2
0

EVP_KEYMGMT.pod 5.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151
  1. =pod
  2. =head1 NAME
  3. EVP_KEYMGMT,
  4. EVP_KEYMGMT_fetch,
  5. EVP_KEYMGMT_up_ref,
  6. EVP_KEYMGMT_free,
  7. EVP_KEYMGMT_get0_provider,
  8. EVP_KEYMGMT_is_a,
  9. EVP_KEYMGMT_get0_description,
  10. EVP_KEYMGMT_get0_name,
  11. EVP_KEYMGMT_do_all_provided,
  12. EVP_KEYMGMT_names_do_all,
  13. EVP_KEYMGMT_gettable_params,
  14. EVP_KEYMGMT_settable_params,
  15. EVP_KEYMGMT_gen_settable_params
  16. - EVP key management routines
  17. =head1 SYNOPSIS
  18. #include <openssl/evp.h>
  19. typedef struct evp_keymgmt_st EVP_KEYMGMT;
  20. EVP_KEYMGMT *EVP_KEYMGMT_fetch(OSSL_LIB_CTX *ctx, const char *algorithm,
  21. const char *properties);
  22. int EVP_KEYMGMT_up_ref(EVP_KEYMGMT *keymgmt);
  23. void EVP_KEYMGMT_free(EVP_KEYMGMT *keymgmt);
  24. const OSSL_PROVIDER *EVP_KEYMGMT_get0_provider(const EVP_KEYMGMT *keymgmt);
  25. int EVP_KEYMGMT_is_a(const EVP_KEYMGMT *keymgmt, const char *name);
  26. const char *EVP_KEYMGMT_get0_name(const EVP_KEYMGMT *keymgmt);
  27. const char *EVP_KEYMGMT_get0_description(const EVP_KEYMGMT *keymgmt);
  28. void EVP_KEYMGMT_do_all_provided(OSSL_LIB_CTX *libctx,
  29. void (*fn)(EVP_KEYMGMT *keymgmt, void *arg),
  30. void *arg);
  31. int EVP_KEYMGMT_names_do_all(const EVP_KEYMGMT *keymgmt,
  32. void (*fn)(const char *name, void *data),
  33. void *data);
  34. const OSSL_PARAM *EVP_KEYMGMT_gettable_params(const EVP_KEYMGMT *keymgmt);
  35. const OSSL_PARAM *EVP_KEYMGMT_settable_params(const EVP_KEYMGMT *keymgmt);
  36. const OSSL_PARAM *EVP_KEYMGMT_gen_settable_params(const EVP_KEYMGMT *keymgmt);
  37. =head1 DESCRIPTION
  38. B<EVP_KEYMGMT> is a method object that represents key management
  39. implementations for different cryptographic algorithms.
  40. This method object provides functionality to have providers import key
  41. material from the outside, as well as export key material to the
  42. outside.
  43. Most of the functionality can only be used internally and has no
  44. public interface, this object is simply passed into other functions
  45. when needed.
  46. EVP_KEYMGMT_fetch() looks for an algorithm within the provider that
  47. has been loaded into the B<OSSL_LIB_CTX> given by I<ctx>, having the
  48. name given by I<algorithm> and the properties given by I<properties>.
  49. EVP_KEYMGMT_up_ref() increments the reference count for the given
  50. B<EVP_KEYMGMT> I<keymgmt>.
  51. EVP_KEYMGMT_free() decrements the reference count for the given
  52. B<EVP_KEYMGMT> I<keymgmt>, and when the count reaches zero, frees it.
  53. EVP_KEYMGMT_get0_provider() returns the provider that has this particular
  54. implementation.
  55. EVP_KEYMGMT_is_a() checks if I<keymgmt> is an implementation of an
  56. algorithm that's identifiable with I<name>.
  57. EVP_KEYMGMT_get0_name() returns the algorithm name from the provided
  58. implementation for the given I<keymgmt>. Note that the I<keymgmt> may have
  59. multiple synonyms associated with it. In this case the first name from the
  60. algorithm definition is returned. Ownership of the returned string is
  61. retained by the I<keymgmt> object and should not be freed by the caller.
  62. EVP_KEYMGMT_names_do_all() traverses all names for the I<keymgmt>, and
  63. calls I<fn> with each name and I<data>.
  64. EVP_KEYMGMT_get0_description() returns a description of the I<keymgmt>, meant
  65. for display and human consumption. The description is at the discretion
  66. of the I<keymgmt> implementation.
  67. EVP_KEYMGMT_do_all_provided() traverses all key keymgmt implementations by
  68. all activated providers in the library context I<libctx>, and for each
  69. of the implementations, calls I<fn> with the implementation method and
  70. I<data> as arguments.
  71. EVP_KEYMGMT_gettable_params() and EVP_KEYMGMT_settable_params() return a
  72. constant B<OSSL_PARAM> array that describes the names and types of key
  73. parameters that can be retrieved or set.
  74. EVP_KEYMGMT_gettable_params() is used by L<EVP_PKEY_gettable_params(3)>.
  75. See L<OSSL_PARAM(3)> for the use of B<OSSL_PARAM> as a parameter descriptor.
  76. EVP_KEYMGMT_gen_settable_params() returns a constant B<OSSL_PARAM> array that
  77. describes the names and types of key generation parameters that can be set via
  78. L<EVP_PKEY_CTX_set_params(3)>.
  79. =head1 NOTES
  80. EVP_KEYMGMT_fetch() may be called implicitly by other fetching
  81. functions, using the same library context and properties.
  82. Any other API that uses keys will typically do this.
  83. =head1 RETURN VALUES
  84. EVP_KEYMGMT_fetch() returns a pointer to the key management
  85. implementation represented by an EVP_KEYMGMT object, or NULL on
  86. error.
  87. EVP_KEYMGMT_up_ref() returns 1 on success, or 0 on error.
  88. EVP_KEYMGMT_names_do_all() returns 1 if the callback was called for all
  89. names. A return value of 0 means that the callback was not called for any names.
  90. EVP_KEYMGMT_free() doesn't return any value.
  91. EVP_KEYMGMT_get0_provider() returns a pointer to a provider object, or NULL
  92. on error.
  93. EVP_KEYMGMT_is_a() returns 1 of I<keymgmt> was identifiable,
  94. otherwise 0.
  95. EVP_KEYMGMT_get0_name() returns the algorithm name, or NULL on error.
  96. EVP_KEYMGMT_get0_description() returns a pointer to a description, or NULL if
  97. there isn't one.
  98. EVP_KEYMGMT_gettable_params(), EVP_KEYMGMT_settable_params() and
  99. EVP_KEYMGMT_gen_settable_params() return a constant B<OSSL_PARAM> array or
  100. NULL on error.
  101. =head1 SEE ALSO
  102. L<EVP_MD_fetch(3)>, L<OSSL_LIB_CTX(3)>
  103. =head1 HISTORY
  104. The functions described here were added in OpenSSL 3.0.
  105. =head1 COPYRIGHT
  106. Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
  107. Licensed under the Apache License 2.0 (the "License"). You may not use
  108. this file except in compliance with the License. You can obtain a copy
  109. in the file LICENSE in the source distribution or at
  110. L<https://www.openssl.org/source/license.html>.
  111. =cut