DragonFly On-Line Manual Pages
EVP_PKEY_METH_NEW(3) DragonFly Library Functions Manual EVP_PKEY_METH_NEW(3)
NAME
EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy,
EVP_PKEY_meth_find, EVP_PKEY_meth_add0, EVP_PKEY_meth_set_init,
EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup,
EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen,
EVP_PKEY_meth_set_sign, EVP_PKEY_meth_set_verify,
EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx,
EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt,
EVP_PKEY_meth_set_decrypt, EVP_PKEY_meth_set_derive,
EVP_PKEY_meth_set_ctrl -- manipulate an EVP_PKEY_METHOD structure
SYNOPSIS
#include <openssl/evp.h>
EVP_PKEY_METHOD *
EVP_PKEY_meth_new(int id, int flags);
void
EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
void
EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
const EVP_PKEY_METHOD *
EVP_PKEY_meth_find(int type);
int
EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
void
EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
int (*init)(EVP_PKEY_CTX *ctx));
void
EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
int (*copy)(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src));
void
EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
void (*cleanup)(EVP_PKEY_CTX *ctx));
void
EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
int (*paramgen_init)(EVP_PKEY_CTX *ctx),
int (*paramgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey));
void
EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
int (*keygen_init)(EVP_PKEY_CTX *ctx),
int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey));
void
EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
int (*sign_init)(EVP_PKEY_CTX *ctx),
int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, const unsigned char *tbs, size_t tbslen));
void
EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
int (*verify_init)(EVP_PKEY_CTX *ctx),
int (*verify)(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen, const unsigned char *tbs, size_t tbslen));
void
EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
int (*verify_recover_init)(EVP_PKEY_CTX *ctx),
int (*verify_recover)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, const unsigned char *tbs, size_t tbslen));
void
EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, EVP_MD_CTX *mctx));
void
EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
int (*verifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx),
int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen, EVP_MD_CTX *mctx));
void
EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
int (*encrypt_init)(EVP_PKEY_CTX *ctx),
int (*encryptfn)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char *in, size_t inlen));
void
EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
int (*decrypt_init)(EVP_PKEY_CTX *ctx),
int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char *in, size_t inlen));
void
EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
int (*derive_init)(EVP_PKEY_CTX *ctx),
int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen));
void
EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2),
int (*ctrl_str)(EVP_PKEY_CTX *ctx, const char *type, const char *value));
DESCRIPTION
The EVP_PKEY_METHOD structure holds a set of methods for a specific pub-
lic key cryptographic algorithm. Those methods perform tasks such as
generating keys, signing, verifying, encrypting, decrypting, and so on.
There are two places where the EVP_PKEY_METHOD objects are stored: one is
a built-in static array representing the standard methods for different
algorithms, and the other one is a stack of user-defined application-spe-
cific methods, which can be manipulated with EVP_PKEY_meth_add0().
The EVP_PKEY_METHOD objects are usually referenced by EVP_PKEY_CTX
objects.
Methods
The methods implement the particular public key algorithm represented by
the EVP_PKEY_CTX object.
int (*init)(EVP_PKEY_CTX *ctx)
int (*copy)(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)
void (*cleanup)(EVP_PKEY_CTX *ctx)
The init() method is called by EVP_PKEY_CTX_new(3) and
EVP_PKEY_CTX_new_id(3) to initialize the algorithm-specific data when a
new EVP_PKEY_CTX is created. The cleanup() method is called by
EVP_PKEY_CTX_free(3) when an EVP_PKEY_CTX is freed. The copy() method is
called by EVP_PKEY_CTX_dup(3) when an EVP_PKEY_CTX is duplicated.
int (*paramgen_init)(EVP_PKEY_CTX *ctx)
int (*paramgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
The paramgen_init() and paramgen() methods deal with key parameter gener-
ation. They are called by EVP_PKEY_paramgen_init(3) and
EVP_PKEY_paramgen(3) to handle the parameter generation process.
int (*keygen_init)(EVP_PKEY_CTX *ctx)
int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)
The keygen_init() and keygen() methods are used to generate a key for the
specified algorithm. They are called by EVP_PKEY_keygen_init(3) and
EVP_PKEY_keygen(3).
int (*sign_init)(EVP_PKEY_CTX *ctx)
int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, const unsigned char *tbs, size_t tbslen)
The sign_init() and sign() methods are used to generate the signature of
a piece of data using a private key. They are called by
EVP_PKEY_sign_init(3) and EVP_PKEY_sign(3).
int (*verify_init)(EVP_PKEY_CTX *ctx)
int (*verify)(EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen, const unsigned char *tbs, size_t tbslen)
The verify_init() and verify() methods are used to verify whether a sig-
nature is valid. They are called by EVP_PKEY_verify_init(3) and
EVP_PKEY_verify(3).
int (*verify_recover_init)(EVP_PKEY_CTX *ctx)
int (*verify_recover)(EVP_PKEY_CTX *ctx, unsigned char *rout, size_t *routlen, const unsigned char *sig, size_t siglen)
The verify_recover_init() and verify_recover() methods are used to verify
a signature and then recover the digest from the signature (for instance,
a signature that was generated by the RSA signing algorithm). They are
called by EVP_PKEY_verify_recover_init(3) and EVP_PKEY_verify_recover(3).
int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx)
int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, EVP_MD_CTX *mctx)
The signctx_init() and signctx() methods are used to sign a digest repre-
sented by an EVP_MD_CTX object. They are called by the
EVP_DigestSignInit(3) functions.
int (*verifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx)
int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen, EVP_MD_CTX *mctx)
The verifyctx_init() and verifyctx() methods are used to verify a signa-
ture against the data in an EVP_MD_CTX object. They are called by the
EVP_DigestVerifyInit(3) functions.
int (*encrypt_init)(EVP_PKEY_CTX *ctx)
int (*encrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char *in, size_t inlen)
The encrypt_init() and encrypt() methods are used to encrypt a piece of
data. They are called by EVP_PKEY_encrypt_init(3) and
EVP_PKEY_encrypt(3).
int (*decrypt_init)(EVP_PKEY_CTX *ctx)
int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char *in, size_t inlen)
The decrypt_init() and decrypt() methods are used to decrypt a piece of
data. They are called by EVP_PKEY_decrypt_init(3) and
EVP_PKEY_decrypt(3).
int (*derive_init)(EVP_PKEY_CTX *ctx)
int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen)
The derive_init() and derive() methods are used to derive the shared
secret from a public key algorithm (for instance, the DH algorithm).
They are called by EVP_PKEY_derive_init(3) and EVP_PKEY_derive(3).
int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
int (*ctrl_str)(EVP_PKEY_CTX *ctx, const char *type, const char *value)
The ctrl() and ctrl_str() methods are used to adjust algorithm-specific
settings. See EVP_PKEY_CTX_ctrl(3) for details.
Functions
EVP_PKEY_meth_new() creates a new EVP_PKEY_METHOD object with the given
id and flags. The following flags are supported:
EVP_PKEY_FLAG_AUTOARGLEN
Automatically calculate the maximum size of the output buffer in
corresponding EVP methods by the EVP framework. Thus the imple-
mentations of these methods don't need to care about handling the
case of returning output buffer size by themselves. For details
on the output buffer size, refer to EVP_PKEY_sign(3).
EVP_PKEY_FLAG_SIGCTX_CUSTOM
Indicate that the signctx() method of an EVP_PKEY_METHOD is
always called by the EVP framework while doing a digest signing
operation by calling EVP_DigestSignFinal(3).
EVP_PKEY_meth_free() frees pmeth.
EVP_PKEY_meth_copy() copies src to dst.
EVP_PKEY_meth_find() finds an EVP_PKEY_METHOD object with the given id.
This function first searches through the user-defined method objects and
then through the built-in objects.
EVP_PKEY_meth_add0() adds pmeth to the stack of user defined methods.
The EVP_PKEY_meth_set_*() functions set the corresponding fields of pmeth
to the arguments passed.
RETURN VALUES
EVP_PKEY_meth_new() returns a pointer to a new EVP_PKEY_METHOD object or
NULL on error.
EVP_PKEY_meth_find() returns a pointer to the found EVP_PKEY_METHOD
object or NULL if no matching object is found.
EVP_PKEY_meth_add0() returns 1 if the method is added successfully or 0
if an error occurred.
HISTORY
EVP_PKEY_meth_new(), EVP_PKEY_meth_free(), EVP_PKEY_meth_find(),
EVP_PKEY_meth_add0(), EVP_PKEY_meth_set_init(), EVP_PKEY_meth_set_copy(),
EVP_PKEY_meth_set_cleanup(), EVP_PKEY_meth_set_paramgen(),
EVP_PKEY_meth_set_keygen(), EVP_PKEY_meth_set_sign(),
EVP_PKEY_meth_set_verify(), EVP_PKEY_meth_set_verify_recover(),
EVP_PKEY_meth_set_signctx(), EVP_PKEY_meth_set_verifyctx(),
EVP_PKEY_meth_set_encrypt(), EVP_PKEY_meth_set_decrypt(),
EVP_PKEY_meth_set_derive(), and EVP_PKEY_meth_set_ctrl() first appeared
in OpenSSL 1.0.0 and have been available since OpenBSD 4.9.
EVP_PKEY_meth_copy() first appeared in OpenSSL 1.0.1 and has been avail-
able since OpenBSD 5.3.
DragonFly 5.5 March 23, 2018 DragonFly 5.5