1e71b7053SJung-uk Kim=pod 2e71b7053SJung-uk Kim 3e71b7053SJung-uk Kim=head1 NAME 4e71b7053SJung-uk Kim 5e71b7053SJung-uk KimEVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find, 6e71b7053SJung-uk KimEVP_PKEY_meth_add0, EVP_PKEY_METHOD, 7e71b7053SJung-uk KimEVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup, 8e71b7053SJung-uk KimEVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign, 9e71b7053SJung-uk KimEVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx, 10e71b7053SJung-uk KimEVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt, 1117f01e99SJung-uk KimEVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl, 1217f01e99SJung-uk KimEVP_PKEY_meth_set_digestsign, EVP_PKEY_meth_set_digestverify, 1317f01e99SJung-uk KimEVP_PKEY_meth_set_check, 14e71b7053SJung-uk KimEVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check, 15e71b7053SJung-uk KimEVP_PKEY_meth_set_digest_custom, 16e71b7053SJung-uk KimEVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup, 17e71b7053SJung-uk KimEVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign, 18e71b7053SJung-uk KimEVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx, 19e71b7053SJung-uk KimEVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt, 2017f01e99SJung-uk KimEVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl, 2117f01e99SJung-uk KimEVP_PKEY_meth_get_digestsign, EVP_PKEY_meth_get_digestverify, 2217f01e99SJung-uk KimEVP_PKEY_meth_get_check, 23e71b7053SJung-uk KimEVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check, 24e71b7053SJung-uk KimEVP_PKEY_meth_get_digest_custom, 25e71b7053SJung-uk KimEVP_PKEY_meth_remove 26e71b7053SJung-uk Kim- manipulating EVP_PKEY_METHOD structure 27e71b7053SJung-uk Kim 28e71b7053SJung-uk Kim=head1 SYNOPSIS 29e71b7053SJung-uk Kim 30e71b7053SJung-uk Kim #include <openssl/evp.h> 31e71b7053SJung-uk Kim 32b077aed3SPierre ProncheryThe following functions have been deprecated since OpenSSL 3.0, and can be 33b077aed3SPierre Proncheryhidden entirely by defining B<OPENSSL_API_COMPAT> with a suitable version value, 34b077aed3SPierre Proncherysee L<openssl_user_macros(7)>: 35b077aed3SPierre Pronchery 36e71b7053SJung-uk Kim typedef struct evp_pkey_method_st EVP_PKEY_METHOD; 37e71b7053SJung-uk Kim 38e71b7053SJung-uk Kim EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags); 39e71b7053SJung-uk Kim void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth); 40e71b7053SJung-uk Kim void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src); 41e71b7053SJung-uk Kim const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type); 42e71b7053SJung-uk Kim int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth); 43e71b7053SJung-uk Kim int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth); 44e71b7053SJung-uk Kim 45e71b7053SJung-uk Kim void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth, 46e71b7053SJung-uk Kim int (*init) (EVP_PKEY_CTX *ctx)); 47e71b7053SJung-uk Kim void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth, 48e71b7053SJung-uk Kim int (*copy) (EVP_PKEY_CTX *dst, 49b077aed3SPierre Pronchery const EVP_PKEY_CTX *src)); 50e71b7053SJung-uk Kim void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth, 51e71b7053SJung-uk Kim void (*cleanup) (EVP_PKEY_CTX *ctx)); 52e71b7053SJung-uk Kim void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth, 53e71b7053SJung-uk Kim int (*paramgen_init) (EVP_PKEY_CTX *ctx), 54e71b7053SJung-uk Kim int (*paramgen) (EVP_PKEY_CTX *ctx, 55e71b7053SJung-uk Kim EVP_PKEY *pkey)); 56e71b7053SJung-uk Kim void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth, 57e71b7053SJung-uk Kim int (*keygen_init) (EVP_PKEY_CTX *ctx), 58e71b7053SJung-uk Kim int (*keygen) (EVP_PKEY_CTX *ctx, 59e71b7053SJung-uk Kim EVP_PKEY *pkey)); 60e71b7053SJung-uk Kim void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth, 61e71b7053SJung-uk Kim int (*sign_init) (EVP_PKEY_CTX *ctx), 62e71b7053SJung-uk Kim int (*sign) (EVP_PKEY_CTX *ctx, 63e71b7053SJung-uk Kim unsigned char *sig, size_t *siglen, 64e71b7053SJung-uk Kim const unsigned char *tbs, 65e71b7053SJung-uk Kim size_t tbslen)); 66e71b7053SJung-uk Kim void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth, 67e71b7053SJung-uk Kim int (*verify_init) (EVP_PKEY_CTX *ctx), 68e71b7053SJung-uk Kim int (*verify) (EVP_PKEY_CTX *ctx, 69e71b7053SJung-uk Kim const unsigned char *sig, 70e71b7053SJung-uk Kim size_t siglen, 71e71b7053SJung-uk Kim const unsigned char *tbs, 72e71b7053SJung-uk Kim size_t tbslen)); 73e71b7053SJung-uk Kim void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth, 74e71b7053SJung-uk Kim int (*verify_recover_init) (EVP_PKEY_CTX 75e71b7053SJung-uk Kim *ctx), 76e71b7053SJung-uk Kim int (*verify_recover) (EVP_PKEY_CTX 77e71b7053SJung-uk Kim *ctx, 78e71b7053SJung-uk Kim unsigned char 79e71b7053SJung-uk Kim *sig, 80e71b7053SJung-uk Kim size_t *siglen, 81e71b7053SJung-uk Kim const unsigned 82e71b7053SJung-uk Kim char *tbs, 83e71b7053SJung-uk Kim size_t tbslen)); 84e71b7053SJung-uk Kim void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth, 85e71b7053SJung-uk Kim int (*signctx_init) (EVP_PKEY_CTX *ctx, 86e71b7053SJung-uk Kim EVP_MD_CTX *mctx), 87e71b7053SJung-uk Kim int (*signctx) (EVP_PKEY_CTX *ctx, 88e71b7053SJung-uk Kim unsigned char *sig, 89e71b7053SJung-uk Kim size_t *siglen, 90e71b7053SJung-uk Kim EVP_MD_CTX *mctx)); 91e71b7053SJung-uk Kim void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth, 92e71b7053SJung-uk Kim int (*verifyctx_init) (EVP_PKEY_CTX *ctx, 93e71b7053SJung-uk Kim EVP_MD_CTX *mctx), 94e71b7053SJung-uk Kim int (*verifyctx) (EVP_PKEY_CTX *ctx, 95e71b7053SJung-uk Kim const unsigned char *sig, 96e71b7053SJung-uk Kim int siglen, 97e71b7053SJung-uk Kim EVP_MD_CTX *mctx)); 98e71b7053SJung-uk Kim void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth, 99e71b7053SJung-uk Kim int (*encrypt_init) (EVP_PKEY_CTX *ctx), 100e71b7053SJung-uk Kim int (*encryptfn) (EVP_PKEY_CTX *ctx, 101e71b7053SJung-uk Kim unsigned char *out, 102e71b7053SJung-uk Kim size_t *outlen, 103e71b7053SJung-uk Kim const unsigned char *in, 104e71b7053SJung-uk Kim size_t inlen)); 105e71b7053SJung-uk Kim void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth, 106e71b7053SJung-uk Kim int (*decrypt_init) (EVP_PKEY_CTX *ctx), 107e71b7053SJung-uk Kim int (*decrypt) (EVP_PKEY_CTX *ctx, 108e71b7053SJung-uk Kim unsigned char *out, 109e71b7053SJung-uk Kim size_t *outlen, 110e71b7053SJung-uk Kim const unsigned char *in, 111e71b7053SJung-uk Kim size_t inlen)); 112e71b7053SJung-uk Kim void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth, 113e71b7053SJung-uk Kim int (*derive_init) (EVP_PKEY_CTX *ctx), 114e71b7053SJung-uk Kim int (*derive) (EVP_PKEY_CTX *ctx, 115e71b7053SJung-uk Kim unsigned char *key, 116e71b7053SJung-uk Kim size_t *keylen)); 117e71b7053SJung-uk Kim void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth, 118e71b7053SJung-uk Kim int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, 119e71b7053SJung-uk Kim void *p2), 120e71b7053SJung-uk Kim int (*ctrl_str) (EVP_PKEY_CTX *ctx, 121e71b7053SJung-uk Kim const char *type, 122e71b7053SJung-uk Kim const char *value)); 12317f01e99SJung-uk Kim void EVP_PKEY_meth_set_digestsign(EVP_PKEY_METHOD *pmeth, 12417f01e99SJung-uk Kim int (*digestsign) (EVP_MD_CTX *ctx, 12517f01e99SJung-uk Kim unsigned char *sig, 12617f01e99SJung-uk Kim size_t *siglen, 12717f01e99SJung-uk Kim const unsigned char *tbs, 12817f01e99SJung-uk Kim size_t tbslen)); 12917f01e99SJung-uk Kim void EVP_PKEY_meth_set_digestverify(EVP_PKEY_METHOD *pmeth, 13017f01e99SJung-uk Kim int (*digestverify) (EVP_MD_CTX *ctx, 13117f01e99SJung-uk Kim const unsigned char *sig, 13217f01e99SJung-uk Kim size_t siglen, 13317f01e99SJung-uk Kim const unsigned char *tbs, 13417f01e99SJung-uk Kim size_t tbslen)); 135e71b7053SJung-uk Kim void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth, 136e71b7053SJung-uk Kim int (*check) (EVP_PKEY *pkey)); 137e71b7053SJung-uk Kim void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth, 138e71b7053SJung-uk Kim int (*check) (EVP_PKEY *pkey)); 139e71b7053SJung-uk Kim void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth, 140e71b7053SJung-uk Kim int (*check) (EVP_PKEY *pkey)); 141e71b7053SJung-uk Kim void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth, 142e71b7053SJung-uk Kim int (*digest_custom) (EVP_PKEY_CTX *ctx, 143e71b7053SJung-uk Kim EVP_MD_CTX *mctx)); 144e71b7053SJung-uk Kim 145e71b7053SJung-uk Kim void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth, 146e71b7053SJung-uk Kim int (**pinit) (EVP_PKEY_CTX *ctx)); 147e71b7053SJung-uk Kim void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth, 148e71b7053SJung-uk Kim int (**pcopy) (EVP_PKEY_CTX *dst, 149e71b7053SJung-uk Kim EVP_PKEY_CTX *src)); 150e71b7053SJung-uk Kim void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth, 151e71b7053SJung-uk Kim void (**pcleanup) (EVP_PKEY_CTX *ctx)); 152e71b7053SJung-uk Kim void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth, 153e71b7053SJung-uk Kim int (**pparamgen_init) (EVP_PKEY_CTX *ctx), 154e71b7053SJung-uk Kim int (**pparamgen) (EVP_PKEY_CTX *ctx, 155e71b7053SJung-uk Kim EVP_PKEY *pkey)); 156e71b7053SJung-uk Kim void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth, 157e71b7053SJung-uk Kim int (**pkeygen_init) (EVP_PKEY_CTX *ctx), 158e71b7053SJung-uk Kim int (**pkeygen) (EVP_PKEY_CTX *ctx, 159e71b7053SJung-uk Kim EVP_PKEY *pkey)); 160e71b7053SJung-uk Kim void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth, 161e71b7053SJung-uk Kim int (**psign_init) (EVP_PKEY_CTX *ctx), 162e71b7053SJung-uk Kim int (**psign) (EVP_PKEY_CTX *ctx, 163e71b7053SJung-uk Kim unsigned char *sig, size_t *siglen, 164e71b7053SJung-uk Kim const unsigned char *tbs, 165e71b7053SJung-uk Kim size_t tbslen)); 166e71b7053SJung-uk Kim void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth, 167e71b7053SJung-uk Kim int (**pverify_init) (EVP_PKEY_CTX *ctx), 168e71b7053SJung-uk Kim int (**pverify) (EVP_PKEY_CTX *ctx, 169e71b7053SJung-uk Kim const unsigned char *sig, 170e71b7053SJung-uk Kim size_t siglen, 171e71b7053SJung-uk Kim const unsigned char *tbs, 172e71b7053SJung-uk Kim size_t tbslen)); 173e71b7053SJung-uk Kim void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth, 174e71b7053SJung-uk Kim int (**pverify_recover_init) (EVP_PKEY_CTX 175e71b7053SJung-uk Kim *ctx), 176e71b7053SJung-uk Kim int (**pverify_recover) (EVP_PKEY_CTX 177e71b7053SJung-uk Kim *ctx, 178e71b7053SJung-uk Kim unsigned char 179e71b7053SJung-uk Kim *sig, 180e71b7053SJung-uk Kim size_t *siglen, 181e71b7053SJung-uk Kim const unsigned 182e71b7053SJung-uk Kim char *tbs, 183e71b7053SJung-uk Kim size_t tbslen)); 184e71b7053SJung-uk Kim void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth, 185e71b7053SJung-uk Kim int (**psignctx_init) (EVP_PKEY_CTX *ctx, 186e71b7053SJung-uk Kim EVP_MD_CTX *mctx), 187e71b7053SJung-uk Kim int (**psignctx) (EVP_PKEY_CTX *ctx, 188e71b7053SJung-uk Kim unsigned char *sig, 189e71b7053SJung-uk Kim size_t *siglen, 190e71b7053SJung-uk Kim EVP_MD_CTX *mctx)); 191e71b7053SJung-uk Kim void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth, 192e71b7053SJung-uk Kim int (**pverifyctx_init) (EVP_PKEY_CTX *ctx, 193e71b7053SJung-uk Kim EVP_MD_CTX *mctx), 194e71b7053SJung-uk Kim int (**pverifyctx) (EVP_PKEY_CTX *ctx, 195e71b7053SJung-uk Kim const unsigned char *sig, 196e71b7053SJung-uk Kim int siglen, 197e71b7053SJung-uk Kim EVP_MD_CTX *mctx)); 198e71b7053SJung-uk Kim void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth, 199e71b7053SJung-uk Kim int (**pencrypt_init) (EVP_PKEY_CTX *ctx), 200e71b7053SJung-uk Kim int (**pencryptfn) (EVP_PKEY_CTX *ctx, 201e71b7053SJung-uk Kim unsigned char *out, 202e71b7053SJung-uk Kim size_t *outlen, 203e71b7053SJung-uk Kim const unsigned char *in, 204e71b7053SJung-uk Kim size_t inlen)); 205e71b7053SJung-uk Kim void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth, 206e71b7053SJung-uk Kim int (**pdecrypt_init) (EVP_PKEY_CTX *ctx), 207e71b7053SJung-uk Kim int (**pdecrypt) (EVP_PKEY_CTX *ctx, 208e71b7053SJung-uk Kim unsigned char *out, 209e71b7053SJung-uk Kim size_t *outlen, 210e71b7053SJung-uk Kim const unsigned char *in, 211e71b7053SJung-uk Kim size_t inlen)); 212e71b7053SJung-uk Kim void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth, 213e71b7053SJung-uk Kim int (**pderive_init) (EVP_PKEY_CTX *ctx), 214e71b7053SJung-uk Kim int (**pderive) (EVP_PKEY_CTX *ctx, 215e71b7053SJung-uk Kim unsigned char *key, 216e71b7053SJung-uk Kim size_t *keylen)); 217e71b7053SJung-uk Kim void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth, 218e71b7053SJung-uk Kim int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1, 219e71b7053SJung-uk Kim void *p2), 220e71b7053SJung-uk Kim int (**pctrl_str) (EVP_PKEY_CTX *ctx, 221e71b7053SJung-uk Kim const char *type, 222e71b7053SJung-uk Kim const char *value)); 223b077aed3SPierre Pronchery void EVP_PKEY_meth_get_digestsign(const EVP_PKEY_METHOD *pmeth, 22417f01e99SJung-uk Kim int (**digestsign) (EVP_MD_CTX *ctx, 22517f01e99SJung-uk Kim unsigned char *sig, 22617f01e99SJung-uk Kim size_t *siglen, 22717f01e99SJung-uk Kim const unsigned char *tbs, 22817f01e99SJung-uk Kim size_t tbslen)); 229b077aed3SPierre Pronchery void EVP_PKEY_meth_get_digestverify(const EVP_PKEY_METHOD *pmeth, 23017f01e99SJung-uk Kim int (**digestverify) (EVP_MD_CTX *ctx, 23117f01e99SJung-uk Kim const unsigned char *sig, 23217f01e99SJung-uk Kim size_t siglen, 23317f01e99SJung-uk Kim const unsigned char *tbs, 23417f01e99SJung-uk Kim size_t tbslen)); 235e71b7053SJung-uk Kim void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth, 236e71b7053SJung-uk Kim int (**pcheck) (EVP_PKEY *pkey)); 237e71b7053SJung-uk Kim void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth, 238e71b7053SJung-uk Kim int (**pcheck) (EVP_PKEY *pkey)); 239e71b7053SJung-uk Kim void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth, 240e71b7053SJung-uk Kim int (**pcheck) (EVP_PKEY *pkey)); 241b077aed3SPierre Pronchery void EVP_PKEY_meth_get_digest_custom(const EVP_PKEY_METHOD *pmeth, 242e71b7053SJung-uk Kim int (**pdigest_custom) (EVP_PKEY_CTX *ctx, 243e71b7053SJung-uk Kim EVP_MD_CTX *mctx)); 244e71b7053SJung-uk Kim 245e71b7053SJung-uk Kim=head1 DESCRIPTION 246e71b7053SJung-uk Kim 247b077aed3SPierre ProncheryAll of the functions described on this page are deprecated. 248b077aed3SPierre ProncheryApplications should instead use the OSSL_PROVIDER APIs. 249b077aed3SPierre Pronchery 250e71b7053SJung-uk KimB<EVP_PKEY_METHOD> is a structure which holds a set of methods for a 251e71b7053SJung-uk Kimspecific public key cryptographic algorithm. Those methods are usually 252e71b7053SJung-uk Kimused to perform different jobs, such as generating a key, signing or 253e71b7053SJung-uk Kimverifying, encrypting or decrypting, etc. 254e71b7053SJung-uk Kim 255e71b7053SJung-uk KimThere are two places where the B<EVP_PKEY_METHOD> objects are stored: one 256e71b7053SJung-uk Kimis a built-in static array representing the standard methods for different 257e71b7053SJung-uk Kimalgorithms, and the other one is a stack of user-defined application-specific 258e71b7053SJung-uk Kimmethods, which can be manipulated by using L<EVP_PKEY_meth_add0(3)>. 259e71b7053SJung-uk Kim 260e71b7053SJung-uk KimThe B<EVP_PKEY_METHOD> objects are usually referenced by B<EVP_PKEY_CTX> 261e71b7053SJung-uk Kimobjects. 262e71b7053SJung-uk Kim 263e71b7053SJung-uk Kim=head2 Methods 264e71b7053SJung-uk Kim 265e71b7053SJung-uk KimThe methods are the underlying implementations of a particular public key 266e71b7053SJung-uk Kimalgorithm present by the B<EVP_PKEY_CTX> object. 267e71b7053SJung-uk Kim 268e71b7053SJung-uk Kim int (*init) (EVP_PKEY_CTX *ctx); 269b077aed3SPierre Pronchery int (*copy) (EVP_PKEY_CTX *dst, const EVP_PKEY_CTX *src); 270e71b7053SJung-uk Kim void (*cleanup) (EVP_PKEY_CTX *ctx); 271e71b7053SJung-uk Kim 272e71b7053SJung-uk KimThe init() method is called to initialize algorithm-specific data when a new 273e71b7053SJung-uk KimB<EVP_PKEY_CTX> is created. As opposed to init(), the cleanup() method is called 274e71b7053SJung-uk Kimwhen an B<EVP_PKEY_CTX> is freed. The copy() method is called when an B<EVP_PKEY_CTX> 275e71b7053SJung-uk Kimis being duplicated. Refer to L<EVP_PKEY_CTX_new(3)>, L<EVP_PKEY_CTX_new_id(3)>, 276e71b7053SJung-uk KimL<EVP_PKEY_CTX_free(3)> and L<EVP_PKEY_CTX_dup(3)>. 277e71b7053SJung-uk Kim 278e71b7053SJung-uk Kim int (*paramgen_init) (EVP_PKEY_CTX *ctx); 279e71b7053SJung-uk Kim int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey); 280e71b7053SJung-uk Kim 281e71b7053SJung-uk KimThe paramgen_init() and paramgen() methods deal with key parameter generation. 282e71b7053SJung-uk KimThey are called by L<EVP_PKEY_paramgen_init(3)> and L<EVP_PKEY_paramgen(3)> to 283e71b7053SJung-uk Kimhandle the parameter generation process. 284e71b7053SJung-uk Kim 285e71b7053SJung-uk Kim int (*keygen_init) (EVP_PKEY_CTX *ctx); 286e71b7053SJung-uk Kim int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey); 287e71b7053SJung-uk Kim 288e71b7053SJung-uk KimThe keygen_init() and keygen() methods are used to generate the actual key for 289e71b7053SJung-uk Kimthe specified algorithm. They are called by L<EVP_PKEY_keygen_init(3)> and 290e71b7053SJung-uk KimL<EVP_PKEY_keygen(3)>. 291e71b7053SJung-uk Kim 292e71b7053SJung-uk Kim int (*sign_init) (EVP_PKEY_CTX *ctx); 293e71b7053SJung-uk Kim int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, 294e71b7053SJung-uk Kim const unsigned char *tbs, size_t tbslen); 295e71b7053SJung-uk Kim 296e71b7053SJung-uk KimThe sign_init() and sign() methods are used to generate the signature of a 297e71b7053SJung-uk Kimpiece of data using a private key. They are called by L<EVP_PKEY_sign_init(3)> 298e71b7053SJung-uk Kimand L<EVP_PKEY_sign(3)>. 299e71b7053SJung-uk Kim 300e71b7053SJung-uk Kim int (*verify_init) (EVP_PKEY_CTX *ctx); 301e71b7053SJung-uk Kim int (*verify) (EVP_PKEY_CTX *ctx, 302e71b7053SJung-uk Kim const unsigned char *sig, size_t siglen, 303e71b7053SJung-uk Kim const unsigned char *tbs, size_t tbslen); 304e71b7053SJung-uk Kim 305e71b7053SJung-uk KimThe verify_init() and verify() methods are used to verify whether a signature is 306e71b7053SJung-uk Kimvalid. They are called by L<EVP_PKEY_verify_init(3)> and L<EVP_PKEY_verify(3)>. 307e71b7053SJung-uk Kim 308e71b7053SJung-uk Kim int (*verify_recover_init) (EVP_PKEY_CTX *ctx); 309e71b7053SJung-uk Kim int (*verify_recover) (EVP_PKEY_CTX *ctx, 310e71b7053SJung-uk Kim unsigned char *rout, size_t *routlen, 311e71b7053SJung-uk Kim const unsigned char *sig, size_t siglen); 312e71b7053SJung-uk Kim 313e71b7053SJung-uk KimThe verify_recover_init() and verify_recover() methods are used to verify a 314e71b7053SJung-uk Kimsignature and then recover the digest from the signature (for instance, a 315e71b7053SJung-uk Kimsignature that was generated by RSA signing algorithm). They are called by 316e71b7053SJung-uk KimL<EVP_PKEY_verify_recover_init(3)> and L<EVP_PKEY_verify_recover(3)>. 317e71b7053SJung-uk Kim 318e71b7053SJung-uk Kim int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx); 319e71b7053SJung-uk Kim int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, 320e71b7053SJung-uk Kim EVP_MD_CTX *mctx); 321e71b7053SJung-uk Kim 322e71b7053SJung-uk KimThe signctx_init() and signctx() methods are used to sign a digest present by 323e71b7053SJung-uk Kima B<EVP_MD_CTX> object. They are called by the EVP_DigestSign functions. See 324610a21fdSJung-uk KimL<EVP_DigestSignInit(3)> for details. 325e71b7053SJung-uk Kim 326e71b7053SJung-uk Kim int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx); 327e71b7053SJung-uk Kim int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen, 328e71b7053SJung-uk Kim EVP_MD_CTX *mctx); 329e71b7053SJung-uk Kim 330e71b7053SJung-uk KimThe verifyctx_init() and verifyctx() methods are used to verify a signature 331e71b7053SJung-uk Kimagainst the data in a B<EVP_MD_CTX> object. They are called by the various 332610a21fdSJung-uk KimEVP_DigestVerify functions. See L<EVP_DigestVerifyInit(3)> for details. 333e71b7053SJung-uk Kim 334e71b7053SJung-uk Kim int (*encrypt_init) (EVP_PKEY_CTX *ctx); 335e71b7053SJung-uk Kim int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, 336e71b7053SJung-uk Kim const unsigned char *in, size_t inlen); 337e71b7053SJung-uk Kim 338e71b7053SJung-uk KimThe encrypt_init() and encrypt() methods are used to encrypt a piece of data. 339e71b7053SJung-uk KimThey are called by L<EVP_PKEY_encrypt_init(3)> and L<EVP_PKEY_encrypt(3)>. 340e71b7053SJung-uk Kim 341e71b7053SJung-uk Kim int (*decrypt_init) (EVP_PKEY_CTX *ctx); 342e71b7053SJung-uk Kim int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, 343e71b7053SJung-uk Kim const unsigned char *in, size_t inlen); 344e71b7053SJung-uk Kim 345e71b7053SJung-uk KimThe decrypt_init() and decrypt() methods are used to decrypt a piece of data. 346e71b7053SJung-uk KimThey are called by L<EVP_PKEY_decrypt_init(3)> and L<EVP_PKEY_decrypt(3)>. 347e71b7053SJung-uk Kim 348e71b7053SJung-uk Kim int (*derive_init) (EVP_PKEY_CTX *ctx); 349e71b7053SJung-uk Kim int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen); 350e71b7053SJung-uk Kim 351e71b7053SJung-uk KimThe derive_init() and derive() methods are used to derive the shared secret 352e71b7053SJung-uk Kimfrom a public key algorithm (for instance, the DH algorithm). They are called by 353e71b7053SJung-uk KimL<EVP_PKEY_derive_init(3)> and L<EVP_PKEY_derive(3)>. 354e71b7053SJung-uk Kim 355e71b7053SJung-uk Kim int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2); 356e71b7053SJung-uk Kim int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value); 357e71b7053SJung-uk Kim 358e71b7053SJung-uk KimThe ctrl() and ctrl_str() methods are used to adjust algorithm-specific 359610a21fdSJung-uk Kimsettings. See L<EVP_PKEY_CTX_ctrl(3)> and related functions for details. 360e71b7053SJung-uk Kim 361e71b7053SJung-uk Kim int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen, 362e71b7053SJung-uk Kim const unsigned char *tbs, size_t tbslen); 363e71b7053SJung-uk Kim int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig, 364e71b7053SJung-uk Kim size_t siglen, const unsigned char *tbs, 365e71b7053SJung-uk Kim size_t tbslen); 366e71b7053SJung-uk Kim 367e71b7053SJung-uk KimThe digestsign() and digestverify() methods are used to generate or verify 368610a21fdSJung-uk Kima signature in a one-shot mode. They could be called by L<EVP_DigestSign(3)> 369e71b7053SJung-uk Kimand L<EVP_DigestVerify(3)>. 370e71b7053SJung-uk Kim 371e71b7053SJung-uk Kim int (*check) (EVP_PKEY *pkey); 372e71b7053SJung-uk Kim int (*public_check) (EVP_PKEY *pkey); 373e71b7053SJung-uk Kim int (*param_check) (EVP_PKEY *pkey); 374e71b7053SJung-uk Kim 375e71b7053SJung-uk KimThe check(), public_check() and param_check() methods are used to validate a 376e71b7053SJung-uk Kimkey-pair, the public component and parameters respectively for a given B<pkey>. 377e71b7053SJung-uk KimThey could be called by L<EVP_PKEY_check(3)>, L<EVP_PKEY_public_check(3)> and 378e71b7053SJung-uk KimL<EVP_PKEY_param_check(3)> respectively. 379e71b7053SJung-uk Kim 380e71b7053SJung-uk Kim int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx); 381e71b7053SJung-uk Kim 382e71b7053SJung-uk KimThe digest_custom() method is used to generate customized digest content before 383e71b7053SJung-uk Kimthe real message is passed to functions like L<EVP_DigestSignUpdate(3)> or 384e71b7053SJung-uk KimL<EVP_DigestVerifyInit(3)>. This is usually required by some public key 385e71b7053SJung-uk Kimsignature algorithms like SM2 which requires a hashed prefix to the message to 386e71b7053SJung-uk Kimbe signed. The digest_custom() function will be called by L<EVP_DigestSignInit(3)> 387e71b7053SJung-uk Kimand L<EVP_DigestVerifyInit(3)>. 388e71b7053SJung-uk Kim 389e71b7053SJung-uk Kim=head2 Functions 390e71b7053SJung-uk Kim 391e71b7053SJung-uk KimEVP_PKEY_meth_new() creates and returns a new B<EVP_PKEY_METHOD> object, 392e71b7053SJung-uk Kimand associates the given B<id> and B<flags>. The following flags are 393e71b7053SJung-uk Kimsupported: 394e71b7053SJung-uk Kim 395e71b7053SJung-uk Kim EVP_PKEY_FLAG_AUTOARGLEN 396e71b7053SJung-uk Kim EVP_PKEY_FLAG_SIGCTX_CUSTOM 397e71b7053SJung-uk Kim 398e71b7053SJung-uk KimIf an B<EVP_PKEY_METHOD> is set with the B<EVP_PKEY_FLAG_AUTOARGLEN> flag, the 399e71b7053SJung-uk Kimmaximum size of the output buffer will be automatically calculated or checked 400e71b7053SJung-uk Kimin corresponding EVP methods by the EVP framework. Thus the implementations of 401e71b7053SJung-uk Kimthese methods don't need to care about handling the case of returning output 402e71b7053SJung-uk Kimbuffer size by themselves. For details on the output buffer size, refer to 403e71b7053SJung-uk KimL<EVP_PKEY_sign(3)>. 404e71b7053SJung-uk Kim 405e71b7053SJung-uk KimThe B<EVP_PKEY_FLAG_SIGCTX_CUSTOM> is used to indicate the signctx() method 406e71b7053SJung-uk Kimof an B<EVP_PKEY_METHOD> is always called by the EVP framework while doing a 407e71b7053SJung-uk Kimdigest signing operation by calling L<EVP_DigestSignFinal(3)>. 408e71b7053SJung-uk Kim 409e71b7053SJung-uk KimEVP_PKEY_meth_free() frees an existing B<EVP_PKEY_METHOD> pointed by 410*a7148ab3SEnji CooperB<pmeth>. If the argument is NULL, nothing is done. 411e71b7053SJung-uk Kim 412e71b7053SJung-uk KimEVP_PKEY_meth_copy() copies an B<EVP_PKEY_METHOD> object from B<src> 413e71b7053SJung-uk Kimto B<dst>. 414e71b7053SJung-uk Kim 415e71b7053SJung-uk KimEVP_PKEY_meth_find() finds an B<EVP_PKEY_METHOD> object with the B<id>. 416e71b7053SJung-uk KimThis function first searches through the user-defined method objects and 417e71b7053SJung-uk Kimthen the built-in objects. 418e71b7053SJung-uk Kim 419e71b7053SJung-uk KimEVP_PKEY_meth_add0() adds B<pmeth> to the user defined stack of methods. 420e71b7053SJung-uk Kim 421e71b7053SJung-uk KimEVP_PKEY_meth_remove() removes an B<EVP_PKEY_METHOD> object added by 422e71b7053SJung-uk KimEVP_PKEY_meth_add0(). 423e71b7053SJung-uk Kim 424e71b7053SJung-uk KimThe EVP_PKEY_meth_set functions set the corresponding fields of 425e71b7053SJung-uk KimB<EVP_PKEY_METHOD> structure with the arguments passed. 426e71b7053SJung-uk Kim 427e71b7053SJung-uk KimThe EVP_PKEY_meth_get functions get the corresponding fields of 428e71b7053SJung-uk KimB<EVP_PKEY_METHOD> structure to the arguments provided. 429e71b7053SJung-uk Kim 430e71b7053SJung-uk Kim=head1 RETURN VALUES 431e71b7053SJung-uk Kim 432e71b7053SJung-uk KimEVP_PKEY_meth_new() returns a pointer to a new B<EVP_PKEY_METHOD> 433e71b7053SJung-uk Kimobject or returns NULL on error. 434e71b7053SJung-uk Kim 435e71b7053SJung-uk KimEVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values. 436e71b7053SJung-uk Kim 437e71b7053SJung-uk KimEVP_PKEY_meth_find() returns a pointer to the found B<EVP_PKEY_METHOD> 438e71b7053SJung-uk Kimobject or returns NULL if not found. 439e71b7053SJung-uk Kim 440e71b7053SJung-uk KimEVP_PKEY_meth_add0() returns 1 if method is added successfully or 0 441e71b7053SJung-uk Kimif an error occurred. 442e71b7053SJung-uk Kim 443e71b7053SJung-uk KimEVP_PKEY_meth_remove() returns 1 if method is removed successfully or 444e71b7053SJung-uk Kim0 if an error occurred. 445e71b7053SJung-uk Kim 446e71b7053SJung-uk KimAll EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return 447e71b7053SJung-uk Kimvalues. For the 'get' functions, function pointers are returned by 448e71b7053SJung-uk Kimarguments. 449e71b7053SJung-uk Kim 450b077aed3SPierre Pronchery=head1 HISTORY 451b077aed3SPierre Pronchery 452b077aed3SPierre ProncheryAll of these functions were deprecated in OpenSSL 3.0. 453b077aed3SPierre Pronchery 454b077aed3SPierre ProncheryThe signature of the I<copy> functional argument of EVP_PKEY_meth_set_copy() 455b077aed3SPierre Proncheryhas changed in OpenSSL 3.0 so its I<src> parameter is now constified. 456b077aed3SPierre Pronchery 457e71b7053SJung-uk Kim=head1 COPYRIGHT 458e71b7053SJung-uk Kim 459*a7148ab3SEnji CooperCopyright 2017-2024 The OpenSSL Project Authors. All Rights Reserved. 460e71b7053SJung-uk Kim 461b077aed3SPierre ProncheryLicensed under the Apache License 2.0 (the "License"). You may not use 462e71b7053SJung-uk Kimthis file except in compliance with the License. You can obtain a copy 463e71b7053SJung-uk Kimin the file LICENSE in the source distribution or at 464e71b7053SJung-uk KimL<https://www.openssl.org/source/license.html>. 465e71b7053SJung-uk Kim 466e71b7053SJung-uk Kim=cut 467