]>
Commit | Line | Data |
---|---|---|
5165148f DSH |
1 | =pod |
2 | ||
3 | =head1 NAME | |
4 | ||
e683582b SL |
5 | EVP_PKEY_CTX_new, EVP_PKEY_CTX_new_id, EVP_PKEY_CTX_new_from_name, |
6 | EVP_PKEY_CTX_new_from_pkey, EVP_PKEY_CTX_dup, EVP_PKEY_CTX_free | |
a07c17ef | 7 | - public key algorithm context functions |
5165148f DSH |
8 | |
9 | =head1 SYNOPSIS | |
10 | ||
11 | #include <openssl/evp.h> | |
12 | ||
13 | EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e); | |
14 | EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e); | |
b4250010 | 15 | EVP_PKEY_CTX *EVP_PKEY_CTX_new_from_name(OSSL_LIB_CTX *libctx, |
e683582b SL |
16 | const char *name, |
17 | const char *propquery); | |
b4250010 | 18 | EVP_PKEY_CTX *EVP_PKEY_CTX_new_from_pkey(OSSL_LIB_CTX *libctx, |
a64a143f JB |
19 | EVP_PKEY *pkey, |
20 | const char *propquery); | |
9fdcc21f | 21 | EVP_PKEY_CTX *EVP_PKEY_CTX_dup(const EVP_PKEY_CTX *ctx); |
5165148f DSH |
22 | void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx); |
23 | ||
24 | =head1 DESCRIPTION | |
25 | ||
26 | The EVP_PKEY_CTX_new() function allocates public key algorithm context using | |
f23bc0b7 | 27 | the I<pkey> key type and ENGINE I<e>. |
5165148f DSH |
28 | |
29 | The EVP_PKEY_CTX_new_id() function allocates public key algorithm context | |
f23bc0b7 | 30 | using the key type specified by I<id> and ENGINE I<e>. |
a07c17ef | 31 | |
e683582b | 32 | The EVP_PKEY_CTX_new_from_name() function allocates a public key algorithm |
b4250010 | 33 | context using the library context I<libctx> (see L<OSSL_LIB_CTX(3)>), the |
f23bc0b7 | 34 | key type specified by I<name> and the property query I<propquery>. None |
3ee348b0 | 35 | of the arguments are duplicated, so they must remain unchanged for the |
ccb47dbf RL |
36 | lifetime of the returned B<EVP_PKEY_CTX> or of any of its duplicates. Read |
37 | further about the possible names in L</NOTES> below. | |
a07c17ef | 38 | |
e683582b | 39 | The EVP_PKEY_CTX_new_from_pkey() function allocates a public key algorithm |
b4250010 | 40 | context using the library context I<libctx> (see L<OSSL_LIB_CTX(3)>) and the |
2ee4a50a MC |
41 | algorithm specified by I<pkey> and the property query I<propquery>. None of the |
42 | arguments are duplicated, so they must remain unchanged for the lifetime of the | |
43 | returned B<EVP_PKEY_CTX> or any of its duplicates. | |
e683582b SL |
44 | |
45 | EVP_PKEY_CTX_new_id() and EVP_PKEY_CTX_new_from_name() are normally | |
a07c17ef RL |
46 | used when no B<EVP_PKEY> structure is associated with the operations, |
47 | for example during parameter generation or key generation for some | |
48 | algorithms. | |
5165148f | 49 | |
ac7750bb SL |
50 | EVP_PKEY_CTX_dup() duplicates the context I<ctx>. It is not supported for a |
51 | keygen operation. | |
5165148f | 52 | |
028687c0 RL |
53 | EVP_PKEY_CTX_free() frees up the context I<ctx>. |
54 | If I<ctx> is NULL, nothing is done. | |
5165148f DSH |
55 | |
56 | =head1 NOTES | |
57 | ||
ccb47dbf | 58 | =head2 On B<EVP_PKEY_CTX> |
f23bc0b7 | 59 | |
5165148f | 60 | The B<EVP_PKEY_CTX> structure is an opaque public key algorithm context used |
8c1cbc72 | 61 | by the OpenSSL high-level public key API. Contexts B<MUST NOT> be shared between |
5165148f DSH |
62 | threads: that is it is not permissible to use the same context simultaneously |
63 | in two threads. | |
64 | ||
ccb47dbf | 65 | =head2 On Key Types |
f23bc0b7 RL |
66 | |
67 | We mention "key type" in this manual, which is the same | |
68 | as "algorithm" in most cases, allowing either term to be used | |
69 | interchangeably. There are algorithms where the I<key type> and the | |
70 | I<algorithm> of the operations that use the keys are not the same, | |
71 | such as EC keys being used for ECDSA and ECDH operations. | |
72 | ||
ccb47dbf RL |
73 | Key types are given in two different manners: |
74 | ||
75 | =over 4 | |
76 | ||
77 | =item Legacy NID or EVP_PKEY type | |
78 | ||
79 | This is the I<id> used with EVP_PKEY_CTX_new_id(). | |
80 | ||
81 | These are B<EVP_PKEY_RSA>, B<EVP_PKEY_RSA_PSS>, B<EVP_PKEY_DSA>, | |
82 | B<EVP_PKEY_DH>, B<EVP_PKEY_EC>, B<EVP_PKEY_SM2>, B<EVP_PKEY_X25519>, | |
83 | B<EVP_PKEY_X448>, and are used by legacy methods. | |
84 | ||
85 | =item Name strings | |
86 | ||
87 | This is the I<name> used with EVP_PKEY_CTX_new_from_name(). | |
88 | ||
89 | These are names like "RSA", "DSA", and what's available depends on what | |
90 | providers are currently accessible. | |
91 | ||
92 | The OpenSSL providers offer a set of key types available this way, please | |
93 | see L<OSSL_PROVIDER-FIPS(7)> and L<OSSL_PROVIDER-default(7)> and related | |
94 | documentation for more information. | |
95 | ||
f23bc0b7 RL |
96 | =back |
97 | ||
5165148f DSH |
98 | =head1 RETURN VALUES |
99 | ||
ac7750bb | 100 | EVP_PKEY_CTX_new(), EVP_PKEY_CTX_new_id() and EVP_PKEY_CTX_dup() return either |
6926be0b | 101 | the newly allocated B<EVP_PKEY_CTX> structure or B<NULL> if an error occurred. |
5165148f DSH |
102 | |
103 | EVP_PKEY_CTX_free() does not return a value. | |
104 | ||
105 | =head1 SEE ALSO | |
106 | ||
9b86974e | 107 | L<EVP_PKEY_new(3)> |
5165148f DSH |
108 | |
109 | =head1 HISTORY | |
110 | ||
e683582b SL |
111 | The EVP_PKEY_CTX_new(), EVP_PKEY_CTX_new_id(), EVP_PKEY_CTX_dup() and |
112 | EVP_PKEY_CTX_free() functions were added in OpenSSL 1.0.0. | |
113 | ||
114 | The EVP_PKEY_CTX_new_from_name() and EVP_PKEY_CTX_new_from_pkey() functions were | |
115 | added in OpenSSL 3.0. | |
5165148f | 116 | |
e2f92610 RS |
117 | =head1 COPYRIGHT |
118 | ||
33388b44 | 119 | Copyright 2006-2020 The OpenSSL Project Authors. All Rights Reserved. |
e2f92610 | 120 | |
4746f25a | 121 | Licensed under the Apache License 2.0 (the "License"). You may not use |
e2f92610 RS |
122 | this file except in compliance with the License. You can obtain a copy |
123 | in the file LICENSE in the source distribution or at | |
124 | L<https://www.openssl.org/source/license.html>. | |
125 | ||
126 | =cut |