[thirdparty/openssl.git] / doc / man3 / EVP_PKEY_is_a.pod

=pod

=head1 NAME

EVP_PKEY_is_a, EVP_PKEY_can_sign, EVP_PKEY_get0_first_alg_name
- key type and capabilities functions

=head1 SYNOPSIS

 #include <openssl/evp.h>

 int EVP_PKEY_is_a(const EVP_PKEY *pkey, const char *name);
 int EVP_PKEY_can_sign(const EVP_PKEY *pkey);
 const char *EVP_PKEY_get0_first_alg_name(const EVP_PKEY *key);


=head1 DESCRIPTION

EVP_PKEY_is_a() checks if the key type of I<pkey> is I<name>.

EVP_PKEY_can_sign() checks if the functionality for the key type of
I<pkey> supports signing.  No other check is done, such as whether
I<pkey> contains a private key.

EVP_PKEY_get0_first_alg_name() returns the first algorithm name that is found
for the given I<pkey>. Note that the I<pkey> may have multiple synonyms
associated with it. In this case it is undefined which one will be returned.
Ownership of the returned string is retained by the I<pkey> object and should
not be freed by the caller.

=head1 RETURN VALUES

EVP_PKEY_is_a() returns 1 if I<pkey> has the key type I<name>,
otherwise 0.

EVP_PKEY_can_sign() returns 1 if the I<pkey> key type functionality
supports signing, otherwise 0.

EVP_PKEY_get0_first_alg_name() returns the name that is found or NULL on error.

=head1 EXAMPLES

=head2 EVP_PKEY_is_a()

The loaded providers and what key types they support will ultimately
determine what I<name> is possible to use with EVP_PKEY_is_a().  We do know
that the default provider supports RSA, DH, DSA and EC keys, so we can use
this as an crude example:

 #include <openssl/evp.h>

 ...
     /* |pkey| is an EVP_PKEY* */
     if (EVP_PKEY_is_a(pkey, "RSA")) {
         BIGNUM *modulus = NULL;
         if (EVP_PKEY_get_bn_param(pkey, "n", &modulus))
             /* do whatever with the modulus */
         BN_free(modulus);
     }

=head2 EVP_PKEY_can_sign()

 #include <openssl/evp.h>

 ...
     /* |pkey| is an EVP_PKEY* */
     if (!EVP_PKEY_can_sign(pkey)) {
         fprintf(stderr, "Not a signing key!");
         exit(1);
     }
     /* Sign something... */

=head1 HISTORY

The functions described here were added in OpenSSL 3.0.

=head1 COPYRIGHT

Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License").  You may not use
this file except in compliance with the License.  You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.

=cut
Commit	Line	Data
4f76d62f RL	1	=pod
	2
	3	=head1 NAME
	4
3f96b687	5	EVP_PKEY_is_a, EVP_PKEY_can_sign, EVP_PKEY_get0_first_alg_name
4f76d62f RL	6	- key type and capabilities functions
	7
	8	=head1 SYNOPSIS
	9
	10	#include <openssl/evp.h>
	11
	12	int EVP_PKEY_is_a(const EVP_PKEY pkey, const char name);
	13	int EVP_PKEY_can_sign(const EVP_PKEY *pkey);
3f96b687 MC	14	const char EVP_PKEY_get0_first_alg_name(const EVP_PKEY key);
3f96b687 MC	15
4f76d62f RL	16
	17	=head1 DESCRIPTION
	18
	19	EVP_PKEY_is_a() checks if the key type of I<pkey> is I<name>.
	20
	21	EVP_PKEY_can_sign() checks if the functionality for the key type of
	22	I<pkey> supports signing. No other check is done, such as whether
	23	I<pkey> contains a private key.
	24
3f96b687 MC	25	EVP_PKEY_get0_first_alg_name() returns the first algorithm name that is found
	26	for the given I<pkey>. Note that the I<pkey> may have multiple synonyms
	27	associated with it. In this case it is undefined which one will be returned.
	28	Ownership of the returned string is retained by the I<pkey> object and should
	29	not be freed by the caller.
	30
4f76d62f RL	31	=head1 RETURN VALUES
	32
	33	EVP_PKEY_is_a() returns 1 if I<pkey> has the key type I<name>,
	34	otherwise 0.
	35
	36	EVP_PKEY_can_sign() returns 1 if the I<pkey> key type functionality
	37	supports signing, otherwise 0.
	38
3f96b687 MC	39	EVP_PKEY_get0_first_alg_name() returns the name that is found or NULL on error.
3f96b687 MC	40
4f76d62f RL	41	=head1 EXAMPLES
	42
	43	=head2 EVP_PKEY_is_a()
	44
	45	The loaded providers and what key types they support will ultimately
	46	determine what I<name> is possible to use with EVP_PKEY_is_a(). We do know
	47	that the default provider supports RSA, DH, DSA and EC keys, so we can use
	48	this as an crude example:
	49
	50	#include <openssl/evp.h>
	51
	52	...
	53	/* \|pkey\| is an EVP_PKEY* */
	54	if (EVP_PKEY_is_a(pkey, "RSA")) {
	55	BIGNUM *modulus = NULL;
	56	if (EVP_PKEY_get_bn_param(pkey, "n", &modulus))
	57	/* do whatever with the modulus */
	58	BN_free(modulus);
	59	}
	60
	61	=head2 EVP_PKEY_can_sign()
	62
	63	#include <openssl/evp.h>
	64
	65	...
	66	/* \|pkey\| is an EVP_PKEY* */
	67	if (!EVP_PKEY_can_sign(pkey)) {
	68	fprintf(stderr, "Not a signing key!");
	69	exit(1);
	70	}
	71	/* Sign something... */
	72
3f96b687 MC	73	=head1 HISTORY
	74
	75	The functions described here were added in OpenSSL 3.0.
	76
4f76d62f RL	77	=head1 COPYRIGHT
	78
	79	Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
	80
	81	Licensed under the Apache License 2.0 (the "License"). You may not use
	82	this file except in compliance with the License. You can obtain a copy
	83	in the file LICENSE in the source distribution or at
	84	L<https://www.openssl.org/source/license.html>.
	85
	86	=cut