wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Clarify the EVP_DigestSignInit docs

Browse source 
They did not make it clear how the memory management works for the |pctx|
parameter.

Fixes #7037

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7042)
This commit is contained in:
Matt Caswell 2018-08-23 11:37:22 +01:00
parent f273ff953a
commit f097e87598
2 changed files with 10 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
doc/man3/EVP_DigestSignInit.pod
View file

@ -24,10 +24,12 @@ The EVP signature routines are a high level interface to digital signatures.
EVP_DigestSignInit() sets up signing context B<ctx> to use digest B<type> from
ENGINE B<e> and private key B<pkey>. B<ctx> must be created with
EVP_MD_CTX_new() before calling this function. If B<pctx> is not NULL the
EVP_MD_CTX_new() before calling this function. If B<pctx> is not NULL, the
EVP_PKEY_CTX of the signing operation will be written to B<*pctx>: this can
be used to set alternative signing options. The digest B<type> may be NULL if
the signing algorithm supports it.
be used to set alternative signing options. Note that any existing value in
B<*pctx> is overwritten. The EVP_PKEY_CTX value returned must not be freed
directly by the application (it will be freed automatically when the EVP_MD_CTX
is freed). The digest B<type> may be NULL if the signing algorithm supports it.
Only EVP_PKEY types that support signing can be used with these functions. This
includes MAC algorithms where the MAC generation is considered as a form of

7
doc/man3/EVP_DigestVerifyInit.pod
View file

@ -23,9 +23,12 @@ The EVP signature routines are a high level interface to digital signatures.
EVP_DigestVerifyInit() sets up verification context B<ctx> to use digest
B<type> from ENGINE B<e> and public key B<pkey>. B<ctx> must be created
with EVP_MD_CTX_new() before calling this function. If B<pctx> is not NULL the
with EVP_MD_CTX_new() before calling this function. If B<pctx> is not NULL, the
EVP_PKEY_CTX of the verification operation will be written to B<*pctx>: this
can be used to set alternative verification options.
can be used to set alternative verification options. Note that any existing
value in B<*pctx> is overwritten. The EVP_PKEY_CTX value returned must not be
freed directly by the application (it will be freed automatically when the
EVP_MD_CTX is freed).
EVP_DigestVerifyUpdate() hashes B<cnt> bytes of data at B<d> into the
verification context B<ctx>. This function can be called several times on the