EVP_PKEY_CTX_new.pod 4.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125
  1. =pod
  2. =head1 NAME
  3. EVP_PKEY_CTX_new, EVP_PKEY_CTX_new_id, EVP_PKEY_CTX_new_from_name,
  4. EVP_PKEY_CTX_new_from_pkey, EVP_PKEY_CTX_dup, EVP_PKEY_CTX_free
  5. - public key algorithm context functions
  6. =head1 SYNOPSIS
  7. #include <openssl/evp.h>
  8. EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e);
  9. EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e);
  10. EVP_PKEY_CTX *EVP_PKEY_CTX_new_from_name(OPENSSL_CTX *libctx,
  11. const char *name,
  12. const char *propquery);
  13. EVP_PKEY_CTX *EVP_PKEY_CTX_new_from_pkey(OPENSSL_CTX *libctx,
  14. EVP_PKEY *pkey,
  15. const char *propquery);
  16. EVP_PKEY_CTX *EVP_PKEY_CTX_dup(const EVP_PKEY_CTX *ctx);
  17. void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx);
  18. =head1 DESCRIPTION
  19. The EVP_PKEY_CTX_new() function allocates public key algorithm context using
  20. the I<pkey> key type and ENGINE I<e>.
  21. The EVP_PKEY_CTX_new_id() function allocates public key algorithm context
  22. using the key type specified by I<id> and ENGINE I<e>.
  23. The EVP_PKEY_CTX_new_from_name() function allocates a public key algorithm
  24. context using the library context I<libctx> (see L<OPENSSL_CTX(3)>), the
  25. key type specified by I<name> and the property query I<propquery>. None
  26. of the arguments are duplicated, so they must remain unchanged for the
  27. lifetime of the returned B<EVP_PKEY_CTX> or of any of its duplicates. Read
  28. further about the possible names in L</NOTES> below.
  29. The EVP_PKEY_CTX_new_from_pkey() function allocates a public key algorithm
  30. context using the library context I<libctx> (see L<OPENSSL_CTX(3)>) and the
  31. algorithm specified by I<pkey> and the property query I<propquery>. None of the
  32. arguments are duplicated, so they must remain unchanged for the lifetime of the
  33. returned B<EVP_PKEY_CTX> or any of its duplicates.
  34. EVP_PKEY_CTX_new_id() and EVP_PKEY_CTX_new_from_name() are normally
  35. used when no B<EVP_PKEY> structure is associated with the operations,
  36. for example during parameter generation or key generation for some
  37. algorithms.
  38. EVP_PKEY_CTX_dup() duplicates the context I<ctx>.
  39. EVP_PKEY_CTX_free() frees up the context I<ctx>.
  40. If I<ctx> is NULL, nothing is done.
  41. =head1 NOTES
  42. =head2 On B<EVP_PKEY_CTX>
  43. The B<EVP_PKEY_CTX> structure is an opaque public key algorithm context used
  44. by the OpenSSL high-level public key API. Contexts B<MUST NOT> be shared between
  45. threads: that is it is not permissible to use the same context simultaneously
  46. in two threads.
  47. =head2 On Key Types
  48. We mention "key type" in this manual, which is the same
  49. as "algorithm" in most cases, allowing either term to be used
  50. interchangeably. There are algorithms where the I<key type> and the
  51. I<algorithm> of the operations that use the keys are not the same,
  52. such as EC keys being used for ECDSA and ECDH operations.
  53. Key types are given in two different manners:
  54. =over 4
  55. =item Legacy NID or EVP_PKEY type
  56. This is the I<id> used with EVP_PKEY_CTX_new_id().
  57. These are B<EVP_PKEY_RSA>, B<EVP_PKEY_RSA_PSS>, B<EVP_PKEY_DSA>,
  58. B<EVP_PKEY_DH>, B<EVP_PKEY_EC>, B<EVP_PKEY_SM2>, B<EVP_PKEY_X25519>,
  59. B<EVP_PKEY_X448>, and are used by legacy methods.
  60. =item Name strings
  61. This is the I<name> used with EVP_PKEY_CTX_new_from_name().
  62. These are names like "RSA", "DSA", and what's available depends on what
  63. providers are currently accessible.
  64. The OpenSSL providers offer a set of key types available this way, please
  65. see L<OSSL_PROVIDER-FIPS(7)> and L<OSSL_PROVIDER-default(7)> and related
  66. documentation for more information.
  67. =back
  68. =head1 RETURN VALUES
  69. EVP_PKEY_CTX_new(), EVP_PKEY_CTX_new_id(), EVP_PKEY_CTX_dup() returns either
  70. the newly allocated B<EVP_PKEY_CTX> structure or B<NULL> if an error occurred.
  71. EVP_PKEY_CTX_free() does not return a value.
  72. =head1 SEE ALSO
  73. L<EVP_PKEY_new(3)>
  74. =head1 HISTORY
  75. The EVP_PKEY_CTX_new(), EVP_PKEY_CTX_new_id(), EVP_PKEY_CTX_dup() and
  76. EVP_PKEY_CTX_free() functions were added in OpenSSL 1.0.0.
  77. The EVP_PKEY_CTX_new_from_name() and EVP_PKEY_CTX_new_from_pkey() functions were
  78. added in OpenSSL 3.0.
  79. =head1 COPYRIGHT
  80. Copyright 2006-2020 The OpenSSL Project Authors. All Rights Reserved.
  81. Licensed under the Apache License 2.0 (the "License"). You may not use
  82. this file except in compliance with the License. You can obtain a copy
  83. in the file LICENSE in the source distribution or at
  84. L<https://www.openssl.org/source/license.html>.
  85. =cut