[thirdparty/openssl.git] / doc / man3 / EVP_PKEY_meth_new.pod

=pod

=head1 NAME

EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find,
EVP_PKEY_meth_add0, EVP_PKEY_METHOD,
EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup,
EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign,
EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx,
EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt,
EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl,
EVP_PKEY_meth_set_digestsign, EVP_PKEY_meth_set_digestverify,
EVP_PKEY_meth_set_check,
EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check,
EVP_PKEY_meth_set_digest_custom,
EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup,
EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign,
EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx,
EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt,
EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl,
EVP_PKEY_meth_get_digestsign, EVP_PKEY_meth_get_digestverify,
EVP_PKEY_meth_get_check,
EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check,
EVP_PKEY_meth_get_digest_custom,
EVP_PKEY_meth_remove
- manipulating EVP_PKEY_METHOD structure

=head1 SYNOPSIS

 #include <openssl/evp.h>

Deprecated since OpenSSL 3.0, can be hidden entirely by defining
B<OPENSSL_API_COMPAT> with a suitable version value, see
L<openssl_user_macros(7)>:

 typedef struct evp_pkey_method_st EVP_PKEY_METHOD;

 EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
 void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
 void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
 const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
 int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
 int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);

 void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
                             int (*init) (EVP_PKEY_CTX *ctx));
 void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
                             int (*copy) (EVP_PKEY_CTX *dst,
                                          const EVP_PKEY_CTX *src));
 void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
                                void (*cleanup) (EVP_PKEY_CTX *ctx));
 void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
                                 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
                                 int (*paramgen) (EVP_PKEY_CTX *ctx,
                                                  EVP_PKEY *pkey));
 void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
                               int (*keygen_init) (EVP_PKEY_CTX *ctx),
                               int (*keygen) (EVP_PKEY_CTX *ctx,
                                              EVP_PKEY *pkey));
 void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
                             int (*sign_init) (EVP_PKEY_CTX *ctx),
                             int (*sign) (EVP_PKEY_CTX *ctx,
                                          unsigned char *sig, size_t *siglen,
                                          const unsigned char *tbs,
                                          size_t tbslen));
 void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
                               int (*verify_init) (EVP_PKEY_CTX *ctx),
                               int (*verify) (EVP_PKEY_CTX *ctx,
                                              const unsigned char *sig,
                                              size_t siglen,
                                              const unsigned char *tbs,
                                              size_t tbslen));
 void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
                                       int (*verify_recover_init) (EVP_PKEY_CTX
                                                                   *ctx),
                                       int (*verify_recover) (EVP_PKEY_CTX
                                                              *ctx,
                                                              unsigned char
                                                              *sig,
                                                              size_t *siglen,
                                                              const unsigned
                                                              char *tbs,
                                                              size_t tbslen));
 void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
                                int (*signctx_init) (EVP_PKEY_CTX *ctx,
                                                     EVP_MD_CTX *mctx),
                                int (*signctx) (EVP_PKEY_CTX *ctx,
                                                unsigned char *sig,
                                                size_t *siglen,
                                                EVP_MD_CTX *mctx));
 void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
                                  int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
                                                         EVP_MD_CTX *mctx),
                                  int (*verifyctx) (EVP_PKEY_CTX *ctx,
                                                    const unsigned char *sig,
                                                    int siglen,
                                                    EVP_MD_CTX *mctx));
 void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
                                int (*encrypt_init) (EVP_PKEY_CTX *ctx),
                                int (*encryptfn) (EVP_PKEY_CTX *ctx,
                                                  unsigned char *out,
                                                  size_t *outlen,
                                                  const unsigned char *in,
                                                  size_t inlen));
 void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
                                int (*decrypt_init) (EVP_PKEY_CTX *ctx),
                                int (*decrypt) (EVP_PKEY_CTX *ctx,
                                                unsigned char *out,
                                                size_t *outlen,
                                                const unsigned char *in,
                                                size_t inlen));
 void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
                               int (*derive_init) (EVP_PKEY_CTX *ctx),
                               int (*derive) (EVP_PKEY_CTX *ctx,
                                              unsigned char *key,
                                              size_t *keylen));
 void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
                             int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
                                          void *p2),
                             int (*ctrl_str) (EVP_PKEY_CTX *ctx,
                                              const char *type,
                                              const char *value));
 void EVP_PKEY_meth_set_digestsign(EVP_PKEY_METHOD *pmeth,
                                   int (*digestsign) (EVP_MD_CTX *ctx,
                                                      unsigned char *sig,
                                                      size_t *siglen,
                                                      const unsigned char *tbs,
                                                      size_t tbslen));
 void EVP_PKEY_meth_set_digestverify(EVP_PKEY_METHOD *pmeth,
                                     int (*digestverify) (EVP_MD_CTX *ctx,
                                                          const unsigned char *sig,
                                                          size_t siglen,
                                                          const unsigned char *tbs,
                                                          size_t tbslen));
 void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
                              int (*check) (EVP_PKEY *pkey));
 void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
                                     int (*check) (EVP_PKEY *pkey));
 void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
                                    int (*check) (EVP_PKEY *pkey));
 void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
                                     int (*digest_custom) (EVP_PKEY_CTX *ctx,
                                                           EVP_MD_CTX *mctx));

 void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
                             int (**pinit) (EVP_PKEY_CTX *ctx));
 void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
                             int (**pcopy) (EVP_PKEY_CTX *dst,
                                            EVP_PKEY_CTX *src));
 void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
                                void (**pcleanup) (EVP_PKEY_CTX *ctx));
 void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
                                 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
                                 int (**pparamgen) (EVP_PKEY_CTX *ctx,
                                                    EVP_PKEY *pkey));
 void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
                               int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
                               int (**pkeygen) (EVP_PKEY_CTX *ctx,
                                                EVP_PKEY *pkey));
 void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
                             int (**psign_init) (EVP_PKEY_CTX *ctx),
                             int (**psign) (EVP_PKEY_CTX *ctx,
                                            unsigned char *sig, size_t *siglen,
                                            const unsigned char *tbs,
                                            size_t tbslen));
 void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
                               int (**pverify_init) (EVP_PKEY_CTX *ctx),
                               int (**pverify) (EVP_PKEY_CTX *ctx,
                                                const unsigned char *sig,
                                                size_t siglen,
                                                const unsigned char *tbs,
                                                size_t tbslen));
 void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
                                       int (**pverify_recover_init) (EVP_PKEY_CTX
                                                                     *ctx),
                                       int (**pverify_recover) (EVP_PKEY_CTX
                                                                *ctx,
                                                                unsigned char
                                                                *sig,
                                                                size_t *siglen,
                                                                const unsigned
                                                                char *tbs,
                                                                size_t tbslen));
 void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
                                int (**psignctx_init) (EVP_PKEY_CTX *ctx,
                                                       EVP_MD_CTX *mctx),
                                int (**psignctx) (EVP_PKEY_CTX *ctx,
                                                  unsigned char *sig,
                                                  size_t *siglen,
                                                  EVP_MD_CTX *mctx));
 void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
                                  int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
                                                           EVP_MD_CTX *mctx),
                                  int (**pverifyctx) (EVP_PKEY_CTX *ctx,
                                                      const unsigned char *sig,
                                                      int siglen,
                                                      EVP_MD_CTX *mctx));
 void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
                                int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
                                int (**pencryptfn) (EVP_PKEY_CTX *ctx,
                                                    unsigned char *out,
                                                    size_t *outlen,
                                                    const unsigned char *in,
                                                    size_t inlen));
 void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
                                int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
                                int (**pdecrypt) (EVP_PKEY_CTX *ctx,
                                                  unsigned char *out,
                                                  size_t *outlen,
                                                  const unsigned char *in,
                                                  size_t inlen));
 void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
                               int (**pderive_init) (EVP_PKEY_CTX *ctx),
                               int (**pderive) (EVP_PKEY_CTX *ctx,
                                                unsigned char *key,
                                                size_t *keylen));
 void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
                             int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
                                            void *p2),
                             int (**pctrl_str) (EVP_PKEY_CTX *ctx,
                                                const char *type,
                                                const char *value));
 void EVP_PKEY_meth_get_digestsign(const EVP_PKEY_METHOD *pmeth,
                                   int (**digestsign) (EVP_MD_CTX *ctx,
                                                       unsigned char *sig,
                                                       size_t *siglen,
                                                       const unsigned char *tbs,
                                                       size_t tbslen));
 void EVP_PKEY_meth_get_digestverify(const EVP_PKEY_METHOD *pmeth,
                                     int (**digestverify) (EVP_MD_CTX *ctx,
                                                           const unsigned char *sig,
                                                           size_t siglen,
                                                           const unsigned char *tbs,
                                                           size_t tbslen));
 void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
                              int (**pcheck) (EVP_PKEY *pkey));
 void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
                                     int (**pcheck) (EVP_PKEY *pkey));
 void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
                                    int (**pcheck) (EVP_PKEY *pkey));
 void EVP_PKEY_meth_get_digest_custom(const EVP_PKEY_METHOD *pmeth,
                                     int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
                                                             EVP_MD_CTX *mctx));

=head1 DESCRIPTION

All of the functions described on this page are deprecated.
Applications should instead use the OSSL_PROVIDER APIs.

B<EVP_PKEY_METHOD> is a structure which holds a set of methods for a
specific public key cryptographic algorithm. Those methods are usually
used to perform different jobs, such as generating a key, signing or
verifying, encrypting or decrypting, etc.

There are two places where the B<EVP_PKEY_METHOD> objects are stored: one
is a built-in static array representing the standard methods for different
algorithms, and the other one is a stack of user-defined application-specific
methods, which can be manipulated by using L<EVP_PKEY_meth_add0(3)>.

The B<EVP_PKEY_METHOD> objects are usually referenced by B<EVP_PKEY_CTX>
objects.

=head2 Methods

The methods are the underlying implementations of a particular public key
algorithm present by the B<EVP_PKEY_CTX> object.

 int (*init) (EVP_PKEY_CTX *ctx);
 int (*copy) (EVP_PKEY_CTX *dst, const EVP_PKEY_CTX *src);
 void (*cleanup) (EVP_PKEY_CTX *ctx);

The init() method is called to initialize algorithm-specific data when a new
B<EVP_PKEY_CTX> is created. As opposed to init(), the cleanup() method is called
when an B<EVP_PKEY_CTX> is freed. The copy() method is called when an B<EVP_PKEY_CTX>
is being duplicated. Refer to L<EVP_PKEY_CTX_new(3)>, L<EVP_PKEY_CTX_new_id(3)>,
L<EVP_PKEY_CTX_free(3)> and L<EVP_PKEY_CTX_dup(3)>.

 int (*paramgen_init) (EVP_PKEY_CTX *ctx);
 int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);

The paramgen_init() and paramgen() methods deal with key parameter generation.
They are called by L<EVP_PKEY_paramgen_init(3)> and L<EVP_PKEY_paramgen(3)> to
handle the parameter generation process.

 int (*keygen_init) (EVP_PKEY_CTX *ctx);
 int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);

The keygen_init() and keygen() methods are used to generate the actual key for
the specified algorithm. They are called by L<EVP_PKEY_keygen_init(3)> and
L<EVP_PKEY_keygen(3)>.

 int (*sign_init) (EVP_PKEY_CTX *ctx);
 int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
              const unsigned char *tbs, size_t tbslen);

The sign_init() and sign() methods are used to generate the signature of a
piece of data using a private key. They are called by L<EVP_PKEY_sign_init(3)>
and L<EVP_PKEY_sign(3)>.

 int (*verify_init) (EVP_PKEY_CTX *ctx);
 int (*verify) (EVP_PKEY_CTX *ctx,
                const unsigned char *sig, size_t siglen,
                const unsigned char *tbs, size_t tbslen);

The verify_init() and verify() methods are used to verify whether a signature is
valid. They are called by L<EVP_PKEY_verify_init(3)> and L<EVP_PKEY_verify(3)>.

 int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
 int (*verify_recover) (EVP_PKEY_CTX *ctx,
                        unsigned char *rout, size_t *routlen,
                        const unsigned char *sig, size_t siglen);

The verify_recover_init() and verify_recover() methods are used to verify a
signature and then recover the digest from the signature (for instance, a
signature that was generated by RSA signing algorithm). They are called by
L<EVP_PKEY_verify_recover_init(3)> and L<EVP_PKEY_verify_recover(3)>.

 int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
 int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
                 EVP_MD_CTX *mctx);

The signctx_init() and signctx() methods are used to sign a digest present by
a B<EVP_MD_CTX> object. They are called by the EVP_DigestSign functions. See
L<EVP_DigestSignInit(3)> for details.

 int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
 int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
                   EVP_MD_CTX *mctx);

The verifyctx_init() and verifyctx() methods are used to verify a signature
against the data in a B<EVP_MD_CTX> object. They are called by the various
EVP_DigestVerify functions. See L<EVP_DigestVerifyInit(3)> for details.

 int (*encrypt_init) (EVP_PKEY_CTX *ctx);
 int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
                 const unsigned char *in, size_t inlen);

The encrypt_init() and encrypt() methods are used to encrypt a piece of data.
They are called by L<EVP_PKEY_encrypt_init(3)> and L<EVP_PKEY_encrypt(3)>.

 int (*decrypt_init) (EVP_PKEY_CTX *ctx);
 int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
                 const unsigned char *in, size_t inlen);

The decrypt_init() and decrypt() methods are used to decrypt a piece of data.
They are called by L<EVP_PKEY_decrypt_init(3)> and L<EVP_PKEY_decrypt(3)>.

 int (*derive_init) (EVP_PKEY_CTX *ctx);
 int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);

The derive_init() and derive() methods are used to derive the shared secret
from a public key algorithm (for instance, the DH algorithm). They are called by
L<EVP_PKEY_derive_init(3)> and L<EVP_PKEY_derive(3)>.

 int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
 int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);

The ctrl() and ctrl_str() methods are used to adjust algorithm-specific
settings. See L<EVP_PKEY_CTX_ctrl(3)> and related functions for details.

 int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
                    const unsigned char *tbs, size_t tbslen);
 int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
                      size_t siglen, const unsigned char *tbs,
                      size_t tbslen);

The digestsign() and digestverify() methods are used to generate or verify
a signature in a one-shot mode. They could be called by L<EVP_DigestSign(3)>
and L<EVP_DigestVerify(3)>.

 int (*check) (EVP_PKEY *pkey);
 int (*public_check) (EVP_PKEY *pkey);
 int (*param_check) (EVP_PKEY *pkey);

The check(), public_check() and param_check() methods are used to validate a
key-pair, the public component and parameters respectively for a given B<pkey>.
They could be called by L<EVP_PKEY_check(3)>, L<EVP_PKEY_public_check(3)> and
L<EVP_PKEY_param_check(3)> respectively.

 int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);

The digest_custom() method is used to generate customized digest content before
the real message is passed to functions like L<EVP_DigestSignUpdate(3)> or
L<EVP_DigestVerifyInit(3)>. This is usually required by some public key
signature algorithms like SM2 which requires a hashed prefix to the message to
be signed. The digest_custom() function will be called by L<EVP_DigestSignInit(3)>
and L<EVP_DigestVerifyInit(3)>.

=head2 Functions

EVP_PKEY_meth_new() creates and returns a new B<EVP_PKEY_METHOD> object,
and associates the given B<id> and B<flags>. The following flags are
supported:

 EVP_PKEY_FLAG_AUTOARGLEN
 EVP_PKEY_FLAG_SIGCTX_CUSTOM

If an B<EVP_PKEY_METHOD> is set with the B<EVP_PKEY_FLAG_AUTOARGLEN> flag, the
maximum size of the output buffer will be automatically calculated or checked
in corresponding EVP methods by the EVP framework. Thus the implementations of
these methods don't need to care about handling the case of returning output
buffer size by themselves. For details on the output buffer size, refer to
L<EVP_PKEY_sign(3)>.

The B<EVP_PKEY_FLAG_SIGCTX_CUSTOM> is used to indicate the signctx() method
of an B<EVP_PKEY_METHOD> is always called by the EVP framework while doing a
digest signing operation by calling L<EVP_DigestSignFinal(3)>.

EVP_PKEY_meth_free() frees an existing B<EVP_PKEY_METHOD> pointed by
B<pmeth>.

EVP_PKEY_meth_copy() copies an B<EVP_PKEY_METHOD> object from B<src>
to B<dst>.

EVP_PKEY_meth_find() finds an B<EVP_PKEY_METHOD> object with the B<id>.
This function first searches through the user-defined method objects and
then the built-in objects.

EVP_PKEY_meth_add0() adds B<pmeth> to the user defined stack of methods.

EVP_PKEY_meth_remove() removes an B<EVP_PKEY_METHOD> object added by
EVP_PKEY_meth_add0().

The EVP_PKEY_meth_set functions set the corresponding fields of
B<EVP_PKEY_METHOD> structure with the arguments passed.

The EVP_PKEY_meth_get functions get the corresponding fields of
B<EVP_PKEY_METHOD> structure to the arguments provided.

=head1 RETURN VALUES

EVP_PKEY_meth_new() returns a pointer to a new B<EVP_PKEY_METHOD>
object or returns NULL on error.

EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.

EVP_PKEY_meth_find() returns a pointer to the found B<EVP_PKEY_METHOD>
object or returns NULL if not found.

EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0
if an error occurred.

EVP_PKEY_meth_remove() returns 1 if method is removed successfully or
0 if an error occurred.

All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return
values. For the 'get' functions, function pointers are returned by
arguments.

=head1 HISTORY

All of these functions were deprecated in OpenSSL 3.0.

The signature of the I<copy> functional argument of EVP_PKEY_meth_set_copy()
has changed in OpenSSL 3.0 so its I<src> parameter is now constified.

=head1 COPYRIGHT

Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License").  You may not use
this file except in compliance with the License.  You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.

=cut
Commit	Line	Data
43f985fd PY	1	=pod
	2
	3	=head1 NAME
	4
	5	EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find,
	6	EVP_PKEY_meth_add0, EVP_PKEY_METHOD,
	7	EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup,
	8	EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign,
	9	EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx,
	10	EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt,
2555285f AH	11	EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl,
	12	EVP_PKEY_meth_set_digestsign, EVP_PKEY_meth_set_digestverify,
	13	EVP_PKEY_meth_set_check,
b0004708	14	EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check,
675f4cee	15	EVP_PKEY_meth_set_digest_custom,
43f985fd PY	16	EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup,
	17	EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign,
	18	EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx,
	19	EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt,
2555285f AH	20	EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl,
	21	EVP_PKEY_meth_get_digestsign, EVP_PKEY_meth_get_digestverify,
	22	EVP_PKEY_meth_get_check,
b0004708	23	EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check,
675f4cee	24	EVP_PKEY_meth_get_digest_custom,
0822e89a	25	EVP_PKEY_meth_remove
43f985fd PY	26	- manipulating EVP_PKEY_METHOD structure
	27
	28	=head1 SYNOPSIS
	29
	30	#include <openssl/evp.h>
	31
41bbba53 P	32	Deprecated since OpenSSL 3.0, can be hidden entirely by defining
	33	B<OPENSSL_API_COMPAT> with a suitable version value, see
	34	L<openssl_user_macros(7)>:
	35
43f985fd PY	36	typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
	37
	38	EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
	39	void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
	40	void EVP_PKEY_meth_copy(EVP_PKEY_METHOD dst, const EVP_PKEY_METHOD src);
	41	const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
	42	int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
0822e89a	43	int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
43f985fd PY	44
	45	void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
	46	int (init) (EVP_PKEY_CTX ctx));
	47	void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
	48	int (copy) (EVP_PKEY_CTX dst,
9ac653d8	49	const EVP_PKEY_CTX *src));
43f985fd PY	50	void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
	51	void (cleanup) (EVP_PKEY_CTX ctx));
	52	void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
	53	int (paramgen_init) (EVP_PKEY_CTX ctx),
	54	int (paramgen) (EVP_PKEY_CTX ctx,
	55	EVP_PKEY *pkey));
	56	void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
	57	int (keygen_init) (EVP_PKEY_CTX ctx),
	58	int (keygen) (EVP_PKEY_CTX ctx,
	59	EVP_PKEY *pkey));
	60	void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
	61	int (sign_init) (EVP_PKEY_CTX ctx),
	62	int (sign) (EVP_PKEY_CTX ctx,
	63	unsigned char sig, size_t siglen,
	64	const unsigned char *tbs,
	65	size_t tbslen));
	66	void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
	67	int (verify_init) (EVP_PKEY_CTX ctx),
	68	int (verify) (EVP_PKEY_CTX ctx,
	69	const unsigned char *sig,
	70	size_t siglen,
	71	const unsigned char *tbs,
	72	size_t tbslen));
	73	void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
	74	int (*verify_recover_init) (EVP_PKEY_CTX
	75	*ctx),
	76	int (*verify_recover) (EVP_PKEY_CTX
	77	*ctx,
	78	unsigned char
	79	*sig,
	80	size_t *siglen,
	81	const unsigned
	82	char *tbs,
	83	size_t tbslen));
	84	void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
	85	int (signctx_init) (EVP_PKEY_CTX ctx,
	86	EVP_MD_CTX *mctx),
	87	int (signctx) (EVP_PKEY_CTX ctx,
	88	unsigned char *sig,
	89	size_t *siglen,
	90	EVP_MD_CTX *mctx));
	91	void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
	92	int (verifyctx_init) (EVP_PKEY_CTX ctx,
	93	EVP_MD_CTX *mctx),
	94	int (verifyctx) (EVP_PKEY_CTX ctx,
	95	const unsigned char *sig,
	96	int siglen,
	97	EVP_MD_CTX *mctx));
	98	void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
	99	int (encrypt_init) (EVP_PKEY_CTX ctx),
	100	int (encryptfn) (EVP_PKEY_CTX ctx,
	101	unsigned char *out,
	102	size_t *outlen,
	103	const unsigned char *in,
	104	size_t inlen));
	105	void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
	106	int (decrypt_init) (EVP_PKEY_CTX ctx),
	107	int (decrypt) (EVP_PKEY_CTX ctx,
	108	unsigned char *out,
	109	size_t *outlen,
	110	const unsigned char *in,
	111	size_t inlen));
	112	void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
	113	int (derive_init) (EVP_PKEY_CTX ctx),
114	int (derive) (EVP_PKEY_CTX ctx,
115	unsigned char *key,
116	size_t *keylen));
117	void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
118	int (ctrl) (EVP_PKEY_CTX ctx, int type, int p1,
119	void *p2),
120	int (ctrl_str) (EVP_PKEY_CTX ctx,
121	const char *type,
122	const char *value));
2555285f AH	123	void EVP_PKEY_meth_set_digestsign(EVP_PKEY_METHOD *pmeth,
	124	int (digestsign) (EVP_MD_CTX ctx,
	125	unsigned char *sig,
	126	size_t *siglen,
	127	const unsigned char *tbs,
	128	size_t tbslen));
	129	void EVP_PKEY_meth_set_digestverify(EVP_PKEY_METHOD *pmeth,
	130	int (digestverify) (EVP_MD_CTX ctx,
	131	const unsigned char *sig,
	132	size_t siglen,
	133	const unsigned char *tbs,
	134	size_t tbslen));
2aee35d3 PY	135	void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
2aee35d3 PY	136	int (check) (EVP_PKEY pkey));
b0004708 PY	137	void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
	138	int (check) (EVP_PKEY pkey));
	139	void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
	140	int (check) (EVP_PKEY pkey));
675f4cee PY	141	void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
	142	int (digest_custom) (EVP_PKEY_CTX ctx,
	143	EVP_MD_CTX *mctx));
43f985fd	144
693be9a2	145	void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
43f985fd	146	int (*pinit) (EVP_PKEY_CTX ctx));
693be9a2	147	void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
43f985fd PY	148	int (*pcopy) (EVP_PKEY_CTX dst,
43f985fd PY	149	EVP_PKEY_CTX *src));
693be9a2	150	void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
43f985fd	151	void (*pcleanup) (EVP_PKEY_CTX ctx));
693be9a2	152	void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
43f985fd PY	153	int (*pparamgen_init) (EVP_PKEY_CTX ctx),
	154	int (*pparamgen) (EVP_PKEY_CTX ctx,
	155	EVP_PKEY *pkey));
693be9a2	156	void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
43f985fd PY	157	int (*pkeygen_init) (EVP_PKEY_CTX ctx),
	158	int (*pkeygen) (EVP_PKEY_CTX ctx,
	159	EVP_PKEY *pkey));
693be9a2	160	void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
43f985fd PY	161	int (*psign_init) (EVP_PKEY_CTX ctx),
	162	int (*psign) (EVP_PKEY_CTX ctx,
	163	unsigned char sig, size_t siglen,
	164	const unsigned char *tbs,
	165	size_t tbslen));
693be9a2	166	void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
43f985fd PY	167	int (*pverify_init) (EVP_PKEY_CTX ctx),
	168	int (*pverify) (EVP_PKEY_CTX ctx,
	169	const unsigned char *sig,
	170	size_t siglen,
	171	const unsigned char *tbs,
	172	size_t tbslen));
693be9a2	173	void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
43f985fd PY	174	int (**pverify_recover_init) (EVP_PKEY_CTX
	175	*ctx),
	176	int (**pverify_recover) (EVP_PKEY_CTX
	177	*ctx,
	178	unsigned char
	179	*sig,
	180	size_t *siglen,
	181	const unsigned
	182	char *tbs,
	183	size_t tbslen));
693be9a2	184	void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
43f985fd PY	185	int (*psignctx_init) (EVP_PKEY_CTX ctx,
	186	EVP_MD_CTX *mctx),
	187	int (*psignctx) (EVP_PKEY_CTX ctx,
	188	unsigned char *sig,
	189	size_t *siglen,
	190	EVP_MD_CTX *mctx));
693be9a2	191	void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
43f985fd PY	192	int (*pverifyctx_init) (EVP_PKEY_CTX ctx,
	193	EVP_MD_CTX *mctx),
	194	int (*pverifyctx) (EVP_PKEY_CTX ctx,
	195	const unsigned char *sig,
	196	int siglen,
	197	EVP_MD_CTX *mctx));
693be9a2	198	void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
43f985fd PY	199	int (*pencrypt_init) (EVP_PKEY_CTX ctx),
	200	int (*pencryptfn) (EVP_PKEY_CTX ctx,
	201	unsigned char *out,
	202	size_t *outlen,
	203	const unsigned char *in,
	204	size_t inlen));
693be9a2	205	void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
43f985fd PY	206	int (*pdecrypt_init) (EVP_PKEY_CTX ctx),
	207	int (*pdecrypt) (EVP_PKEY_CTX ctx,
	208	unsigned char *out,
	209	size_t *outlen,
	210	const unsigned char *in,
	211	size_t inlen));
693be9a2	212	void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
43f985fd PY	213	int (*pderive_init) (EVP_PKEY_CTX ctx),
	214	int (*pderive) (EVP_PKEY_CTX ctx,
	215	unsigned char *key,
	216	size_t *keylen));
693be9a2	217	void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
43f985fd PY	218	int (*pctrl) (EVP_PKEY_CTX ctx, int type, int p1,
	219	void *p2),
	220	int (*pctrl_str) (EVP_PKEY_CTX ctx,
	221	const char *type,
	222	const char *value));
c6fcd88f	223	void EVP_PKEY_meth_get_digestsign(const EVP_PKEY_METHOD *pmeth,
2555285f AH	224	int (*digestsign) (EVP_MD_CTX ctx,
	225	unsigned char *sig,
	226	size_t *siglen,
	227	const unsigned char *tbs,
	228	size_t tbslen));
c6fcd88f	229	void EVP_PKEY_meth_get_digestverify(const EVP_PKEY_METHOD *pmeth,
2555285f AH	230	int (*digestverify) (EVP_MD_CTX ctx,
	231	const unsigned char *sig,
	232	size_t siglen,
	233	const unsigned char *tbs,
	234	size_t tbslen));
693be9a2	235	void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
2aee35d3	236	int (*pcheck) (EVP_PKEY pkey));
693be9a2	237	void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
b0004708	238	int (*pcheck) (EVP_PKEY pkey));
693be9a2	239	void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
b0004708	240	int (*pcheck) (EVP_PKEY pkey));
c6fcd88f	241	void EVP_PKEY_meth_get_digest_custom(const EVP_PKEY_METHOD *pmeth,
675f4cee PY	242	int (*pdigest_custom) (EVP_PKEY_CTX ctx,
675f4cee PY	243	EVP_MD_CTX *mctx));
43f985fd PY	244
	245	=head1 DESCRIPTION
	246
41bbba53 P	247	All of the functions described on this page are deprecated.
	248	Applications should instead use the OSSL_PROVIDER APIs.
	249
43f985fd PY	250	B<EVP_PKEY_METHOD> is a structure which holds a set of methods for a
	251	specific public key cryptographic algorithm. Those methods are usually
	252	used to perform different jobs, such as generating a key, signing or
	253	verifying, encrypting or decrypting, etc.
	254
	255	There are two places where the B<EVP_PKEY_METHOD> objects are stored: one
	256	is a built-in static array representing the standard methods for different
	257	algorithms, and the other one is a stack of user-defined application-specific
	258	methods, which can be manipulated by using L<EVP_PKEY_meth_add0(3)>.
	259
	260	The B<EVP_PKEY_METHOD> objects are usually referenced by B<EVP_PKEY_CTX>
	261	objects.
	262
	263	=head2 Methods
	264
	265	The methods are the underlying implementations of a particular public key
	266	algorithm present by the B<EVP_PKEY_CTX> object.
	267
	268	int (init) (EVP_PKEY_CTX ctx);
9ac653d8	269	int (copy) (EVP_PKEY_CTX dst, const EVP_PKEY_CTX *src);
43f985fd PY	270	void (cleanup) (EVP_PKEY_CTX ctx);
	271
	272	The init() method is called to initialize algorithm-specific data when a new
	273	B<EVP_PKEY_CTX> is created. As opposed to init(), the cleanup() method is called
	274	when an B<EVP_PKEY_CTX> is freed. The copy() method is called when an B<EVP_PKEY_CTX>
	275	is being duplicated. Refer to L<EVP_PKEY_CTX_new(3)>, L<EVP_PKEY_CTX_new_id(3)>,
	276	L<EVP_PKEY_CTX_free(3)> and L<EVP_PKEY_CTX_dup(3)>.
	277
	278	int (paramgen_init) (EVP_PKEY_CTX ctx);
	279	int (paramgen) (EVP_PKEY_CTX ctx, EVP_PKEY *pkey);
	280
	281	The paramgen_init() and paramgen() methods deal with key parameter generation.
	282	They are called by L<EVP_PKEY_paramgen_init(3)> and L<EVP_PKEY_paramgen(3)> to
	283	handle the parameter generation process.
	284
	285	int (keygen_init) (EVP_PKEY_CTX ctx);
	286	int (keygen) (EVP_PKEY_CTX ctx, EVP_PKEY *pkey);
	287
	288	The keygen_init() and keygen() methods are used to generate the actual key for
	289	the specified algorithm. They are called by L<EVP_PKEY_keygen_init(3)> and
	290	L<EVP_PKEY_keygen(3)>.
	291
	292	int (sign_init) (EVP_PKEY_CTX ctx);
	293	int (sign) (EVP_PKEY_CTX ctx, unsigned char sig, size_t siglen,
	294	const unsigned char *tbs, size_t tbslen);
	295
	296	The sign_init() and sign() methods are used to generate the signature of a
	297	piece of data using a private key. They are called by L<EVP_PKEY_sign_init(3)>
	298	and L<EVP_PKEY_sign(3)>.
	299
	300	int (verify_init) (EVP_PKEY_CTX ctx);
	301	int (verify) (EVP_PKEY_CTX ctx,
	302	const unsigned char *sig, size_t siglen,
	303	const unsigned char *tbs, size_t tbslen);
	304
	305	The verify_init() and verify() methods are used to verify whether a signature is
	306	valid. They are called by L<EVP_PKEY_verify_init(3)> and L<EVP_PKEY_verify(3)>.
	307
	308	int (verify_recover_init) (EVP_PKEY_CTX ctx);
	309	int (verify_recover) (EVP_PKEY_CTX ctx,
	310	unsigned char rout, size_t routlen,
	311	const unsigned char *sig, size_t siglen);
	312
	313	The verify_recover_init() and verify_recover() methods are used to verify a
	314	signature and then recover the digest from the signature (for instance, a
	315	signature that was generated by RSA signing algorithm). They are called by
	316	L<EVP_PKEY_verify_recover_init(3)> and L<EVP_PKEY_verify_recover(3)>.
	317
	318	int (signctx_init) (EVP_PKEY_CTX ctx, EVP_MD_CTX *mctx);
	319	int (signctx) (EVP_PKEY_CTX ctx, unsigned char sig, size_t siglen,
	320	EVP_MD_CTX *mctx);
	321
	322	The signctx_init() and signctx() methods are used to sign a digest present by
	323	a B<EVP_MD_CTX> object. They are called by the EVP_DigestSign functions. See
260a16f3	324	L<EVP_DigestSignInit(3)> for details.
43f985fd PY	325
	326	int (verifyctx_init) (EVP_PKEY_CTX ctx, EVP_MD_CTX *mctx);
	327	int (verifyctx) (EVP_PKEY_CTX ctx, const unsigned char *sig, int siglen,
	328	EVP_MD_CTX *mctx);
	329
	330	The verifyctx_init() and verifyctx() methods are used to verify a signature
	331	against the data in a B<EVP_MD_CTX> object. They are called by the various
260a16f3	332	EVP_DigestVerify functions. See L<EVP_DigestVerifyInit(3)> for details.
43f985fd PY	333
	334	int (encrypt_init) (EVP_PKEY_CTX ctx);
	335	int (encrypt) (EVP_PKEY_CTX ctx, unsigned char out, size_t outlen,
	336	const unsigned char *in, size_t inlen);
	337
	338	The encrypt_init() and encrypt() methods are used to encrypt a piece of data.
	339	They are called by L<EVP_PKEY_encrypt_init(3)> and L<EVP_PKEY_encrypt(3)>.
	340
	341	int (decrypt_init) (EVP_PKEY_CTX ctx);
	342	int (decrypt) (EVP_PKEY_CTX ctx, unsigned char out, size_t outlen,
	343	const unsigned char *in, size_t inlen);
	344
	345	The decrypt_init() and decrypt() methods are used to decrypt a piece of data.
	346	They are called by L<EVP_PKEY_decrypt_init(3)> and L<EVP_PKEY_decrypt(3)>.
	347
	348	int (derive_init) (EVP_PKEY_CTX ctx);
	349	int (derive) (EVP_PKEY_CTX ctx, unsigned char key, size_t keylen);
	350
	351	The derive_init() and derive() methods are used to derive the shared secret
	352	from a public key algorithm (for instance, the DH algorithm). They are called by
	353	L<EVP_PKEY_derive_init(3)> and L<EVP_PKEY_derive(3)>.
	354
	355	int (ctrl) (EVP_PKEY_CTX ctx, int type, int p1, void *p2);
	356	int (ctrl_str) (EVP_PKEY_CTX ctx, const char type, const char value);
	357
	358	The ctrl() and ctrl_str() methods are used to adjust algorithm-specific
260a16f3	359	settings. See L<EVP_PKEY_CTX_ctrl(3)> and related functions for details.
43f985fd PY	360
	361	int (digestsign) (EVP_MD_CTX ctx, unsigned char sig, size_t siglen,
	362	const unsigned char *tbs, size_t tbslen);
	363	int (digestverify) (EVP_MD_CTX ctx, const unsigned char *sig,
	364	size_t siglen, const unsigned char *tbs,
	365	size_t tbslen);
	366
	367	The digestsign() and digestverify() methods are used to generate or verify
260a16f3	368	a signature in a one-shot mode. They could be called by L<EVP_DigestSign(3)>
43f985fd PY	369	and L<EVP_DigestVerify(3)>.
43f985fd PY	370
2aee35d3	371	int (check) (EVP_PKEY pkey);
b0004708 PY	372	int (public_check) (EVP_PKEY pkey);
b0004708 PY	373	int (param_check) (EVP_PKEY pkey);
2aee35d3	374
b0004708 PY	375	The check(), public_check() and param_check() methods are used to validate a
	376	key-pair, the public component and parameters respectively for a given B<pkey>.
	377	They could be called by L<EVP_PKEY_check(3)>, L<EVP_PKEY_public_check(3)> and
	378	L<EVP_PKEY_param_check(3)> respectively.
2aee35d3	379
675f4cee PY	380	int (digest_custom) (EVP_PKEY_CTX ctx, EVP_MD_CTX *mctx);
	381
	382	The digest_custom() method is used to generate customized digest content before
	383	the real message is passed to functions like L<EVP_DigestSignUpdate(3)> or
	384	L<EVP_DigestVerifyInit(3)>. This is usually required by some public key
	385	signature algorithms like SM2 which requires a hashed prefix to the message to
f922dac8 PY	386	be signed. The digest_custom() function will be called by L<EVP_DigestSignInit(3)>
f922dac8 PY	387	and L<EVP_DigestVerifyInit(3)>.
675f4cee	388
43f985fd PY	389	=head2 Functions
	390
	391	EVP_PKEY_meth_new() creates and returns a new B<EVP_PKEY_METHOD> object,
	392	and associates the given B<id> and B<flags>. The following flags are
	393	supported:
	394
	395	EVP_PKEY_FLAG_AUTOARGLEN
	396	EVP_PKEY_FLAG_SIGCTX_CUSTOM
	397
	398	If an B<EVP_PKEY_METHOD> is set with the B<EVP_PKEY_FLAG_AUTOARGLEN> flag, the
	399	maximum size of the output buffer will be automatically calculated or checked
	400	in corresponding EVP methods by the EVP framework. Thus the implementations of
	401	these methods don't need to care about handling the case of returning output
	402	buffer size by themselves. For details on the output buffer size, refer to
	403	L<EVP_PKEY_sign(3)>.
	404
	405	The B<EVP_PKEY_FLAG_SIGCTX_CUSTOM> is used to indicate the signctx() method
	406	of an B<EVP_PKEY_METHOD> is always called by the EVP framework while doing a
	407	digest signing operation by calling L<EVP_DigestSignFinal(3)>.
	408
	409	EVP_PKEY_meth_free() frees an existing B<EVP_PKEY_METHOD> pointed by
	410	B<pmeth>.
	411
	412	EVP_PKEY_meth_copy() copies an B<EVP_PKEY_METHOD> object from B<src>
	413	to B<dst>.
	414
	415	EVP_PKEY_meth_find() finds an B<EVP_PKEY_METHOD> object with the B<id>.
	416	This function first searches through the user-defined method objects and
	417	then the built-in objects.
	418
	419	EVP_PKEY_meth_add0() adds B<pmeth> to the user defined stack of methods.
	420
0822e89a	421	EVP_PKEY_meth_remove() removes an B<EVP_PKEY_METHOD> object added by
a8f730d5	422	EVP_PKEY_meth_add0().
0822e89a	423
43f985fd PY	424	The EVP_PKEY_meth_set functions set the corresponding fields of
	425	B<EVP_PKEY_METHOD> structure with the arguments passed.
	426
	427	The EVP_PKEY_meth_get functions get the corresponding fields of
	428	B<EVP_PKEY_METHOD> structure to the arguments provided.
	429
	430	=head1 RETURN VALUES
	431
	432	EVP_PKEY_meth_new() returns a pointer to a new B<EVP_PKEY_METHOD>
	433	object or returns NULL on error.
	434
	435	EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.
	436
	437	EVP_PKEY_meth_find() returns a pointer to the found B<EVP_PKEY_METHOD>
	438	object or returns NULL if not found.
	439
	440	EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0
	441	if an error occurred.
	442
0822e89a PY	443	EVP_PKEY_meth_remove() returns 1 if method is removed successfully or
	444	0 if an error occurred.
	445
43f985fd PY	446	All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return
	447	values. For the 'get' functions, function pointers are returned by
	448	arguments.
	449
41bbba53 P	450	=head1 HISTORY
	451
	452	All of these functions were deprecated in OpenSSL 3.0.
	453
9ac653d8 TM	454	The signature of the I<copy> functional argument of EVP_PKEY_meth_set_copy()
	455	has changed in OpenSSL 3.0 so its I<src> parameter is now constified.
	456
43f985fd PY	457	=head1 COPYRIGHT
43f985fd PY	458
aff636a4	459	Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved.
43f985fd	460
4746f25a	461	Licensed under the Apache License 2.0 (the "License"). You may not use
43f985fd PY	462	this file except in compliance with the License. You can obtain a copy
	463	in the file LICENSE in the source distribution or at
	464	L<https://www.openssl.org/source/license.html>.
	465
	466	=cut