]>
Commit | Line | Data |
---|---|---|
90ccf05f DSH |
1 | =pod |
2 | ||
3 | =head1 NAME | |
4 | ||
9c45222d MC |
5 | EVP_PKEY_CTX_get_params, |
6 | EVP_PKEY_CTX_gettable_params, | |
12df11bd | 7 | EVP_PKEY_CTX_set_params, |
9c45222d | 8 | EVP_PKEY_CTX_settable_params, |
d45a97f4 MC |
9 | EVP_PKEY_CTX_ctrl, |
10 | EVP_PKEY_CTX_ctrl_str, | |
ffd89124 AS |
11 | EVP_PKEY_CTX_ctrl_uint64, |
12 | EVP_PKEY_CTX_md, | |
d45a97f4 MC |
13 | EVP_PKEY_CTX_set_signature_md, |
14 | EVP_PKEY_CTX_get_signature_md, | |
15 | EVP_PKEY_CTX_set_mac_key, | |
16 | EVP_PKEY_CTX_set_rsa_padding, | |
ffd89124 | 17 | EVP_PKEY_CTX_get_rsa_padding, |
d45a97f4 | 18 | EVP_PKEY_CTX_set_rsa_pss_saltlen, |
ffd89124 | 19 | EVP_PKEY_CTX_get_rsa_pss_saltlen, |
d45a97f4 MC |
20 | EVP_PKEY_CTX_set_rsa_keygen_bits, |
21 | EVP_PKEY_CTX_set_rsa_keygen_pubexp, | |
ffd89124 | 22 | EVP_PKEY_CTX_set_rsa_keygen_primes, |
d8fef6da | 23 | EVP_PKEY_CTX_set_rsa_mgf1_md_name, |
ffd89124 AS |
24 | EVP_PKEY_CTX_set_rsa_mgf1_md, |
25 | EVP_PKEY_CTX_get_rsa_mgf1_md, | |
d8fef6da MC |
26 | EVP_PKEY_CTX_get_rsa_mgf1_md_name, |
27 | EVP_PKEY_CTX_set_rsa_oaep_md_name, | |
ffd89124 AS |
28 | EVP_PKEY_CTX_set_rsa_oaep_md, |
29 | EVP_PKEY_CTX_get_rsa_oaep_md, | |
d8fef6da | 30 | EVP_PKEY_CTX_get_rsa_oaep_md_name, |
ffd89124 AS |
31 | EVP_PKEY_CTX_set0_rsa_oaep_label, |
32 | EVP_PKEY_CTX_get0_rsa_oaep_label, | |
d45a97f4 | 33 | EVP_PKEY_CTX_set_dsa_paramgen_bits, |
a97faad7 DB |
34 | EVP_PKEY_CTX_set_dsa_paramgen_q_bits, |
35 | EVP_PKEY_CTX_set_dsa_paramgen_md, | |
aafbe1cc | 36 | EVP_PKEY_CTX_set_dh_paramgen_prime_len, |
ffd89124 | 37 | EVP_PKEY_CTX_set_dh_paramgen_subprime_len, |
aafbe1cc | 38 | EVP_PKEY_CTX_set_dh_paramgen_generator, |
ffd89124 AS |
39 | EVP_PKEY_CTX_set_dh_paramgen_type, |
40 | EVP_PKEY_CTX_set_dh_rfc5114, | |
41 | EVP_PKEY_CTX_set_dhx_rfc5114, | |
d45a97f4 MC |
42 | EVP_PKEY_CTX_set_dh_pad, |
43 | EVP_PKEY_CTX_set_dh_nid, | |
ffd89124 AS |
44 | EVP_PKEY_CTX_set_dh_kdf_type, |
45 | EVP_PKEY_CTX_get_dh_kdf_type, | |
46 | EVP_PKEY_CTX_set0_dh_kdf_oid, | |
47 | EVP_PKEY_CTX_get0_dh_kdf_oid, | |
48 | EVP_PKEY_CTX_set_dh_kdf_md, | |
49 | EVP_PKEY_CTX_get_dh_kdf_md, | |
50 | EVP_PKEY_CTX_set_dh_kdf_outlen, | |
51 | EVP_PKEY_CTX_get_dh_kdf_outlen, | |
52 | EVP_PKEY_CTX_set0_dh_kdf_ukm, | |
53 | EVP_PKEY_CTX_get0_dh_kdf_ukm, | |
146ca72c | 54 | EVP_PKEY_CTX_set_ec_paramgen_curve_nid, |
675f4cee | 55 | EVP_PKEY_CTX_set_ec_param_enc, |
ffd89124 AS |
56 | EVP_PKEY_CTX_set_ecdh_cofactor_mode, |
57 | EVP_PKEY_CTX_get_ecdh_cofactor_mode, | |
58 | EVP_PKEY_CTX_set_ecdh_kdf_type, | |
59 | EVP_PKEY_CTX_get_ecdh_kdf_type, | |
60 | EVP_PKEY_CTX_set_ecdh_kdf_md, | |
61 | EVP_PKEY_CTX_get_ecdh_kdf_md, | |
62 | EVP_PKEY_CTX_set_ecdh_kdf_outlen, | |
63 | EVP_PKEY_CTX_get_ecdh_kdf_outlen, | |
64 | EVP_PKEY_CTX_set0_ecdh_kdf_ukm, | |
65 | EVP_PKEY_CTX_get0_ecdh_kdf_ukm, | |
675f4cee PY |
66 | EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len |
67 | - algorithm specific control operations | |
90ccf05f DSH |
68 | |
69 | =head1 SYNOPSIS | |
70 | ||
71 | #include <openssl/evp.h> | |
72 | ||
9c45222d MC |
73 | int EVP_PKEY_CTX_get_params(EVP_PKEY_CTX *ctx, OSSL_PARAM *params); |
74 | const OSSL_PARAM *EVP_PKEY_CTX_gettable_params(EVP_PKEY_CTX *ctx); | |
12df11bd | 75 | int EVP_PKEY_CTX_set_params(EVP_PKEY_CTX *ctx, OSSL_PARAM *params); |
9c45222d | 76 | const OSSL_PARAM *EVP_PKEY_CTX_settable_params(EVP_PKEY_CTX *ctx); |
12df11bd | 77 | |
90ccf05f | 78 | int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, |
e9b77246 | 79 | int cmd, int p1, void *p2); |
ffd89124 AS |
80 | int EVP_PKEY_CTX_ctrl_uint64(EVP_PKEY_CTX *ctx, int keytype, int optype, |
81 | int cmd, uint64_t value); | |
90ccf05f | 82 | int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, |
e9b77246 | 83 | const char *value); |
90ccf05f | 84 | |
ffd89124 AS |
85 | int EVP_PKEY_CTX_md(EVP_PKEY_CTX *ctx, int optype, int cmd, const char *md); |
86 | ||
90ccf05f | 87 | int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md); |
d45a97f4 MC |
88 | int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd); |
89 | ||
9fdcc21f DO |
90 | int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, const unsigned char *key, |
91 | int len); | |
d45a97f4 MC |
92 | |
93 | #include <openssl/rsa.h> | |
90ccf05f DSH |
94 | |
95 | int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad); | |
ffd89124 | 96 | int EVP_PKEY_CTX_get_rsa_padding(EVP_PKEY_CTX *ctx, int *pad); |
6f4b7663 RL |
97 | int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int saltlen); |
98 | int EVP_PKEY_CTX_get_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int *saltlen); | |
1722496f | 99 | int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits); |
90ccf05f | 100 | int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp); |
ffd89124 | 101 | int EVP_PKEY_CTX_set_rsa_keygen_primes(EVP_PKEY_CTX *ctx, int primes); |
d8fef6da MC |
102 | int EVP_PKEY_CTX_set_rsa_mgf1_md_name(EVP_PKEY_CTX *ctx, const char *mdname, |
103 | const char *mdprops); | |
ffd89124 AS |
104 | int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD *md); |
105 | int EVP_PKEY_CTX_get_rsa_mgf1_md(EVP_PKEY_CTX *ctx, const EVP_MD **md); | |
d8fef6da MC |
106 | int EVP_PKEY_CTX_get_rsa_mgf1_md_name(EVP_PKEY_CTX *ctx, char *name, |
107 | size_t namelen); | |
108 | int EVP_PKEY_CTX_set_rsa_oaep_md_name(EVP_PKEY_CTX *ctx, const char *mdname, | |
109 | const char *mdprops); | |
ffd89124 AS |
110 | int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD *md); |
111 | int EVP_PKEY_CTX_get_rsa_oaep_md(EVP_PKEY_CTX *ctx, const EVP_MD **md); | |
d8fef6da MC |
112 | int EVP_PKEY_CTX_get_rsa_oaep_md_name(EVP_PKEY_CTX *ctx, char *name, |
113 | size_t namelen) | |
ffd89124 AS |
114 | int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char *label, int len); |
115 | int EVP_PKEY_CTX_get0_rsa_oaep_label(EVP_PKEY_CTX *ctx, unsigned char **label); | |
90ccf05f DSH |
116 | |
117 | #include <openssl/dsa.h> | |
ffd89124 | 118 | |
90ccf05f | 119 | int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits); |
a97faad7 DB |
120 | int EVP_PKEY_CTX_set_dsa_paramgen_q_bits(EVP_PKEY_CTX *ctx, int qbits); |
121 | int EVP_PKEY_CTX_set_dsa_paramgen_md(EVP_PKEY_CTX *ctx, const EVP_MD *md); | |
90ccf05f DSH |
122 | |
123 | #include <openssl/dh.h> | |
ffd89124 | 124 | |
90ccf05f | 125 | int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len); |
ffd89124 | 126 | int EVP_PKEY_CTX_set_dh_paramgen_subprime_len(EVP_PKEY_CTX *ctx, int len); |
90ccf05f | 127 | int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen); |
ffd89124 | 128 | int EVP_PKEY_CTX_set_dh_paramgen_type(EVP_PKEY_CTX *ctx, int type); |
5368bf05 DSH |
129 | int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad); |
130 | int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid); | |
ffd89124 AS |
131 | int EVP_PKEY_CTX_set_dh_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114); |
132 | int EVP_PKEY_CTX_set_dhx_rfc5114(EVP_PKEY_CTX *ctx, int rfc5114); | |
133 | int EVP_PKEY_CTX_set_dh_kdf_type(EVP_PKEY_CTX *ctx, int kdf); | |
134 | int EVP_PKEY_CTX_get_dh_kdf_type(EVP_PKEY_CTX *ctx); | |
135 | int EVP_PKEY_CTX_set0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT *oid); | |
136 | int EVP_PKEY_CTX_get0_dh_kdf_oid(EVP_PKEY_CTX *ctx, ASN1_OBJECT **oid); | |
137 | int EVP_PKEY_CTX_set_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md); | |
138 | int EVP_PKEY_CTX_get_dh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md); | |
139 | int EVP_PKEY_CTX_set_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int len); | |
140 | int EVP_PKEY_CTX_get_dh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len); | |
141 | int EVP_PKEY_CTX_set0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len); | |
142 | int EVP_PKEY_CTX_get0_dh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm); | |
90ccf05f DSH |
143 | |
144 | #include <openssl/ec.h> | |
e5a8712d | 145 | |
90ccf05f | 146 | int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid); |
146ca72c | 147 | int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc); |
ffd89124 AS |
148 | int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode); |
149 | int EVP_PKEY_CTX_get_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx); | |
150 | int EVP_PKEY_CTX_set_ecdh_kdf_type(EVP_PKEY_CTX *ctx, int kdf); | |
151 | int EVP_PKEY_CTX_get_ecdh_kdf_type(EVP_PKEY_CTX *ctx); | |
152 | int EVP_PKEY_CTX_set_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md); | |
153 | int EVP_PKEY_CTX_get_ecdh_kdf_md(EVP_PKEY_CTX *ctx, const EVP_MD **md); | |
154 | int EVP_PKEY_CTX_set_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int len); | |
155 | int EVP_PKEY_CTX_get_ecdh_kdf_outlen(EVP_PKEY_CTX *ctx, int *len); | |
156 | int EVP_PKEY_CTX_set0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char *ukm, int len); | |
157 | int EVP_PKEY_CTX_get0_ecdh_kdf_ukm(EVP_PKEY_CTX *ctx, unsigned char **ukm); | |
90ccf05f | 158 | |
675f4cee PY |
159 | int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len); |
160 | int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id); | |
161 | int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len); | |
162 | ||
90ccf05f DSH |
163 | =head1 DESCRIPTION |
164 | ||
9c45222d MC |
165 | The EVP_PKEY_CTX_get_params() and EVP_PKEY_CTX_set_params() functions get and |
166 | send arbitrary parameters from and to the algorithm implementation respectively. | |
12df11bd MC |
167 | Not all parameters may be supported by all providers. |
168 | See L<OSSL_PROVIDER(3)> for more information on providers. | |
169 | See L<OSSL_PARAM(3)> for more information on parameters. | |
9c45222d | 170 | These functions must only be called after the EVP_PKEY_CTX has been initialised |
fadb57e5 | 171 | for use in an operation. |
9c45222d | 172 | |
12df11bd MC |
173 | The parameters currently supported by the default provider are: |
174 | ||
175 | =over 4 | |
176 | ||
42462e40 | 177 | =item "pad" (B<OSSL_EXCHANGE_PARAM_PAD>) <unsigned integer> |
12df11bd MC |
178 | |
179 | Sets the DH padding mode. | |
9c0586d5 | 180 | If B<OSSL_EXCHANGE_PARAM_PAD> is 1 then the shared secret is padded with zeros |
e72467d3 | 181 | up to the size of the DH prime I<p>. |
12df11bd MC |
182 | If B<OSSL_EXCHANGE_PARAM_PAD> is zero (the default) then no padding is |
183 | performed. | |
184 | ||
42462e40 | 185 | =item "digest" (B<OSSL_SIGNATURE_PARAM_DIGEST>) <UTF8 string> |
11031468 | 186 | |
9c45222d MC |
187 | Gets and sets the name of the digest algorithm used for the input to the |
188 | signature functions. | |
11031468 | 189 | |
42462e40 | 190 | =item "digest-size" (B<OSSL_SIGNATURE_PARAM_DIGEST_SIZE>) <unsigned integer> |
11031468 | 191 | |
9c45222d MC |
192 | Gets and sets the output size of the digest algorithm used for the input to the |
193 | signature functions. | |
42462e40 | 194 | The length of the "digest-size" parameter should not exceed that of a B<size_t>. |
11031468 MC |
195 | The internal algorithm that supports this parameter is DSA. |
196 | ||
12df11bd MC |
197 | =back |
198 | ||
9c45222d | 199 | EVP_PKEY_CTX_gettable_params() and EVP_PKEY_CTX_settable_params() gets a |
79c44b4e | 200 | constant B<OSSL_PARAM> array that describes the gettable and |
9c45222d MC |
201 | settable parameters for the current algorithm implementation, i.e. parameters |
202 | that can be used with EVP_PKEY_CTX_get_params() and EVP_PKEY_CTX_set_params() | |
203 | respectively. | |
204 | See L<OSSL_PARAM(3)> for the use of B<OSSL_PARAM> as parameter descriptor. | |
205 | These functions must only be called after the EVP_PKEY_CTX has been initialised | |
fadb57e5 | 206 | for use in an operation. |
9c45222d | 207 | |
90ccf05f | 208 | The function EVP_PKEY_CTX_ctrl() sends a control operation to the context |
e72467d3 RL |
209 | I<ctx>. The key type used must match I<keytype> if it is not -1. The parameter |
210 | I<optype> is a mask indicating which operations the control can be applied to. | |
211 | The control command is indicated in I<cmd> and any additional arguments in | |
212 | I<p1> and I<p2>. | |
90ccf05f | 213 | |
6f4b7663 RL |
214 | For I<cmd> = B<EVP_PKEY_CTRL_SET_MAC_KEY>, I<p1> is the length of the MAC key, |
215 | and I<p2> is the MAC key. This is used by Poly1305, SipHash, HMAC and CMAC. | |
52ad5b60 | 216 | |
90ccf05f DSH |
217 | Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will |
218 | instead call one of the algorithm specific macros below. | |
219 | ||
ffd89124 | 220 | The function EVP_PKEY_CTX_ctrl_uint64() is a wrapper that directly passes a |
e72467d3 | 221 | uint64 value as I<p2> to EVP_PKEY_CTX_ctrl(). |
ffd89124 | 222 | |
aafbe1cc | 223 | The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm |
e72467d3 | 224 | specific control operation to a context I<ctx> in string form. This is |
90ccf05f DSH |
225 | intended to be used for options specified on the command line or in text |
226 | files. The commands supported are documented in the openssl utility | |
e72467d3 RL |
227 | command line pages for the option I<-pkeyopt> which is supported by the |
228 | I<pkeyutl>, I<genpkey> and I<req> commands. | |
90ccf05f | 229 | |
ffd89124 | 230 | The function EVP_PKEY_CTX_md() sends a message digest control operation |
e72467d3 | 231 | to the context I<ctx>. The message digest is specified by its name I<md>. |
ffd89124 | 232 | |
9c45222d MC |
233 | The EVP_PKEY_CTX_set_signature_md() function sets the message digest type used |
234 | in a signature. It can be used in the RSA, DSA and ECDSA algorithms. | |
90ccf05f | 235 | |
9c45222d | 236 | The EVP_PKEY_CTX_get_signature_md() function gets the message digest type used |
d45a97f4 MC |
237 | in a signature. It can be used in the RSA, DSA and ECDSA algorithms. |
238 | ||
9c45222d | 239 | All the remaining "functions" are implemented as macros. |
d45a97f4 MC |
240 | |
241 | Key generation typically involves setting up parameters to be used and | |
242 | generating the private and public key data. Some algorithm implementations | |
243 | allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key() | |
244 | macro. In this case key generation is simply the process of setting up the | |
245 | parameters for the key and then setting the raw key data to the value explicitly | |
246 | provided by that macro. Normally applications would call | |
f929439f | 247 | L<EVP_PKEY_new_raw_private_key(3)> or similar functions instead of this macro. |
d45a97f4 MC |
248 | |
249 | The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms | |
f929439f | 250 | supported by the L<EVP_PKEY_new_raw_private_key(3)> function. |
90ccf05f | 251 | |
ffd89124 AS |
252 | =head2 RSA parameters |
253 | ||
e72467d3 RL |
254 | The EVP_PKEY_CTX_set_rsa_padding() function sets the RSA padding mode for I<ctx>. |
255 | The I<pad> parameter can take the value B<RSA_PKCS1_PADDING> for PKCS#1 | |
ffd89124 AS |
256 | padding, B<RSA_SSLV23_PADDING> for SSLv23 padding, B<RSA_NO_PADDING> for |
257 | no padding, B<RSA_PKCS1_OAEP_PADDING> for OAEP padding (encrypt and | |
258 | decrypt only), B<RSA_X931_PADDING> for X9.31 padding (signature operations | |
350c9235 MC |
259 | only), B<RSA_PKCS1_PSS_PADDING> (sign and verify only) and |
260 | B<RSA_PKCS1_WITH_TLS_PADDING> for TLS RSA ClientKeyExchange message padding | |
261 | (decryption only). | |
90ccf05f DSH |
262 | |
263 | Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() | |
264 | is used. If this macro is called for PKCS#1 padding the plaintext buffer is | |
265 | an actual digest value and is encapsulated in a DigestInfo structure according | |
266 | to PKCS#1 when signing and this structure is expected (and stripped off) when | |
267 | verifying. If this control is not used with RSA and PKCS#1 padding then the | |
268 | supplied data is used directly and not encapsulated. In the case of X9.31 | |
269 | padding for RSA the algorithm identifier byte is added or checked and removed | |
9d22666e F |
270 | if this control is called. If it is not called then the first byte of the plaintext |
271 | buffer is expected to be the algorithm identifier byte. | |
90ccf05f | 272 | |
e72467d3 | 273 | The EVP_PKEY_CTX_get_rsa_padding() function gets the RSA padding mode for I<ctx>. |
ffd89124 | 274 | |
6f4b7663 RL |
275 | The EVP_PKEY_CTX_set_rsa_pss_saltlen() function sets the RSA PSS salt |
276 | length to I<saltlen>. As its name implies it is only supported for PSS | |
277 | padding. If this function is not called then the maximum salt length | |
278 | is used when signing and auto detection when verifying. Three special | |
279 | values are supported: | |
90ccf05f | 280 | |
6f4b7663 RL |
281 | =over 4 |
282 | ||
283 | =item B<RSA_PSS_SALTLEN_DIGEST> | |
284 | ||
285 | sets the salt length to the digest length. | |
286 | ||
287 | =item B<RSA_PSS_SALTLEN_MAX> | |
288 | ||
289 | sets the salt length to the maximum permissible value. | |
290 | ||
291 | =item B<RSA_PSS_SALTLEN_AUTO> | |
292 | ||
293 | causes the salt length to be automatically determined based on the | |
294 | B<PSS> block structure when verifying. When signing, it has the same | |
295 | meaning as B<RSA_PSS_SALTLEN_MAX>. | |
296 | ||
297 | =back | |
298 | ||
299 | The EVP_PKEY_CTX_get_rsa_pss_saltlen() function gets the RSA PSS salt length | |
e72467d3 | 300 | for I<ctx>. The padding mode must already have been set to |
6f4b7663 | 301 | B<RSA_PKCS1_PSS_PADDING>. |
ffd89124 | 302 | |
1722496f | 303 | The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for |
6f4b7663 | 304 | RSA key generation to I<bits>. If not specified 2048 bits is used. |
90ccf05f DSH |
305 | |
306 | The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value | |
e72467d3 RL |
307 | for RSA key generation to I<pubexp>. Currently it should be an odd integer. The |
308 | I<pubexp> pointer is used internally by this function so it should not be | |
ffd89124 AS |
309 | modified or freed after the call. If not specified 65537 is used. |
310 | ||
311 | The EVP_PKEY_CTX_set_rsa_keygen_primes() macro sets the number of primes for | |
e72467d3 | 312 | RSA key generation to I<primes>. If not specified 2 is used. |
ffd89124 | 313 | |
d8fef6da | 314 | The EVP_PKEY_CTX_set_rsa_mgf1_md_name() function sets the MGF1 digest for RSA |
e72467d3 | 315 | padding schemes to the digest named I<mdname>. If the RSA algorithm |
d8fef6da | 316 | implementation for the selected provider supports it then the digest will be |
e72467d3 | 317 | fetched using the properties I<mdprops>. If not explicitly set the signing |
d8fef6da | 318 | digest is used. The padding mode must have been set to B<RSA_PKCS1_OAEP_PADDING> |
ffd89124 AS |
319 | or B<RSA_PKCS1_PSS_PADDING>. |
320 | ||
d8fef6da MC |
321 | The EVP_PKEY_CTX_set_rsa_mgf1_md() function does the same as |
322 | EVP_PKEY_CTX_set_rsa_mgf1_md_name() except that the name of the digest is | |
e72467d3 | 323 | inferred from the supplied I<md> and it is not possible to specify any |
d8fef6da MC |
324 | properties. |
325 | ||
326 | The EVP_PKEY_CTX_get_rsa_mgf1_md_name() function gets the name of the MGF1 | |
e72467d3 | 327 | digest algorithm for I<ctx>. If not explicitly set the signing digest is used. |
d8fef6da MC |
328 | The padding mode must have been set to B<RSA_PKCS1_OAEP_PADDING> or |
329 | B<RSA_PKCS1_PSS_PADDING>. | |
330 | ||
331 | The EVP_PKEY_CTX_get_rsa_mgf1_md() function does the same as | |
332 | EVP_PKEY_CTX_get_rsa_mgf1_md_name() except that it returns a pointer to an | |
333 | EVP_MD object instead. Note that only known, built-in EVP_MD objects will be | |
334 | returned. The EVP_MD object may be NULL if the digest is not one of these (such | |
335 | as a digest only implemented in a third party provider). | |
336 | ||
337 | The EVP_PKEY_CTX_set_rsa_oaep_md_name() function sets the message digest type | |
e72467d3 | 338 | used in RSA OAEP to the digest named I<mdname>. If the RSA algorithm |
d8fef6da | 339 | implementation for the selected provider supports it then the digest will be |
e72467d3 | 340 | fetched using the properties I<mdprops>. The padding mode must have been set to |
ffd89124 AS |
341 | B<RSA_PKCS1_OAEP_PADDING>. |
342 | ||
d8fef6da MC |
343 | The EVP_PKEY_CTX_set_rsa_oaep_md() function does the same as |
344 | EVP_PKEY_CTX_set_rsa_oaep_md_name() except that the name of the digest is | |
e72467d3 | 345 | inferred from the supplied I<md> and it is not possible to specify any |
d8fef6da MC |
346 | properties. |
347 | ||
348 | The EVP_PKEY_CTX_get_rsa_oaep_md_name() function gets the message digest | |
e72467d3 RL |
349 | algorithm name used in RSA OAEP and stores it in the buffer I<name> which is of |
350 | size I<namelen>. The padding mode must have been set to | |
d8fef6da MC |
351 | B<RSA_PKCS1_OAEP_PADDING>. The buffer should be sufficiently large for any |
352 | expected digest algorithm names or the function will fail. | |
ffd89124 | 353 | |
d8fef6da MC |
354 | The EVP_PKEY_CTX_get_rsa_oaep_md() function does the same as |
355 | EVP_PKEY_CTX_get_rsa_oaep_md_name() except that it returns a pointer to an | |
356 | EVP_MD object instead. Note that only known, built-in EVP_MD objects will be | |
357 | returned. The EVP_MD object may be NULL if the digest is not one of these (such | |
358 | as a digest only implemented in a third party provider). | |
359 | ||
360 | The EVP_PKEY_CTX_set0_rsa_oaep_label() function sets the RSA OAEP label to | |
e72467d3 | 361 | I<label> and its length to I<len>. If I<label> is NULL or I<len> is 0, |
ffd89124 | 362 | the label is cleared. The library takes ownership of the label so the |
e72467d3 | 363 | caller should not free the original memory pointed to by I<label>. |
ffd89124 AS |
364 | The padding mode must have been set to B<RSA_PKCS1_OAEP_PADDING>. |
365 | ||
d8fef6da | 366 | The EVP_PKEY_CTX_get0_rsa_oaep_label() function gets the RSA OAEP label to |
e72467d3 | 367 | I<label>. The return value is the label length. The padding mode |
ffd89124 AS |
368 | must have been set to B<RSA_PKCS1_OAEP_PADDING>. The resulting pointer is owned |
369 | by the library and should not be freed by the caller. | |
370 | ||
350c9235 MC |
371 | B<RSA_PKCS1_WITH_TLS_PADDING> is used when decrypting an RSA encrypted TLS |
372 | pre-master secret in a TLS ClientKeyExchange message. It is the same as | |
373 | RSA_PKCS1_PADDING except that it additionally verifies that the result is the | |
374 | correct length and the first two bytes are the protocol version initially | |
375 | requested by the client. If the encrypted content is publicly invalid then the | |
376 | decryption will fail. However, if the padding checks fail then decryption will | |
377 | still appear to succeed but a random TLS premaster secret will be returned | |
378 | instead. This padding mode accepts two parameters which can be set using the | |
379 | L<EVP_PKEY_CTX_set_params(3)> function. These are | |
380 | OSSL_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION and | |
381 | OSSL_ASYM_CIPHER_PARAM_TLS_NEGOTIATED_VERSION, both of which are expected to be | |
382 | unsigned integers. Normally only the first of these will be set and represents | |
383 | the TLS protocol version that was first requested by the client (e.g. 0x0303 for | |
384 | TLSv1.2, 0x0302 for TLSv1.1 etc). Historically some buggy clients would use the | |
385 | negotiated protocol version instead of the protocol version first requested. If | |
386 | this behaviour should be tolerated then | |
387 | OSSL_ASYM_CIPHER_PARAM_TLS_NEGOTIATED_VERSION should be set to the actual | |
388 | negotiated protocol version. Otherwise it should be left unset. | |
389 | ||
ffd89124 | 390 | =head2 DSA parameters |
90ccf05f | 391 | |
ffd89124 | 392 | The EVP_PKEY_CTX_set_dsa_paramgen_bits() macro sets the number of bits used |
6f4b7663 | 393 | for DSA parameter generation to I<nbits>. If not specified, 2048 is used. |
a97faad7 DB |
394 | |
395 | The EVP_PKEY_CTX_set_dsa_paramgen_q_bits() macro sets the number of bits in the | |
6f4b7663 RL |
396 | subprime parameter I<q> for DSA parameter generation to I<qbits>. If not |
397 | specified, 224 is used. If a digest function is specified below, this parameter | |
398 | is ignored and instead, the number of bits in I<q> matches the size of the | |
a97faad7 DB |
399 | digest. |
400 | ||
401 | The EVP_PKEY_CTX_set_dsa_paramgen_md() macro sets the digest function used for | |
e72467d3 RL |
402 | DSA parameter generation to I<md>. If not specified, one of SHA-1, SHA-224, or |
403 | SHA-256 is selected to match the bit length of I<q> above. | |
90ccf05f | 404 | |
ffd89124 AS |
405 | =head2 DH parameters |
406 | ||
407 | The EVP_PKEY_CTX_set_dh_paramgen_prime_len() macro sets the length of the DH | |
e72467d3 | 408 | prime parameter I<p> for DH parameter generation. If this macro is not called |
f11f86f6 | 409 | then 2048 is used. Only accepts lengths greater than or equal to 256. |
ffd89124 AS |
410 | |
411 | The EVP_PKEY_CTX_set_dh_paramgen_subprime_len() macro sets the length of the DH | |
e72467d3 | 412 | optional subprime parameter I<q> for DH parameter generation. The default is |
ffd89124 | 413 | 256 if the prime is at least 2048 bits long or 160 otherwise. The DH |
f11f86f6 SL |
414 | paramgen type must have been set to B<DH_PARAMGEN_TYPE_FIPS_186_2> or |
415 | B<DH_PARAMGEN_TYPE_FIPS_186_4>. | |
90ccf05f | 416 | |
e72467d3 | 417 | The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to I<gen> |
90ccf05f DSH |
418 | for DH parameter generation. If not specified 2 is used. |
419 | ||
ffd89124 | 420 | The EVP_PKEY_CTX_set_dh_paramgen_type() macro sets the key type for DH |
f11f86f6 SL |
421 | parameter generation. The supported parameters are: |
422 | ||
423 | =over 4 | |
424 | ||
425 | =item B<DH_PARAMGEN_TYPE_GENERATOR> | |
426 | ||
427 | Uses a generator g (PKCS#3 format). | |
428 | ||
429 | =item B<DH_PARAMGEN_TYPE_FIPS_186_2> | |
430 | ||
431 | FIPS186-2 FFC parameter generator (X9.42 DH). | |
432 | ||
433 | =item B<DH_PARAMGEN_TYPE_FIPS_186_4> | |
434 | ||
435 | FIPS186-4 FFC parameter generator. | |
436 | ||
437 | =back | |
438 | ||
439 | The default is B<DH_PARAMGEN_TYPE_GENERATOR>. | |
ffd89124 | 440 | |
12df11bd | 441 | The EVP_PKEY_CTX_set_dh_pad() function sets the DH padding mode. |
e72467d3 RL |
442 | If I<pad> is 1 the shared secret is padded with zeros up to the size of the DH |
443 | prime I<p>. | |
444 | If I<pad> is zero (the default) then no padding is performed. | |
5368bf05 DSH |
445 | |
446 | EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to | |
e72467d3 | 447 | I<nid> as defined in RFC7919 or RFC3526. The I<nid> parameter must be |
ca2bf555 SL |
448 | B<NID_ffdhe2048>, B<NID_ffdhe3072>, B<NID_ffdhe4096>, B<NID_ffdhe6144>, |
449 | B<NID_ffdhe8192>, B<NID_modp_1536>, B<NID_modp_2048>, B<NID_modp_3072>, | |
450 | B<NID_modp_4096>, B<NID_modp_6144>, B<NID_modp_8192> or B<NID_undef> to clear | |
451 | the stored value. This macro can be called during parameter or key generation. | |
ffd89124 AS |
452 | The nid parameter and the rfc5114 parameter are mutually exclusive. |
453 | ||
454 | The EVP_PKEY_CTX_set_dh_rfc5114() and EVP_PKEY_CTX_set_dhx_rfc5114() macros are | |
455 | synonymous. They set the DH parameters to the values defined in RFC5114. The | |
e72467d3 | 456 | I<rfc5114> parameter must be 1, 2 or 3 corresponding to RFC5114 sections |
ffd89124 | 457 | 2.1, 2.2 and 2.3. or 0 to clear the stored value. This macro can be called |
e72467d3 | 458 | during parameter generation. The I<ctx> must have a key type of |
ffd89124 AS |
459 | B<EVP_PKEY_DHX>. |
460 | The rfc5114 parameter and the nid parameter are mutually exclusive. | |
461 | ||
462 | =head2 DH key derivation function parameters | |
463 | ||
e72467d3 | 464 | Note that all of the following functions require that the I<ctx> parameter has |
ffd89124 AS |
465 | a private key type of B<EVP_PKEY_DHX>. When using key derivation, the output of |
466 | EVP_PKEY_derive() is the output of the KDF instead of the DH shared secret. | |
467 | The KDF output is typically used as a Key Encryption Key (KEK) that in turn | |
468 | encrypts a Content Encryption Key (CEK). | |
469 | ||
470 | The EVP_PKEY_CTX_set_dh_kdf_type() macro sets the key derivation function type | |
e72467d3 | 471 | to I<kdf> for DH key derivation. Possible values are B<EVP_PKEY_DH_KDF_NONE> |
ffd89124 AS |
472 | and B<EVP_PKEY_DH_KDF_X9_42> which uses the key derivation specified in RFC2631 |
473 | (based on the keying algorithm described in X9.42). When using key derivation, | |
e72467d3 | 474 | the I<kdf_oid>, I<kdf_md> and I<kdf_outlen> parameters must also be specified. |
ffd89124 AS |
475 | |
476 | The EVP_PKEY_CTX_get_dh_kdf_type() macro gets the key derivation function type | |
e72467d3 | 477 | for I<ctx> used for DH key derivation. Possible values are B<EVP_PKEY_DH_KDF_NONE> |
ffd89124 AS |
478 | and B<EVP_PKEY_DH_KDF_X9_42>. |
479 | ||
480 | The EVP_PKEY_CTX_set0_dh_kdf_oid() macro sets the key derivation function | |
e72467d3 | 481 | object identifier to I<oid> for DH key derivation. This OID should identify |
ffd89124 AS |
482 | the algorithm to be used with the Content Encryption Key. |
483 | The library takes ownership of the object identifier so the caller should not | |
e72467d3 | 484 | free the original memory pointed to by I<oid>. |
ffd89124 AS |
485 | |
486 | The EVP_PKEY_CTX_get0_dh_kdf_oid() macro gets the key derivation function oid | |
e72467d3 | 487 | for I<ctx> used for DH key derivation. The resulting pointer is owned by the |
ffd89124 AS |
488 | library and should not be freed by the caller. |
489 | ||
490 | The EVP_PKEY_CTX_set_dh_kdf_md() macro sets the key derivation function | |
e72467d3 | 491 | message digest to I<md> for DH key derivation. Note that RFC2631 specifies |
ffd89124 AS |
492 | that this digest should be SHA1 but OpenSSL tolerates other digests. |
493 | ||
494 | The EVP_PKEY_CTX_get_dh_kdf_md() macro gets the key derivation function | |
e72467d3 | 495 | message digest for I<ctx> used for DH key derivation. |
ffd89124 AS |
496 | |
497 | The EVP_PKEY_CTX_set_dh_kdf_outlen() macro sets the key derivation function | |
e72467d3 | 498 | output length to I<len> for DH key derivation. |
ffd89124 AS |
499 | |
500 | The EVP_PKEY_CTX_get_dh_kdf_outlen() macro gets the key derivation function | |
e72467d3 | 501 | output length for I<ctx> used for DH key derivation. |
ffd89124 AS |
502 | |
503 | The EVP_PKEY_CTX_set0_dh_kdf_ukm() macro sets the user key material to | |
e72467d3 | 504 | I<ukm> and its length to I<len> for DH key derivation. This parameter is optional |
ffd89124 AS |
505 | and corresponds to the partyAInfo field in RFC2631 terms. The specification |
506 | requires that it is 512 bits long but this is not enforced by OpenSSL. | |
507 | The library takes ownership of the user key material so the caller should not | |
e72467d3 | 508 | free the original memory pointed to by I<ukm>. |
ffd89124 | 509 | |
e72467d3 | 510 | The EVP_PKEY_CTX_get0_dh_kdf_ukm() macro gets the user key material for I<ctx>. |
ffd89124 AS |
511 | The return value is the user key material length. The resulting pointer is owned |
512 | by the library and should not be freed by the caller. | |
513 | ||
514 | =head2 EC parameters | |
5368bf05 | 515 | |
90ccf05f | 516 | The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter |
e72467d3 | 517 | generation to I<nid>. For EC parameter generation this macro must be called |
a528d4f0 RS |
518 | or an error occurs because there is no default curve. |
519 | This function can also be called to set the curve explicitly when | |
146ca72c DSH |
520 | generating an EC key. |
521 | ||
ffd89124 | 522 | The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to |
e72467d3 | 523 | I<param_enc> when generating EC parameters or an EC key. The encoding can be |
146ca72c DSH |
524 | B<OPENSSL_EC_EXPLICIT_CURVE> for explicit parameters (the default in versions |
525 | of OpenSSL before 1.1.0) or B<OPENSSL_EC_NAMED_CURVE> to use named curve form. | |
526 | For maximum compatibility the named curve form should be used. Note: the | |
fc5ecadd | 527 | B<OPENSSL_EC_NAMED_CURVE> value was added in OpenSSL 1.1.0; previous |
146ca72c | 528 | versions should use 0 instead. |
90ccf05f | 529 | |
ffd89124 AS |
530 | =head2 ECDH parameters |
531 | ||
532 | The EVP_PKEY_CTX_set_ecdh_cofactor_mode() macro sets the cofactor mode to | |
e72467d3 | 533 | I<cofactor_mode> for ECDH key derivation. Possible values are 1 to enable |
ffd89124 AS |
534 | cofactor key derivation, 0 to disable it and -1 to clear the stored cofactor |
535 | mode and fallback to the private key cofactor mode. | |
536 | ||
537 | The EVP_PKEY_CTX_get_ecdh_cofactor_mode() macro returns the cofactor mode for | |
e72467d3 | 538 | I<ctx> used for ECDH key derivation. Possible values are 1 when cofactor key |
ffd89124 AS |
539 | derivation is enabled and 0 otherwise. |
540 | ||
541 | =head2 ECDH key derivation function parameters | |
542 | ||
543 | The EVP_PKEY_CTX_set_ecdh_kdf_type() macro sets the key derivation function type | |
e72467d3 | 544 | to I<kdf> for ECDH key derivation. Possible values are B<EVP_PKEY_ECDH_KDF_NONE> |
ffd89124 | 545 | and B<EVP_PKEY_ECDH_KDF_X9_63> which uses the key derivation specified in X9.63. |
e72467d3 | 546 | When using key derivation, the I<kdf_md> and I<kdf_outlen> parameters must |
ffd89124 AS |
547 | also be specified. |
548 | ||
549 | The EVP_PKEY_CTX_get_ecdh_kdf_type() macro returns the key derivation function | |
e72467d3 | 550 | type for I<ctx> used for ECDH key derivation. Possible values are |
ffd89124 AS |
551 | B<EVP_PKEY_ECDH_KDF_NONE> and B<EVP_PKEY_ECDH_KDF_X9_63>. |
552 | ||
553 | The EVP_PKEY_CTX_set_ecdh_kdf_md() macro sets the key derivation function | |
e72467d3 | 554 | message digest to I<md> for ECDH key derivation. Note that X9.63 specifies |
ffd89124 AS |
555 | that this digest should be SHA1 but OpenSSL tolerates other digests. |
556 | ||
557 | The EVP_PKEY_CTX_get_ecdh_kdf_md() macro gets the key derivation function | |
e72467d3 | 558 | message digest for I<ctx> used for ECDH key derivation. |
ffd89124 AS |
559 | |
560 | The EVP_PKEY_CTX_set_ecdh_kdf_outlen() macro sets the key derivation function | |
e72467d3 | 561 | output length to I<len> for ECDH key derivation. |
ffd89124 AS |
562 | |
563 | The EVP_PKEY_CTX_get_ecdh_kdf_outlen() macro gets the key derivation function | |
e72467d3 | 564 | output length for I<ctx> used for ECDH key derivation. |
ffd89124 | 565 | |
e72467d3 | 566 | The EVP_PKEY_CTX_set0_ecdh_kdf_ukm() macro sets the user key material to I<ukm> |
ffd89124 AS |
567 | for ECDH key derivation. This parameter is optional and corresponds to the |
568 | shared info in X9.63 terms. The library takes ownership of the user key material | |
e72467d3 | 569 | so the caller should not free the original memory pointed to by I<ukm>. |
ffd89124 | 570 | |
e72467d3 | 571 | The EVP_PKEY_CTX_get0_ecdh_kdf_ukm() macro gets the user key material for I<ctx>. |
ffd89124 AS |
572 | The return value is the user key material length. The resulting pointer is owned |
573 | by the library and should not be freed by the caller. | |
574 | ||
575 | =head2 Other parameters | |
576 | ||
675f4cee | 577 | The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len() |
f922dac8 | 578 | macros are used to manipulate the special identifier field for specific signature |
e72467d3 RL |
579 | algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by I<id> with |
580 | the length I<id_len> to the library. The library takes a copy of the id so that | |
581 | the caller can safely free the original memory pointed to by I<id>. The | |
f922dac8 PY |
582 | EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous |
583 | call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate | |
584 | memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id() | |
e72467d3 RL |
585 | macro returns the previously set ID value to caller in I<id>. The caller should |
586 | allocate adequate memory space for the I<id> before calling EVP_PKEY_CTX_get1_id(). | |
675f4cee | 587 | |
90ccf05f DSH |
588 | =head1 RETURN VALUES |
589 | ||
9c45222d MC |
590 | EVP_PKEY_CTX_set_params() returns 1 for success or 0 otherwise. |
591 | EVP_PKEY_CTX_settable_params() returns an OSSL_PARAM array on success or NULL on | |
592 | error. | |
593 | It may also return NULL if there are no settable parameters available. | |
594 | ||
d8fef6da MC |
595 | All other functions and macros described on this page return a positive value |
596 | for success and 0 or a negative value for failure. In particular a return value | |
597 | of -2 indicates the operation is not supported by the public key algorithm. | |
90ccf05f DSH |
598 | |
599 | =head1 SEE ALSO | |
600 | ||
9b86974e RS |
601 | L<EVP_PKEY_CTX_new(3)>, |
602 | L<EVP_PKEY_encrypt(3)>, | |
603 | L<EVP_PKEY_decrypt(3)>, | |
604 | L<EVP_PKEY_sign(3)>, | |
605 | L<EVP_PKEY_verify(3)>, | |
606 | L<EVP_PKEY_verify_recover(3)>, | |
ffd89124 | 607 | L<EVP_PKEY_derive(3)>, |
9b86974e | 608 | L<EVP_PKEY_keygen(3)> |
90ccf05f DSH |
609 | |
610 | =head1 HISTORY | |
611 | ||
d8fef6da MC |
612 | EVP_PKEY_CTX_get_signature_md(), EVP_PKEY_CTX_set_signature_md(), |
613 | EVP_PKEY_CTX_set_dh_pad(), EVP_PKEY_CTX_set_rsa_padding(), | |
614 | EVP_PKEY_CTX_get_rsa_padding(), EVP_PKEY_CTX_get_rsa_mgf1_md(), | |
615 | EVP_PKEY_CTX_set_rsa_mgf1_md(), EVP_PKEY_CTX_set_rsa_oaep_md(), | |
616 | EVP_PKEY_CTX_get_rsa_oaep_md(), EVP_PKEY_CTX_set0_rsa_oaep_label(), | |
6f4b7663 RL |
617 | EVP_PKEY_CTX_get0_rsa_oaep_label(), EVP_PKEY_CTX_set_rsa_pss_saltlen(), |
618 | EVP_PKEY_CTX_get_rsa_pss_saltlen(), were macros in OpenSSL 1.1.1 and below. | |
619 | From OpenSSL 3.0 they are functions. | |
d8fef6da MC |
620 | |
621 | EVP_PKEY_CTX_get_rsa_oaep_md_name(), EVP_PKEY_CTX_get_rsa_mgf1_md_name(), | |
622 | EVP_PKEY_CTX_set_rsa_mgf1_md_name() and EVP_PKEY_CTX_set_rsa_oaep_md_name() were | |
623 | added in OpenSSL 3.0. | |
624 | ||
625 | The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and | |
626 | EVP_PKEY_CTX_get1_id_len() macros were added in 1.1.1, other functions were | |
627 | added in OpenSSL 1.0.0. | |
12df11bd | 628 | |
e2f92610 RS |
629 | =head1 COPYRIGHT |
630 | ||
b0edda11 | 631 | Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved. |
e2f92610 | 632 | |
4746f25a | 633 | Licensed under the Apache License 2.0 (the "License"). You may not use |
e2f92610 RS |
634 | this file except in compliance with the License. You can obtain a copy |
635 | in the file LICENSE in the source distribution or at | |
636 | L<https://www.openssl.org/source/license.html>. | |
637 | ||
638 | =cut |