Standard preamble:
========================================================================
..
.... Set up some character translations and predefined strings. \*(-- will
give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
double quote, and \*(R" will give a right double quote. \*(C+ will
give a nicer C++. Capital omega is used to do unbreakable dashes and
therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
nothing in troff, for use with C<>.
.tr \(*W- . ds -- \(*W- . ds PI pi . if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch . if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch . ds L" "" . ds R" "" . ds C` "" . ds C' "" 'br\} . ds -- \|\(em\| . ds PI \(*p . ds L" `` . ds R" '' . ds C` . ds C' 'br\}
Escape single quotes in literal strings from groff's Unicode transform.
If the F register is >0, we'll generate index entries on stderr for
titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
entries marked with X<> in POD. Of course, you'll have to process the
output yourself in some meaningful fashion.
Avoid warning from groff about undefined register 'F'.
.. .nr rF 0 . if \nF \{\ . de IX . tm Index:\\$1\t\\n%\t"\\$2" .. . if !\nF==2 \{\ . nr % 0 . nr F 2 . \} . \} .\} .rr rF
Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff . ds #H 0 . ds #V .8m . ds #F .3m . ds #[ \f1 . ds #] .\} . ds #H ((1u-(\\\\n(.fu%2u))*.13m) . ds #V .6m . ds #F 0 . ds #[ \& . ds #] \& .\} . \" simple accents for nroff and troff . ds ' \& . ds ` \& . ds ^ \& . ds , \& . ds ~ ~ . ds / .\} . ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" . ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' . ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' . ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' . ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' . ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' .\} . \" troff and (daisy-wheel) nroff accents . \" corrections for vroff . \" for low resolution devices (crt and lpr) \{\ . ds : e . ds 8 ss . ds o a . ds d- d\h'-1'\(ga . ds D- D\h'-1'\(hy . ds th \o'bp' . ds Th \o'LP' . ds ae ae . ds Ae AE .\} ========================================================================
Title "EVP_PKEY_METH_NEW 3"
way too many mistakes in technical documents.
There are two places where the \s-1EVP_PKEY_METHOD\s0 objects are stored: one is a built-in static array representing the standard methods for different algorithms, and the other one is a stack of user-defined application-specific methods, which can be manipulated by using EVP_PKEY_meth_add0\|(3).
The \s-1EVP_PKEY_METHOD\s0 objects are usually referenced by \s-1EVP_PKEY_CTX\s0 objects.
.Vb 3 int (*init) (EVP_PKEY_CTX *ctx); int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src); void (*cleanup) (EVP_PKEY_CTX *ctx); .Ve
The init() method is called to initialize algorithm-specific data when a new \fB\s-1EVP_PKEY_CTX\s0 is created. As opposed to init(), the cleanup() method is called when an \s-1EVP_PKEY_CTX\s0 is freed. The copy() method is called when an \s-1EVP_PKEY_CTX\s0 is being duplicated. Refer to EVP_PKEY_CTX_new\|(3), EVP_PKEY_CTX_new_id\|(3), \fBEVP_PKEY_CTX_free\|(3) and EVP_PKEY_CTX_dup\|(3).
.Vb 2 int (*paramgen_init) (EVP_PKEY_CTX *ctx); int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey); .Ve
The paramgen_init() and paramgen() methods deal with key parameter generation. They are called by EVP_PKEY_paramgen_init\|(3) and EVP_PKEY_paramgen\|(3) to handle the parameter generation process.
.Vb 2 int (*keygen_init) (EVP_PKEY_CTX *ctx); int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey); .Ve
The keygen_init() and keygen() methods are used to generate the actual key for the specified algorithm. They are called by EVP_PKEY_keygen_init\|(3) and \fBEVP_PKEY_keygen\|(3).
.Vb 3 int (*sign_init) (EVP_PKEY_CTX *ctx); int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, const unsigned char *tbs, size_t tbslen); .Ve
The sign_init() and sign() methods are used to generate the signature of a piece of data using a private key. They are called by EVP_PKEY_sign_init\|(3) and EVP_PKEY_sign\|(3).
.Vb 4 int (*verify_init) (EVP_PKEY_CTX *ctx); int (*verify) (EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen, const unsigned char *tbs, size_t tbslen); .Ve
The verify_init() and verify() methods are used to verify whether a signature is valid. They are called by EVP_PKEY_verify_init\|(3) and EVP_PKEY_verify\|(3).
.Vb 4 int (*verify_recover_init) (EVP_PKEY_CTX *ctx); int (*verify_recover) (EVP_PKEY_CTX *ctx, unsigned char *rout, size_t *routlen, const unsigned char *sig, size_t siglen); .Ve
The verify_recover_init() and verify_recover() methods are used to verify a signature and then recover the digest from the signature (for instance, a signature that was generated by \s-1RSA\s0 signing algorithm). They are called by \fBEVP_PKEY_verify_recover_init\|(3) and EVP_PKEY_verify_recover\|(3).
.Vb 3 int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx); int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, EVP_MD_CTX *mctx); .Ve
The signctx_init() and signctx() methods are used to sign a digest present by a \s-1EVP_MD_CTX\s0 object. They are called by the EVP_DigestSign functions. See \fBEVP_DigestSignInit\|(3) for details.
.Vb 3 int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx); int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen, EVP_MD_CTX *mctx); .Ve
The verifyctx_init() and verifyctx() methods are used to verify a signature against the data in a \s-1EVP_MD_CTX\s0 object. They are called by the various EVP_DigestVerify functions. See EVP_DigestVerifyInit\|(3) for details.
.Vb 3 int (*encrypt_init) (EVP_PKEY_CTX *ctx); int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char *in, size_t inlen); .Ve
The encrypt_init() and encrypt() methods are used to encrypt a piece of data. They are called by EVP_PKEY_encrypt_init\|(3) and EVP_PKEY_encrypt\|(3).
.Vb 3 int (*decrypt_init) (EVP_PKEY_CTX *ctx); int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char *in, size_t inlen); .Ve
The decrypt_init() and decrypt() methods are used to decrypt a piece of data. They are called by EVP_PKEY_decrypt_init\|(3) and EVP_PKEY_decrypt\|(3).
.Vb 2 int (*derive_init) (EVP_PKEY_CTX *ctx); int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen); .Ve
The derive_init() and derive() methods are used to derive the shared secret from a public key algorithm (for instance, the \s-1DH\s0 algorithm). They are called by \fBEVP_PKEY_derive_init\|(3) and EVP_PKEY_derive\|(3).
.Vb 2 int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2); int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value); .Ve
The ctrl() and ctrl_str() methods are used to adjust algorithm-specific settings. See EVP_PKEY_CTX_ctrl\|(3) and related functions for details.
.Vb 5 int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen, const unsigned char *tbs, size_t tbslen); int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig, size_t siglen, const unsigned char *tbs, size_t tbslen); .Ve
The digestsign() and digestverify() methods are used to generate or verify a signature in a one-shot mode. They could be called by EVP_DigestSign\|(3) and EVP_DigestVerify\|(3).
.Vb 3 int (*check) (EVP_PKEY *pkey); int (*public_check) (EVP_PKEY *pkey); int (*param_check) (EVP_PKEY *pkey); .Ve
The check(), public_check() and param_check() methods are used to validate a key-pair, the public component and parameters respectively for a given pkey. They could be called by EVP_PKEY_check\|(3), EVP_PKEY_public_check\|(3) and \fBEVP_PKEY_param_check\|(3) respectively.
.Vb 1 int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx); .Ve
The digest_custom() method is used to generate customized digest content before the real message is passed to functions like EVP_DigestSignUpdate\|(3) or \fBEVP_DigestVerifyInit\|(3). This is usually required by some public key signature algorithms like \s-1SM2\s0 which requires a hashed prefix to the message to be signed. The digest_custom() function will be called by EVP_DigestSignInit\|(3) and EVP_DigestVerifyInit\|(3).
.Vb 2 EVP_PKEY_FLAG_AUTOARGLEN EVP_PKEY_FLAG_SIGCTX_CUSTOM .Ve
If an \s-1EVP_PKEY_METHOD\s0 is set with the \s-1EVP_PKEY_FLAG_AUTOARGLEN\s0 flag, the maximum size of the output buffer will be automatically calculated or checked in corresponding \s-1EVP\s0 methods by the \s-1EVP\s0 framework. Thus the implementations of these methods don't need to care about handling the case of returning output buffer size by themselves. For details on the output buffer size, refer to \fBEVP_PKEY_sign\|(3).
The \s-1EVP_PKEY_FLAG_SIGCTX_CUSTOM\s0 is used to indicate the signctx() method of an \s-1EVP_PKEY_METHOD\s0 is always called by the \s-1EVP\s0 framework while doing a digest signing operation by calling EVP_DigestSignFinal\|(3).
\fBEVP_PKEY_meth_free() frees an existing \s-1EVP_PKEY_METHOD\s0 pointed by \fBpmeth.
\fBEVP_PKEY_meth_copy() copies an \s-1EVP_PKEY_METHOD\s0 object from src to dst.
\fBEVP_PKEY_meth_find() finds an \s-1EVP_PKEY_METHOD\s0 object with the id. This function first searches through the user-defined method objects and then the built-in objects.
\fBEVP_PKEY_meth_add0() adds pmeth to the user defined stack of methods.
\fBEVP_PKEY_meth_remove() removes an \s-1EVP_PKEY_METHOD\s0 object added by \fBEVP_PKEY_meth_add0().
The EVP_PKEY_meth_set functions set the corresponding fields of \fB\s-1EVP_PKEY_METHOD\s0 structure with the arguments passed.
The EVP_PKEY_meth_get functions get the corresponding fields of \fB\s-1EVP_PKEY_METHOD\s0 structure to the arguments provided.
\fBEVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.
\fBEVP_PKEY_meth_find() returns a pointer to the found \s-1EVP_PKEY_METHOD\s0 object or returns \s-1NULL\s0 if not found.
\fBEVP_PKEY_meth_add0() returns 1 if method is added successfully or 0 if an error occurred.
\fBEVP_PKEY_meth_remove() returns 1 if method is removed successfully or 0 if an error occurred.
All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return values. For the 'get' functions, function pointers are returned by arguments.
Licensed under the OpenSSL license (the \*(L"License\*(R"). You may not use this file except in compliance with the License. You can obtain a copy in the file \s-1LICENSE\s0 in the source distribution or at <https://www.openssl.org/source/license.html>.