return evp_names_do_all(signature->prov, signature->name_id, fn, data); in EVP_SIGNATURE_names_do_all()
699 ctx->op.sig.signature = signature; in evp_pkey_signature_init()
[all …]
|
| H A D | m_sigver.c | 44 EVP_SIGNATURE *signature = NULL; in do_sigver_init() local
78 || (signature = locpctx->op.sig.signature) == NULL in do_sigver_init()
141 EVP_SIGNATURE_free(signature); in do_sigver_init()
148 if (signature != NULL) in do_sigver_init()
153 signature = in do_sigver_init()
156 if (signature == NULL) in do_sigver_init()
160 if (signature == NULL) in do_sigver_init()
185 EVP_SIGNATURE_free(signature); in do_sigver_init()
195 locpctx->op.sig.signature = signature; in do_sigver_init()
199 = signature->newctx(ossl_provider_ctx(signature->prov), props); in do_sigver_init()
[all …]
|
| /openssl/crypto/asn1/ |
| H A D | a_verify.c | 27 int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *a, ASN1_BIT_STRING *signature, in ASN1_verify() argument
46 if (signature->type == V_ASN1_BIT_STRING && signature->flags & 0x7) { in ASN1_verify()
73 if (EVP_VerifyFinal(ctx, (unsigned char *)signature->data, in ASN1_verify()
74 (unsigned int)signature->length, pkey) <= 0) { in ASN1_verify()
88 const ASN1_BIT_STRING *signature, const void *data, in ASN1_item_verify() argument
95 const ASN1_BIT_STRING *signature, const void *data, in ASN1_item_verify_ex() argument
103 rv = ASN1_item_verify_ctx(it, alg, signature, data, ctx); in ASN1_item_verify_ex()
111 const ASN1_BIT_STRING *signature, const void *data, in ASN1_item_verify_ctx() argument
127 if (signature->type == V_ASN1_BIT_STRING && signature->flags & 0x7) { in ASN1_item_verify_ctx()
143 ret = pkey->ameth->item_verify(ctx, it, data, alg, signature, pkey); in ASN1_item_verify_ctx()
[all …]
|
| H A D | a_sign.c | 28 ASN1_BIT_STRING *signature, char *data, EVP_PKEY *pkey, in ASN1_sign() argument
98 ASN1_STRING_set0(signature, buf_out, outl); in ASN1_sign()
104 ossl_asn1_string_set_bits_left(signature, 0); in ASN1_sign()
115 ASN1_BIT_STRING *signature, const void *data, in ASN1_item_sign() argument
118 return ASN1_item_sign_ex(it, algor1, algor2, signature, data, NULL, pkey, in ASN1_item_sign()
123 X509_ALGOR *algor2, ASN1_BIT_STRING *signature, in ASN1_item_sign_ex() argument
139 rv = ASN1_item_sign_ctx(it, algor1, algor2, signature, data, ctx); in ASN1_item_sign_ex()
148 X509_ALGOR *algor2, ASN1_BIT_STRING *signature, in ASN1_item_sign_ctx() argument
213 outl = signature->length; in ASN1_item_sign_ctx()
280 ASN1_STRING_set0(signature, buf_out, outl); in ASN1_item_sign_ctx()
[all …]
|
| /openssl/doc/man3/ |
| H A D | EVP_SIGNATURE.pod | 21 void EVP_SIGNATURE_free(EVP_SIGNATURE *signature);
22 int EVP_SIGNATURE_up_ref(EVP_SIGNATURE *signature);
23 const char *EVP_SIGNATURE_get0_name(const EVP_SIGNATURE *signature);
24 int EVP_SIGNATURE_is_a(const EVP_SIGNATURE *signature, const char *name);
27 void (*fn)(EVP_SIGNATURE *signature,
30 int EVP_SIGNATURE_names_do_all(const EVP_SIGNATURE *signature,
33 const char *EVP_SIGNATURE_get0_name(const EVP_SIGNATURE *signature);
69 implementation for the given I<signature>. Note that the I<signature> may have
72 by the I<signature> object and should not be freed by the caller.
79 discretion of the I<signature> implementation.
[all …]
|
| H A D | SSL_CTX_set1_sigalgs.pod | 8 SSL_set1_client_sigalgs_list - set supported signature algorithms
26 SSL_CTX_set1_sigalgs() and SSL_set1_sigalgs() set the supported signature
32 signature algorithms for B<ctx> or B<ssl>. The B<str> parameter
46 All these functions are implemented as macros. The signature algorithm
52 If an application wishes to allow the setting of signature algorithms
57 signature algorithm in the client hello message.
59 The supported signature algorithms set by a server are not sent to the
60 client but are used to determine the set of shared signature algorithms
64 The client authentication signature algorithms set by a server are sent
69 used to determined the set of client authentication shared signature
[all …]
|
| H A D | ASN1_item_sign.pod | 14 X509_ALGOR *algor2, ASN1_BIT_STRING *signature,
20 ASN1_BIT_STRING *signature, const void *data,
51 written before the signature is generated.
57 The generated signature is set into I<signature>.
68 ASN1_item_verify_ex() is used to verify the signature I<signature> of internal
89 All verify functions return 1 if the signature is valid and 0 if the signature
96 in an EVP_MD_CTX. The signature is written to MyObject.signature. The object is
112 * output signature.
118 ASN1_BIT_STRING *signature;
136 ASN1_SIMPLE(MyObject, signature, ASN1_BIT_STRING)
[all …]
|
| H A D | SSL_get_shared_sigalgs.pod | 5 SSL_get_shared_sigalgs, SSL_get_sigalgs - get supported signature algorithms
21 SSL_get_shared_sigalgs() returns information about the shared signature
23 of the shared signature algorithm to return starting from zero. The signature
25 sign and hash NID to B<*psignhash>. The raw signature and hash values
29 information about all signature algorithms supported by B<s> in the order
35 signature algorithms or B<0> if the B<idx> parameter is out of range.
45 signature algorithm it can just set B<idx> to zero.
50 signature algorithms can be determined: which can be zero.
61 The shared signature algorithms returned by SSL_get_shared_sigalgs() are
69 If a signature algorithm is not recognised the corresponding NIDs
[all …]
|
| H A D | ECDSA_sign.pod | 7 ECDSA_do_sign_ex - deprecated low-level elliptic curve digital signature algorithm
49 ECDSA_size() returns the maximum length of a DER encoded ECDSA signature
50 created with the private EC key I<eckey>. To obtain the actual signature
69 ECDSA_do_verify() is similar to ECDSA_verify() except the signature is
93 ECDSA_size() returns the maximum length signature or 0 on error.
102 signature, 0 for an invalid signature and -1 on error.
107 Creating an ECDSA signature of a given SHA-256 hash value using the
124 Second step: compute the ECDSA signature of a SHA-256 hash value
142 Third step: verify the created ECDSA signature using ECDSA_do_verify():
153 /* signature ok */
[all …]
|
| H A D | X509_get0_signature.pod | 10 X509_SIG_INFO_get, X509_SIG_INFO_set - signature information
52 X509_get0_signature() sets B<*psig> to the signature of B<x> and B<*palg>
53 to the signature algorithm of B<x>. The values returned are internal
59 X509_get0_tbs_sigalg() returns the signature algorithm in the signed
62 X509_get_signature_nid() returns the NID corresponding to the signature
73 X509_get_signature_info() retrieves information about the signature of
80 about a signature in an B<X509_SIG_INFO> structure. They are only
82 signature information: most applications will never need to call
88 where an application wishes to analyse or generate a signature in a form
94 cases the actual security of the signature is less because the signing
[all …]
|
| H A D | DSA_do_sign.pod | 5 DSA_do_sign, DSA_do_verify - raw DSA signature operations
26 DSA_do_sign() computes a digital signature on the B<len> byte message
31 of the signing operation in case signature generation is
34 DSA_do_verify() verifies that the signature B<sig> matches a given
40 DSA_do_sign() returns the signature, NULL on error. DSA_do_verify()
41 returns 1 for a valid signature, 0 for an incorrect signature and -1
|
| H A D | ECDSA_SIG_new.pod | 23 I<r> and I<s> value of an Elliptic Curve Digital Signature Algorithm (ECDSA) signature
27 I<r> and I<s> into or from a signature. This is mainly used for testing purposes as shown
63 Extract signature I<r> and I<s> values from a ECDSA I<signature>
69 /* Load a signature into the ECDSA_SIG object */
70 obj = d2i_ECDSA_SIG(NULL, &signature, signaturelen);
87 Convert I<r> and I<s> byte arrays into an ECDSA_SIG I<signature> of
91 unsigned char *signature = NULL;
108 signaturelen = i2d_ECDSA_SIG(obj, &signature);
113 * This signature could now be passed to L<EVP_DigestVerify(3)>
119 OPENSSL_free(signature);
|
| H A D | X509_verify.pod | 8 verify certificate, certificate request, or CRL signature
27 X509_verify() verifies the signature of certificate I<x> using public key
28 I<pkey>. Only the signature is checked: no other checks (such as certificate
34 The signature itself is actually verified only if B<verify_signature> is 1, as
45 return 1 if the signature is valid and 0 if the signature check fails.
46 If the signature could not be checked at all because it was ill-formed,
|
| /openssl/doc/man7/ |
| H A D | provider-signature.pod | 5 provider-signature - The signature library E<lt>-E<gt> provider functions
25 /* Get the key types that a signature algorithm supports */
176 set of "signature" functions, i.e. at least one of:
310 a signature on a message given a provider side signature context in the I<ctx>
323 The signature itself must have been passed through the "signature"
378 the signature should be written to I<*siglen>.
462 Sets the signature to verify, specifically when
468 signature functions.
474 signature algorithm and digest algorithm for the signature operation.
491 calculated signature is invalid.
[all …]
|
| H A D | EVP_SIGNATURE-DSA.pod | 6 - The B<EVP_PKEY> DSA signature implementation
10 Support for computing DSA signatures. The signature produced with
16 signature validation, but is still allowed for signature verification.
29 The base signature algorithm, supported explicitly fetched with
54 DSA signature schemes with diverse message digest algorithms. They are all
73 These two are not supported with the DSA signature schemes that already
84 The settable parameters are described in L<provider-signature(7)>.
88 The following signature parameters can be retrieved using
101 The gettable parameters are described in L<provider-signature(7)>.
110 L<provider-signature(7)>,
[all …]
|
| H A D | EVP_SIGNATURE-ECDSA.pod | 5 EVP_SIGNATURE-ECDSA - The EVP_PKEY ECDSA signature implementation.
23 The base signature algorithm, supported explicitly fetched with
48 ECDSA signature schemes with diverse message digest algorithms. They are all
56 The following signature parameters can be set using EVP_PKEY_CTX_set_params().
66 These two are not supported with the ECDSA signature schemes that already
75 These parameters are described in L<provider-signature(7)>.
79 The following signature parameters can be retrieved using
94 The parameters are described in L<provider-signature(7)>.
103 L<provider-signature(7)>,
|
| H A D | EVP_SIGNATURE-RSA.pod | 6 - The EVP_PKEY RSA signature implementation
24 The base signature algorithm, supported explicitly fetched with
75 These are not supported with the RSA signature schemes that already include a
78 These common parameters are described in L<provider-signature(7)>.
92 This padding mode is no longer supported by the FIPS provider for signature
93 generation, but may be used for signature verification for legacy use cases.
147 These parameters are described in L<provider-signature(7)>.
151 The default value of 1 causes an error during signature generation or
161 The following signature parameters can be retrieved using
172 These common parameter are described in L<provider-signature(7)>.
[all …]
|
| /openssl/crypto/ec/curve448/ |
| H A D | eddsa.c | 156 uint8_t signature[EDDSA_448_SIGNATURE_BYTES], in ossl_c448_ed448_sign()
247 OPENSSL_cleanse(signature, EDDSA_448_SIGNATURE_BYTES); in ossl_c448_ed448_sign()
248 memcpy(signature, nonce_point, sizeof(nonce_point)); in ossl_c448_ed448_sign()
249 ossl_curve448_scalar_encode(&signature[EDDSA_448_PUBLIC_BYTES], in ossl_c448_ed448_sign()
265 uint8_t signature[EDDSA_448_SIGNATURE_BYTES], in ossl_c448_ed448_sign_prehash()
289 const uint8_t signature[EDDSA_448_SIGNATURE_BYTES], in ossl_c448_ed448_verify()
316 if (signature[i + EDDSA_448_PUBLIC_BYTES] > order[i]) in ossl_c448_ed448_verify()
318 if (signature[i + EDDSA_448_PUBLIC_BYTES] < order[i]) in ossl_c448_ed448_verify()
360 &signature[EDDSA_448_PUBLIC_BYTES], in ossl_c448_ed448_verify()
373 const uint8_t signature[EDDSA_448_SIGNATURE_BYTES], in ossl_c448_ed448_verify_prehash()
[all …]
|
| H A D | ed448.h | 66 uint8_t signature[EDDSA_448_SIGNATURE_BYTES],
92 uint8_t signature[EDDSA_448_SIGNATURE_BYTES],
121 signature[EDDSA_448_SIGNATURE_BYTES],
149 const uint8_t signature[EDDSA_448_SIGNATURE_BYTES],
|
| /openssl/test/ |
| H A D | dsa_no_digest_size_test.c | 139 unsigned char *signature = NULL; in sign_and_verify() local
168 if (!TEST_ptr(signature = OPENSSL_malloc(sigLength))) in sign_and_verify()
171 if (EVP_PKEY_sign(ctx, signature, &sigLength, dataToSign, len) != 1) { in sign_and_verify()
181 if (EVP_PKEY_verify(ctx, signature, sigLength, dataToSign, len) != 1) { in sign_and_verify()
187 if (EVP_PKEY_verify(ctx, signature, sigLength, paddedData, digestlen) != 1) { in sign_and_verify()
193 if (DSA_verify(0, dataToSign, len, signature, sigLength, dsakey) != 1) { in sign_and_verify()
198 if (DSA_verify(0, paddedData, digestlen, signature, sigLength, dsakey) != 1) { in sign_and_verify()
208 OPENSSL_free(signature); in sign_and_verify()
|
| /openssl/util/perl/TLSProxy/ |
| H A D | CertificateVerify.pm | 41 $self->{signature} = "";
70 $self->signature($sig);
78 my $sig = $self->signature();
97 sub signature subroutine
101 $self->{signature} = shift;
103 return $self->{signature};
|
| H A D | ServerKeyExchange.pm | 98 $self->signature($sig);
115 if (length($self->signature) > 0) {
116 $data .= pack('n', length($self->signature));
117 $data .= $self->signature;
157 sub signature subroutine
|
| /openssl/test/ssl-tests/ |
| H A D | 01-simple.cnf | 6 test-1 = 1-Server signature algorithms bug
34 [1-Server signature algorithms bug]
35 ssl_conf = 1-Server signature algorithms bug-ssl
37 [1-Server signature algorithms bug-ssl]
38 server = 1-Server signature algorithms bug-server
39 client = 1-Server signature algorithms bug-client
41 [1-Server signature algorithms bug-server]
47 [1-Server signature algorithms bug-client]
|
| /openssl/crypto/ocsp/ |
| H A D | ocsp_local.h | 54 ASN1_BIT_STRING *signature; member
194 ASN1_BIT_STRING *signature; member
223 (o)->optionalSignature->signature, &(o)->tbsRequest,\
229 (o)->signature, &(o)->tbsResponseData,\
235 (o)->signature, &(o)->tbsResponseData, ctx)
240 (a)->optionalSignature->signature, &(a)->tbsRequest,\
245 &(a)->signatureAlgorithm, (a)->signature,\
|
| /openssl/doc/man1/ |
| H A D | openssl-dgst.pod.in | 27 [B<-signature> I<filename>]
85 Output the digest or signature in binary form.
130 in L<provider-signature(7)/Signature parameters>.
139 Verify the signature using the public key in "filename".
144 Verify the signature using the private key in "filename".
146 =item B<-signature> I<filename>
148 The actual signature to verify.
231 openssl sha256 -sign privatekey.pem -out signature.sign file.txt
233 To verify a signature:
236 -signature signature.sign \
[all …]
|
