Página inicial Explorar Ajuda
Entrar
OWEALs
/
openssl
mirror de git://git.openssl.org/openssl.git
2
0
Fork 0
Arquivos Issues 1 Wiki
Tree: 43206a2d7c
Branches Tags
openssl
/
doc
/
crypto
/
EVP_PKEY_derive.pod

EVP_PKEY_derive.pod 2.6 KB
Histórico Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293 
  1. =pod
    2. 

  2. 

  3. =head1 NAME
    4. 

  4. 

  5. EVP_PKEY_derive_init, EVP_PKEY_derive_set_peer, EVP_PKEY_derive - derive public key algorithm shared secret.
    6. 

  6. 

  7. =head1 SYNOPSIS
    8. 

  8. 

  9.  #include <openssl/evp.h>
    10. 

  10. 

  11.  int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx);
    12. 

  12.  int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer);
    13. 

  13.  int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
    14. 

  14. 

  15. =head1 DESCRIPTION
    16. 

  16. 

  17. The EVP_PKEY_derive_init() function initializes a public key algorithm
    18. 

  18. context using key B<pkey> for shared secret derivation.
    19. 

  19. 

  20. The EVP_PKEY_derive_set_peer() function sets the peer key: this will normally
    21. 

  21. be a public key.
    22. 

  22. 

  23. The EVP_PKEY_derive() derives a shared secret using B<ctx>.
    24. 

  24. If B<key> is B<NULL> then the maximum size of the output buffer is written to
    25. 

  25. the B<keylen> parameter. If B<key> is not B<NULL> then before the call the
    26. 

  26. B<keylen> parameter should contain the length of the B<key> buffer, if the call
    27. 

  27. is successful the shared secret is written to B<key> and the amount of data
    28. 

  28. written to B<keylen>.
    29. 

  29. 

  30. =head1 NOTES
    31. 

  31. 

  32. After the call to EVP_PKEY_derive_init() algorithm specific control
    33. 

  33. operations can be performed to set any appropriate parameters for the
    34. 

  34. operation.
    35. 

  35. 

  36. The function EVP_PKEY_derive() can be called more than once on the same
    37. 

  37. context if several operations are performed using the same parameters.
    38. 

  38. 

  39. =head1 RETURN VALUES
    40. 

  40. 

  41. EVP_PKEY_derive_init() and EVP_PKEY_derive() return 1 for success and 0
    42. 

  42. or a negative value for failure. In particular a return value of -2
    43. 

  43. indicates the operation is not supported by the public key algorithm.
    44. 

  44. 

  45. =head1 EXAMPLE
    46. 

  46. 

  47. Derive shared secret (for example DH or EC keys):
    48. 

  48. 

  49.  #include <openssl/evp.h>
    50. 

  50.  #include <openssl/rsa.h>
    51. 

  51. 

  52.  EVP_PKEY_CTX *ctx;
    53. 

  53.  unsigned char *skey;
    54. 

  54.  size_t skeylen;
    55. 

  55.  EVP_PKEY *pkey, *peerkey;
    56. 

  56.  /* NB: assumes pkey, peerkey have been already set up */
    57. 

  57. 

  58.  ctx = EVP_PKEY_CTX_new(pkey);
    59. 

  59.  if (!ctx)
    60. 

  60. 	/* Error occurred */
    61. 

  61.  if (EVP_PKEY_derive_init(ctx) <= 0)
    62. 

  62. 	/* Error */
    63. 

  63.  if (EVP_PKEY_derive_set_peer(ctx, peerkey) <= 0)
    64. 

  64. 	/* Error */
    65. 

  65. 

  66.  /* Determine buffer length */
    67. 

  67.  if (EVP_PKEY_derive(ctx, NULL, &skeylen) <= 0)
    68. 

  68. 	/* Error */
    69. 

  69. 

  70.  skey = OPENSSL_malloc(skeylen);
    71. 

  71. 

  72.  if (!skey)
    73. 

  73. 	/* malloc failure */
    74. 

  74.  
    75. 

  75.  if (EVP_PKEY_derive(ctx, skey, &skeylen) <= 0)
    76. 

  76. 	/* Error */
    77. 

  77. 

  78.  /* Shared secret is skey bytes written to buffer skey */
    79. 

  79. 

  80. =head1 SEE ALSO
    81. 

  81. 

  82. L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
    83. 

  83. L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
    84. 

  84. L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
    85. 

  85. L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
    86. 

  86. L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
    87. 

  87. L<EVP_PKEY_verifyrecover(3)|EVP_PKEY_verifyrecover(3)>,
    88. 

  88. 

  89. =head1 HISTORY
    90. 

  90. 

  91. These functions were first added to OpenSSL 1.0.0.
    92. 

  92. 

  93. =cut
    94.