]>
Commit | Line | Data |
---|---|---|
4f76d62f RL |
1 | =pod |
2 | ||
3 | =head1 NAME | |
4 | ||
3f96b687 | 5 | EVP_PKEY_is_a, EVP_PKEY_can_sign, EVP_PKEY_get0_first_alg_name |
4f76d62f RL |
6 | - key type and capabilities functions |
7 | ||
8 | =head1 SYNOPSIS | |
9 | ||
10 | #include <openssl/evp.h> | |
11 | ||
12 | int EVP_PKEY_is_a(const EVP_PKEY *pkey, const char *name); | |
13 | int EVP_PKEY_can_sign(const EVP_PKEY *pkey); | |
3f96b687 MC |
14 | const char *EVP_PKEY_get0_first_alg_name(const EVP_PKEY *key); |
15 | ||
4f76d62f RL |
16 | |
17 | =head1 DESCRIPTION | |
18 | ||
19 | EVP_PKEY_is_a() checks if the key type of I<pkey> is I<name>. | |
20 | ||
21 | EVP_PKEY_can_sign() checks if the functionality for the key type of | |
22 | I<pkey> supports signing. No other check is done, such as whether | |
23 | I<pkey> contains a private key. | |
24 | ||
3f96b687 MC |
25 | EVP_PKEY_get0_first_alg_name() returns the first algorithm name that is found |
26 | for the given I<pkey>. Note that the I<pkey> may have multiple synonyms | |
27 | associated with it. In this case it is undefined which one will be returned. | |
28 | Ownership of the returned string is retained by the I<pkey> object and should | |
29 | not be freed by the caller. | |
30 | ||
4f76d62f RL |
31 | =head1 RETURN VALUES |
32 | ||
33 | EVP_PKEY_is_a() returns 1 if I<pkey> has the key type I<name>, | |
34 | otherwise 0. | |
35 | ||
36 | EVP_PKEY_can_sign() returns 1 if the I<pkey> key type functionality | |
37 | supports signing, otherwise 0. | |
38 | ||
3f96b687 MC |
39 | EVP_PKEY_get0_first_alg_name() returns the name that is found or NULL on error. |
40 | ||
4f76d62f RL |
41 | =head1 EXAMPLES |
42 | ||
43 | =head2 EVP_PKEY_is_a() | |
44 | ||
45 | The loaded providers and what key types they support will ultimately | |
46 | determine what I<name> is possible to use with EVP_PKEY_is_a(). We do know | |
47 | that the default provider supports RSA, DH, DSA and EC keys, so we can use | |
48 | this as an crude example: | |
49 | ||
50 | #include <openssl/evp.h> | |
51 | ||
52 | ... | |
53 | /* |pkey| is an EVP_PKEY* */ | |
54 | if (EVP_PKEY_is_a(pkey, "RSA")) { | |
55 | BIGNUM *modulus = NULL; | |
56 | if (EVP_PKEY_get_bn_param(pkey, "n", &modulus)) | |
57 | /* do whatever with the modulus */ | |
58 | BN_free(modulus); | |
59 | } | |
60 | ||
61 | =head2 EVP_PKEY_can_sign() | |
62 | ||
63 | #include <openssl/evp.h> | |
64 | ||
65 | ... | |
66 | /* |pkey| is an EVP_PKEY* */ | |
67 | if (!EVP_PKEY_can_sign(pkey)) { | |
68 | fprintf(stderr, "Not a signing key!"); | |
69 | exit(1); | |
70 | } | |
71 | /* Sign something... */ | |
72 | ||
3f96b687 MC |
73 | =head1 HISTORY |
74 | ||
75 | The functions described here were added in OpenSSL 3.0. | |
76 | ||
4f76d62f RL |
77 | =head1 COPYRIGHT |
78 | ||
79 | Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. | |
80 | ||
81 | Licensed under the Apache License 2.0 (the "License"). You may not use | |
82 | this file except in compliance with the License. You can obtain a copy | |
83 | in the file LICENSE in the source distribution or at | |
84 | L<https://www.openssl.org/source/license.html>. | |
85 | ||
86 | =cut |