Home Verkennen Help
Inloggen
OWEALs
/
openssl
spiegel van git://git.openssl.org/openssl.git
2
0
Vork 0
Bestanden Issues 1 Wiki
Boom: 606e0426a1
Aftakkingen Labels
openssl
/
doc
/
man3
/
EVP_PKEY_set1_RSA.pod

EVP_PKEY_set1_RSA.pod 11 KB
Geschiedenis Ruwe

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232 
  1. =pod
    2. 

  2. 

  3. =head1 NAME
    4. 

  4. 

  5. EVP_PKEY_set1_RSA, EVP_PKEY_set1_DSA, EVP_PKEY_set1_DH, EVP_PKEY_set1_EC_KEY,
    6. 

  6. EVP_PKEY_get1_RSA, EVP_PKEY_get1_DSA, EVP_PKEY_get1_DH, EVP_PKEY_get1_EC_KEY,
    7. 

  7. EVP_PKEY_get0_RSA, EVP_PKEY_get0_DSA, EVP_PKEY_get0_DH, EVP_PKEY_get0_EC_KEY,
    8. 

  8. EVP_PKEY_assign_RSA, EVP_PKEY_assign_DSA, EVP_PKEY_assign_DH,
    9. 

  9. EVP_PKEY_assign_EC_KEY, EVP_PKEY_assign_POLY1305, EVP_PKEY_assign_SIPHASH,
    10. 

  10. EVP_PKEY_get0_hmac, EVP_PKEY_get0_poly1305, EVP_PKEY_get0_siphash,
    11. 

  11. EVP_PKEY_get0, EVP_PKEY_type, EVP_PKEY_get_id, EVP_PKEY_get_base_id,
    12. 

  12. EVP_PKEY_set1_engine, EVP_PKEY_get0_engine,
    13. 

  13. EVP_PKEY_id, EVP_PKEY_base_id -
    14. 

  14. EVP_PKEY assignment functions
    15. 

  15. 

  16. =head1 SYNOPSIS
    17. 

  17. 

  18.  #include <openssl/evp.h>
    19. 

  19. 

  20.  int EVP_PKEY_get_id(const EVP_PKEY *pkey);
    21. 

  21.  int EVP_PKEY_get_base_id(const EVP_PKEY *pkey);
    22. 

  22.  int EVP_PKEY_type(int type);
    23. 

  23. 

  24.  #define EVP_PKEY_id EVP_PKEY_get_id
    25. 

  25.  #define EVP_PKEY_base_id EVP_PKEY_get_base_id
    26. 

  26. 

  27. The following functions have been deprecated since OpenSSL 3.0, and can be
    28. 

  28. hidden entirely by defining B<OPENSSL_API_COMPAT> with a suitable version value,
    29. 

  29. see L<openssl_user_macros(7)>:
    30. 

  30. 

  31.  int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key);
    32. 

  32.  int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key);
    33. 

  33.  int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key);
    34. 

  34.  int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
    35. 

  35. 

  36.  RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
    37. 

  37.  DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
    38. 

  38.  DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
    39. 

  39.  EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
    40. 

  40. 

  41.  const unsigned char *EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len);
    42. 

  42.  const unsigned char *EVP_PKEY_get0_poly1305(const EVP_PKEY *pkey, size_t *len);
    43. 

  43.  const unsigned char *EVP_PKEY_get0_siphash(const EVP_PKEY *pkey, size_t *len);
    44. 

  44.  const RSA *EVP_PKEY_get0_RSA(const EVP_PKEY *pkey);
    45. 

  45.  const DSA *EVP_PKEY_get0_DSA(const EVP_PKEY *pkey);
    46. 

  46.  const DH *EVP_PKEY_get0_DH(const EVP_PKEY *pkey);
    47. 

  47.  const EC_KEY *EVP_PKEY_get0_EC_KEY(const EVP_PKEY *pkey);
    48. 

  48.  void *EVP_PKEY_get0(const EVP_PKEY *pkey);
    49. 

  49. 

  50.  int EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key);
    51. 

  51.  int EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *key);
    52. 

  52.  int EVP_PKEY_assign_DH(EVP_PKEY *pkey, DH *key);
    53. 

  53.  int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
    54. 

  54.  int EVP_PKEY_assign_POLY1305(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
    55. 

  55.  int EVP_PKEY_assign_SIPHASH(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
    56. 

  56. 

  57.  ENGINE *EVP_PKEY_get0_engine(const EVP_PKEY *pkey);
    58. 

  58.  int EVP_PKEY_set1_engine(EVP_PKEY *pkey, ENGINE *engine);
    59. 

  59. 

  60. =head1 DESCRIPTION
    61. 

  61. 

  62. EVP_PKEY_get_base_id() returns the type of I<pkey>. For example
    63. 

  63. an RSA key will return B<EVP_PKEY_RSA>.
    64. 

  64. 

  65. EVP_PKEY_get_id() returns the actual OID associated with I<pkey>.
    66. 

  66. Historically keys using the same algorithm could use different OIDs.
    67. 

  67. For example an RSA key could use the OIDs corresponding to
    68. 

  68. the NIDs B<NID_rsaEncryption> (equivalent to B<EVP_PKEY_RSA>) or
    69. 

  69. B<NID_rsa> (equivalent to B<EVP_PKEY_RSA2>). The use of
    70. 

  70. alternative non-standard OIDs is now rare so B<EVP_PKEY_RSA2> et al are not
    71. 

  71. often seen in practice.
    72. 

  72. 

  73. EVP_PKEY_type() returns the underlying type of the NID I<type>. For example
    74. 

  74. EVP_PKEY_type(EVP_PKEY_RSA2) will return B<EVP_PKEY_RSA>.
    75. 

  75. 

  76. EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and
    77. 

  77. EVP_PKEY_set1_EC_KEY() set the key referenced by I<pkey> to I<key>. These
    78. 

  78. functions are deprecated. Applications should instead use
    79. 

  79. L<EVP_PKEY_fromdata(3)>.
    80. 

  80. 

  81. EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(),
    82. 

  82. EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and
    83. 

  83. EVP_PKEY_assign_SIPHASH() set the referenced key to I<key> however these use
    84. 

  84. the supplied I<key> internally and so I<key> will be freed when the parent
    85. 

  85. I<pkey> is freed. These macros are deprecated. Applications should instead read
    86. 

  86. an EVP_PKEY directly using the OSSL_DECODER APIs (see
    87. 

  87. L<OSSL_DECODER_CTX_new_for_pkey(3)>), or construct an EVP_PKEY from data using
    88. 

  88. L<EVP_PKEY_fromdata(3)>.
    89. 

  89. 

  90. EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and
    91. 

  91. EVP_PKEY_get1_EC_KEY() return the referenced key in I<pkey> or NULL if the
    92. 

  92. key is not of the correct type. The returned key must be freed after use.
    93. 

  93. These functions are deprecated. Applications should instead use the EVP_PKEY
    94. 

  94. directly where possible. If access to the low level key parameters is required
    95. 

  95. then applications should use L<EVP_PKEY_get_params(3)> and other similar
    96. 

  96. functions. To write an EVP_PKEY out use the OSSL_ENCODER APIs (see
    97. 

  97. L<OSSL_ENCODER_CTX_new_for_pkey(3)>).
    98. 

  98. 

  99. EVP_PKEY_get0_hmac(), EVP_PKEY_get0_poly1305(), EVP_PKEY_get0_siphash(),
    100. 

  100. EVP_PKEY_get0_RSA(), EVP_PKEY_get0_DSA(), EVP_PKEY_get0_DH() and
    101. 

  101. EVP_PKEY_get0_EC_KEY() return the referenced key in I<pkey> or NULL if the
    102. 

  102. key is not of the correct type. The reference count of the returned key is
    103. 

  103. B<not> incremented and so the key must not be freed after use. These functions
    104. 

  104. are deprecated. Applications should instead use the EVP_PKEY directly where
    105. 

  105. possible. If access to the low level key parameters is required then
    106. 

  106. applications should use L<EVP_PKEY_get_params(3)> and other similar functions.
    107. 

  107. To write an EVP_PKEY out use the OSSL_ENCODER APIs (see
    108. 

  108. L<OSSL_ENCODER_CTX_new_for_pkey(3)>). EVP_PKEY_get0() returns a pointer to the
    109. 

  109. legacy key or NULL if the key is not legacy.
    110. 

  110. 

  111. Note that if an EVP_PKEY was not constructed using one of the deprecated
    112. 

  112. functions such as EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH()
    113. 

  113. or EVP_PKEY_set1_EC_KEY(), or via the similarly named B<EVP_PKEY_assign> macros
    114. 

  114. described above then the internal key will be managed by a provider (see
    115. 

  115. L<provider(7)>). In that case the key returned by EVP_PKEY_get1_RSA(),
    116. 

  116. EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH(), EVP_PKEY_get1_EC_KEY(),
    117. 

  117. EVP_PKEY_get0_hmac(), EVP_PKEY_get0_poly1305(), EVP_PKEY_get0_siphash(),
    118. 

  118. EVP_PKEY_get0_RSA(), EVP_PKEY_get0_DSA(), EVP_PKEY_get0_DH() or
    119. 

  119. EVP_PKEY_get0_EC_KEY() will be a cached copy of the provider's key. Subsequent
    120. 

  120. updates to the provider's key will not be reflected back in the cached copy, and
    121. 

  121. updates made by an application to the returned key will not be reflected back in
    122. 

  122. the provider's key. Subsequent calls to EVP_PKEY_get1_RSA(),
    123. 

  123. EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and EVP_PKEY_get1_EC_KEY() will always
    124. 

  124. return the cached copy returned by the first call.
    125. 

  125. 

  126. EVP_PKEY_get0_engine() returns a reference to the ENGINE handling I<pkey>. This
    127. 

  127. function is deprecated. Applications should use providers instead of engines
    128. 

  128. (see L<provider(7)> for details).
    129. 

  129. 

  130. EVP_PKEY_set1_engine() sets the ENGINE handling I<pkey> to I<engine>. It
    131. 

  131. must be called after the key algorithm and components are set up.
    132. 

  132. If I<engine> does not include an B<EVP_PKEY_METHOD> for I<pkey> an
    133. 

  133. error occurs. This function is deprecated. Applications should use providers
    134. 

  134. instead of engines (see L<provider(7)> for details).
    135. 

  135. 

  136. =head1 WARNINGS
    137. 

  137. 

  138. The following functions are only reliable with B<EVP_PKEY>s that have
    139. 

  139. been assigned an internal key with EVP_PKEY_assign_*():
    140. 

  140. 

  141. EVP_PKEY_get_id(), EVP_PKEY_get_base_id(), EVP_PKEY_type()
    142. 

  142. 

  143. For EVP_PKEY key type checking purposes, L<EVP_PKEY_is_a(3)> is more generic.
    144. 

  144. 

  145. The keys returned from the functions EVP_PKEY_get0_RSA(), EVP_PKEY_get0_DSA(),
    146. 

  146. EVP_PKEY_get0_DH() and EVP_PKEY_get0_EC_KEY() were changed to have a "const"
    147. 

  147. return type in OpenSSL 3.0. As described above the keys returned may be cached
    148. 

  148. copies of the key held in a provider. Due to this, and unlike in earlier
    149. 

  149. versions of OpenSSL, they should be considered read-only copies of the key.
    150. 

  150. Updates to these keys will not be reflected back in the provider side key. The
    151. 

  151. EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and
    152. 

  152. EVP_PKEY_get1_EC_KEY() functions were not changed to have a "const" return type
    153. 

  153. in order that applications can "free" the return value. However applications
    154. 

  154. should still consider them as read-only copies.
    155. 

  155. 

  156. =head1 NOTES
    157. 

  157. 

  158. In accordance with the OpenSSL naming convention the key obtained
    159. 

  159. from or assigned to the I<pkey> using the B<1> functions must be
    160. 

  160. freed as well as I<pkey>.
    161. 

  161. 

  162. EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(),
    163. 

  163. EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305()
    164. 

  164. and EVP_PKEY_assign_SIPHASH() are implemented as macros.
    165. 

  165. 

  166. EVP_PKEY_assign_EC_KEY() looks at the curve name id to determine if
    167. 

  167. the passed B<EC_KEY> is an L<SM2(7)> key, and will set the B<EVP_PKEY>
    168. 

  168. type to B<EVP_PKEY_SM2> in that case, instead of B<EVP_PKEY_EC>.
    169. 

  169. 

  170. Most applications wishing to know a key type will simply call
    171. 

  171. EVP_PKEY_get_base_id() and will not care about the actual type:
    172. 

  172. which will be identical in almost all cases.
    173. 

  173. 

  174. Previous versions of this document suggested using EVP_PKEY_type(pkey->type)
    175. 

  175. to determine the type of a key. Since B<EVP_PKEY> is now opaque this
    176. 

  176. is no longer possible: the equivalent is EVP_PKEY_get_base_id(pkey).
    177. 

  177. 

  178. EVP_PKEY_set1_engine() is typically used by an ENGINE returning an HSM
    179. 

  179. key as part of its routine to load a private key.
    180. 

  180. 

  181. =head1 RETURN VALUES
    182. 

  182. 

  183. EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and
    184. 

  184. EVP_PKEY_set1_EC_KEY() return 1 for success or 0 for failure.
    185. 

  185. 

  186. EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and
    187. 

  187. EVP_PKEY_get1_EC_KEY() return the referenced key or NULL if
    188. 

  188. an error occurred.
    189. 

  189. 

  190. EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(),
    191. 

  191. EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305()
    192. 

  192. and EVP_PKEY_assign_SIPHASH() return 1 for success and 0 for failure.
    193. 

  193. 

  194. EVP_PKEY_get_base_id(), EVP_PKEY_get_id() and EVP_PKEY_type() return a key
    195. 

  195. type or B<NID_undef> (equivalently B<EVP_PKEY_NONE>) on error.
    196. 

  196. 

  197. EVP_PKEY_set1_engine() returns 1 for success and 0 for failure.
    198. 

  198. 

  199. =head1 SEE ALSO
    200. 

  200. 

  201. L<EVP_PKEY_new(3)>, L<SM2(7)>
    202. 

  202. 

  203. =head1 HISTORY
    204. 

  204. 

  205. The EVP_PKEY_id() and EVP_PKEY_base_id() functions were renamed to
    206. 

  206. include C<get> in their names in OpenSSL 3.0, respectively. The old names
    207. 

  207. are kept as non-deprecated alias macros.
    208. 

  208. 

  209. EVP_PKEY_set1_RSA, EVP_PKEY_set1_DSA, EVP_PKEY_set1_DH, EVP_PKEY_set1_EC_KEY,
    210. 

  210. EVP_PKEY_get1_RSA, EVP_PKEY_get1_DSA, EVP_PKEY_get1_DH, EVP_PKEY_get1_EC_KEY,
    211. 

  211. EVP_PKEY_get0_RSA, EVP_PKEY_get0_DSA, EVP_PKEY_get0_DH, EVP_PKEY_get0_EC_KEY,
    212. 

  212. EVP_PKEY_assign_RSA, EVP_PKEY_assign_DSA, EVP_PKEY_assign_DH,
    213. 

  213. EVP_PKEY_assign_EC_KEY, EVP_PKEY_assign_POLY1305, EVP_PKEY_assign_SIPHASH,
    214. 

  214. EVP_PKEY_get0_hmac, EVP_PKEY_get0_poly1305, EVP_PKEY_get0_siphash,
    215. 

  215. EVP_PKEY_set1_engine and EVP_PKEY_get0_engine were deprecated in OpenSSL 3.0.
    216. 

  216. 

  217. The return value from EVP_PKEY_get0_RSA, EVP_PKEY_get0_DSA, EVP_PKEY_get0_DH,
    218. 

  218. EVP_PKEY_get0_EC_KEY were made const in OpenSSL 3.0.
    219. 

  219. 

  220. The function EVP_PKEY_set_alias_type() was previously documented on this page.
    221. 

  221. It was removed in OpenSSL 3.0.
    222. 

  222. 

  223. =head1 COPYRIGHT
    224. 

  224. 

  225. Copyright 2002-2021 The OpenSSL Project Authors. All Rights Reserved.
    226. 

  226. 

  227. Licensed under the Apache License 2.0 (the "License").  You may not use
    228. 

  228. this file except in compliance with the License.  You can obtain a copy
    229. 

  229. in the file LICENSE in the source distribution or at
    230. 

  230. L<https://www.openssl.org/source/license.html>.
    231. 

  231. 

  232. =cut
    233.