5 EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find,
6 EVP_PKEY_meth_add0, EVP_PKEY_METHOD,
7 EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup,
8 EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign,
9 EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx,
10 EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt,
11 EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl,
12 EVP_PKEY_meth_set_digestsign, EVP_PKEY_meth_set_digestverify,
13 EVP_PKEY_meth_set_check,
14 EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check,
15 EVP_PKEY_meth_set_digest_custom,
16 EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup,
17 EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign,
18 EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx,
19 EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt,
20 EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl,
21 EVP_PKEY_meth_get_digestsign, EVP_PKEY_meth_get_digestverify,
22 EVP_PKEY_meth_get_check,
23 EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check,
24 EVP_PKEY_meth_get_digest_custom,
26 - manipulating EVP_PKEY_METHOD structure
30 #include <openssl/evp.h>
32 typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
34 EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
35 void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
36 void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
37 const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
38 int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
39 int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
41 void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
42 int (*init) (EVP_PKEY_CTX *ctx));
43 void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
44 int (*copy) (EVP_PKEY_CTX *dst,
46 void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
47 void (*cleanup) (EVP_PKEY_CTX *ctx));
48 void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
49 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
50 int (*paramgen) (EVP_PKEY_CTX *ctx,
52 void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
53 int (*keygen_init) (EVP_PKEY_CTX *ctx),
54 int (*keygen) (EVP_PKEY_CTX *ctx,
56 void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
57 int (*sign_init) (EVP_PKEY_CTX *ctx),
58 int (*sign) (EVP_PKEY_CTX *ctx,
59 unsigned char *sig, size_t *siglen,
60 const unsigned char *tbs,
62 void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
63 int (*verify_init) (EVP_PKEY_CTX *ctx),
64 int (*verify) (EVP_PKEY_CTX *ctx,
65 const unsigned char *sig,
67 const unsigned char *tbs,
69 void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
70 int (*verify_recover_init) (EVP_PKEY_CTX
72 int (*verify_recover) (EVP_PKEY_CTX
80 void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
81 int (*signctx_init) (EVP_PKEY_CTX *ctx,
83 int (*signctx) (EVP_PKEY_CTX *ctx,
87 void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
88 int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
90 int (*verifyctx) (EVP_PKEY_CTX *ctx,
91 const unsigned char *sig,
94 void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
95 int (*encrypt_init) (EVP_PKEY_CTX *ctx),
96 int (*encryptfn) (EVP_PKEY_CTX *ctx,
99 const unsigned char *in,
101 void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
102 int (*decrypt_init) (EVP_PKEY_CTX *ctx),
103 int (*decrypt) (EVP_PKEY_CTX *ctx,
106 const unsigned char *in,
108 void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
109 int (*derive_init) (EVP_PKEY_CTX *ctx),
110 int (*derive) (EVP_PKEY_CTX *ctx,
113 void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
114 int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
116 int (*ctrl_str) (EVP_PKEY_CTX *ctx,
119 void EVP_PKEY_meth_set_digestsign(EVP_PKEY_METHOD *pmeth,
120 int (*digestsign) (EVP_MD_CTX *ctx,
123 const unsigned char *tbs,
125 void EVP_PKEY_meth_set_digestverify(EVP_PKEY_METHOD *pmeth,
126 int (*digestverify) (EVP_MD_CTX *ctx,
127 const unsigned char *sig,
129 const unsigned char *tbs,
131 void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
132 int (*check) (EVP_PKEY *pkey));
133 void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
134 int (*check) (EVP_PKEY *pkey));
135 void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
136 int (*check) (EVP_PKEY *pkey));
137 void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
138 int (*digest_custom) (EVP_PKEY_CTX *ctx,
141 void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
142 int (**pinit) (EVP_PKEY_CTX *ctx));
143 void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
144 int (**pcopy) (EVP_PKEY_CTX *dst,
146 void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
147 void (**pcleanup) (EVP_PKEY_CTX *ctx));
148 void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
149 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
150 int (**pparamgen) (EVP_PKEY_CTX *ctx,
152 void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
153 int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
154 int (**pkeygen) (EVP_PKEY_CTX *ctx,
156 void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
157 int (**psign_init) (EVP_PKEY_CTX *ctx),
158 int (**psign) (EVP_PKEY_CTX *ctx,
159 unsigned char *sig, size_t *siglen,
160 const unsigned char *tbs,
162 void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
163 int (**pverify_init) (EVP_PKEY_CTX *ctx),
164 int (**pverify) (EVP_PKEY_CTX *ctx,
165 const unsigned char *sig,
167 const unsigned char *tbs,
169 void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
170 int (**pverify_recover_init) (EVP_PKEY_CTX
172 int (**pverify_recover) (EVP_PKEY_CTX
180 void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
181 int (**psignctx_init) (EVP_PKEY_CTX *ctx,
183 int (**psignctx) (EVP_PKEY_CTX *ctx,
187 void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
188 int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
190 int (**pverifyctx) (EVP_PKEY_CTX *ctx,
191 const unsigned char *sig,
194 void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
195 int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
196 int (**pencryptfn) (EVP_PKEY_CTX *ctx,
199 const unsigned char *in,
201 void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
202 int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
203 int (**pdecrypt) (EVP_PKEY_CTX *ctx,
206 const unsigned char *in,
208 void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
209 int (**pderive_init) (EVP_PKEY_CTX *ctx),
210 int (**pderive) (EVP_PKEY_CTX *ctx,
213 void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
214 int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
216 int (**pctrl_str) (EVP_PKEY_CTX *ctx,
219 void EVP_PKEY_meth_get_digestsign(EVP_PKEY_METHOD *pmeth,
220 int (**digestsign) (EVP_MD_CTX *ctx,
223 const unsigned char *tbs,
225 void EVP_PKEY_meth_get_digestverify(EVP_PKEY_METHOD *pmeth,
226 int (**digestverify) (EVP_MD_CTX *ctx,
227 const unsigned char *sig,
229 const unsigned char *tbs,
231 void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
232 int (**pcheck) (EVP_PKEY *pkey));
233 void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
234 int (**pcheck) (EVP_PKEY *pkey));
235 void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
236 int (**pcheck) (EVP_PKEY *pkey));
237 void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
238 int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
243 B<EVP_PKEY_METHOD> is a structure which holds a set of methods for a
244 specific public key cryptographic algorithm. Those methods are usually
245 used to perform different jobs, such as generating a key, signing or
246 verifying, encrypting or decrypting, etc.
248 There are two places where the B<EVP_PKEY_METHOD> objects are stored: one
249 is a built-in static array representing the standard methods for different
250 algorithms, and the other one is a stack of user-defined application-specific
251 methods, which can be manipulated by using L<EVP_PKEY_meth_add0(3)>.
253 The B<EVP_PKEY_METHOD> objects are usually referenced by B<EVP_PKEY_CTX>
258 The methods are the underlying implementations of a particular public key
259 algorithm present by the B<EVP_PKEY_CTX> object.
261 int (*init) (EVP_PKEY_CTX *ctx);
262 int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
263 void (*cleanup) (EVP_PKEY_CTX *ctx);
265 The init() method is called to initialize algorithm-specific data when a new
266 B<EVP_PKEY_CTX> is created. As opposed to init(), the cleanup() method is called
267 when an B<EVP_PKEY_CTX> is freed. The copy() method is called when an B<EVP_PKEY_CTX>
268 is being duplicated. Refer to L<EVP_PKEY_CTX_new(3)>, L<EVP_PKEY_CTX_new_id(3)>,
269 L<EVP_PKEY_CTX_free(3)> and L<EVP_PKEY_CTX_dup(3)>.
271 int (*paramgen_init) (EVP_PKEY_CTX *ctx);
272 int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
274 The paramgen_init() and paramgen() methods deal with key parameter generation.
275 They are called by L<EVP_PKEY_paramgen_init(3)> and L<EVP_PKEY_paramgen(3)> to
276 handle the parameter generation process.
278 int (*keygen_init) (EVP_PKEY_CTX *ctx);
279 int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
281 The keygen_init() and keygen() methods are used to generate the actual key for
282 the specified algorithm. They are called by L<EVP_PKEY_keygen_init(3)> and
283 L<EVP_PKEY_keygen(3)>.
285 int (*sign_init) (EVP_PKEY_CTX *ctx);
286 int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
287 const unsigned char *tbs, size_t tbslen);
289 The sign_init() and sign() methods are used to generate the signature of a
290 piece of data using a private key. They are called by L<EVP_PKEY_sign_init(3)>
291 and L<EVP_PKEY_sign(3)>.
293 int (*verify_init) (EVP_PKEY_CTX *ctx);
294 int (*verify) (EVP_PKEY_CTX *ctx,
295 const unsigned char *sig, size_t siglen,
296 const unsigned char *tbs, size_t tbslen);
298 The verify_init() and verify() methods are used to verify whether a signature is
299 valid. They are called by L<EVP_PKEY_verify_init(3)> and L<EVP_PKEY_verify(3)>.
301 int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
302 int (*verify_recover) (EVP_PKEY_CTX *ctx,
303 unsigned char *rout, size_t *routlen,
304 const unsigned char *sig, size_t siglen);
306 The verify_recover_init() and verify_recover() methods are used to verify a
307 signature and then recover the digest from the signature (for instance, a
308 signature that was generated by RSA signing algorithm). They are called by
309 L<EVP_PKEY_verify_recover_init(3)> and L<EVP_PKEY_verify_recover(3)>.
311 int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
312 int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
315 The signctx_init() and signctx() methods are used to sign a digest present by
316 a B<EVP_MD_CTX> object. They are called by the EVP_DigestSign functions. See
317 L<EVP_DigestSignInit(3)> for details.
319 int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
320 int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
323 The verifyctx_init() and verifyctx() methods are used to verify a signature
324 against the data in a B<EVP_MD_CTX> object. They are called by the various
325 EVP_DigestVerify functions. See L<EVP_DigestVerifyInit(3)> for details.
327 int (*encrypt_init) (EVP_PKEY_CTX *ctx);
328 int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
329 const unsigned char *in, size_t inlen);
331 The encrypt_init() and encrypt() methods are used to encrypt a piece of data.
332 They are called by L<EVP_PKEY_encrypt_init(3)> and L<EVP_PKEY_encrypt(3)>.
334 int (*decrypt_init) (EVP_PKEY_CTX *ctx);
335 int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
336 const unsigned char *in, size_t inlen);
338 The decrypt_init() and decrypt() methods are used to decrypt a piece of data.
339 They are called by L<EVP_PKEY_decrypt_init(3)> and L<EVP_PKEY_decrypt(3)>.
341 int (*derive_init) (EVP_PKEY_CTX *ctx);
342 int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
344 The derive_init() and derive() methods are used to derive the shared secret
345 from a public key algorithm (for instance, the DH algorithm). They are called by
346 L<EVP_PKEY_derive_init(3)> and L<EVP_PKEY_derive(3)>.
348 int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
349 int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);
351 The ctrl() and ctrl_str() methods are used to adjust algorithm-specific
352 settings. See L<EVP_PKEY_CTX_ctrl(3)> and related functions for details.
354 int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
355 const unsigned char *tbs, size_t tbslen);
356 int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
357 size_t siglen, const unsigned char *tbs,
360 The digestsign() and digestverify() methods are used to generate or verify
361 a signature in a one-shot mode. They could be called by L<EVP_DigestSign(3)>
362 and L<EVP_DigestVerify(3)>.
364 int (*check) (EVP_PKEY *pkey);
365 int (*public_check) (EVP_PKEY *pkey);
366 int (*param_check) (EVP_PKEY *pkey);
368 The check(), public_check() and param_check() methods are used to validate a
369 key-pair, the public component and parameters respectively for a given B<pkey>.
370 They could be called by L<EVP_PKEY_check(3)>, L<EVP_PKEY_public_check(3)> and
371 L<EVP_PKEY_param_check(3)> respectively.
373 int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
375 The digest_custom() method is used to generate customized digest content before
376 the real message is passed to functions like L<EVP_DigestSignUpdate(3)> or
377 L<EVP_DigestVerifyInit(3)>. This is usually required by some public key
378 signature algorithms like SM2 which requires a hashed prefix to the message to
379 be signed. The digest_custom() function will be called by L<EVP_DigestSignInit(3)>
380 and L<EVP_DigestVerifyInit(3)>.
384 EVP_PKEY_meth_new() creates and returns a new B<EVP_PKEY_METHOD> object,
385 and associates the given B<id> and B<flags>. The following flags are
388 EVP_PKEY_FLAG_AUTOARGLEN
389 EVP_PKEY_FLAG_SIGCTX_CUSTOM
391 If an B<EVP_PKEY_METHOD> is set with the B<EVP_PKEY_FLAG_AUTOARGLEN> flag, the
392 maximum size of the output buffer will be automatically calculated or checked
393 in corresponding EVP methods by the EVP framework. Thus the implementations of
394 these methods don't need to care about handling the case of returning output
395 buffer size by themselves. For details on the output buffer size, refer to
398 The B<EVP_PKEY_FLAG_SIGCTX_CUSTOM> is used to indicate the signctx() method
399 of an B<EVP_PKEY_METHOD> is always called by the EVP framework while doing a
400 digest signing operation by calling L<EVP_DigestSignFinal(3)>.
402 EVP_PKEY_meth_free() frees an existing B<EVP_PKEY_METHOD> pointed by
405 EVP_PKEY_meth_copy() copies an B<EVP_PKEY_METHOD> object from B<src>
408 EVP_PKEY_meth_find() finds an B<EVP_PKEY_METHOD> object with the B<id>.
409 This function first searches through the user-defined method objects and
410 then the built-in objects.
412 EVP_PKEY_meth_add0() adds B<pmeth> to the user defined stack of methods.
414 EVP_PKEY_meth_remove() removes an B<EVP_PKEY_METHOD> object added by
415 EVP_PKEY_meth_add0().
417 The EVP_PKEY_meth_set functions set the corresponding fields of
418 B<EVP_PKEY_METHOD> structure with the arguments passed.
420 The EVP_PKEY_meth_get functions get the corresponding fields of
421 B<EVP_PKEY_METHOD> structure to the arguments provided.
425 EVP_PKEY_meth_new() returns a pointer to a new B<EVP_PKEY_METHOD>
426 object or returns NULL on error.
428 EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.
430 EVP_PKEY_meth_find() returns a pointer to the found B<EVP_PKEY_METHOD>
431 object or returns NULL if not found.
433 EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0
434 if an error occurred.
436 EVP_PKEY_meth_remove() returns 1 if method is removed successfully or
437 0 if an error occurred.
439 All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return
440 values. For the 'get' functions, function pointers are returned by
445 Copyright 2017-2018 The OpenSSL Project Authors. All Rights Reserved.
447 Licensed under the Apache License 2.0 (the "License"). You may not use
448 this file except in compliance with the License. You can obtain a copy
449 in the file LICENSE in the source distribution or at
450 L<https://www.openssl.org/source/license.html>.