EVP_PKEY_meth_new(3) OpenSSL EVP_PKEY_meth_new(3) NNAAMMEE EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find, EVP_PKEY_meth_add0, EVP_PKEY_METHOD, EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup, EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign, EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx, EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt, EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl, EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup, EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign, EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx, EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt, EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl - manipulating EVP_PKEY_METHOD structure SSYYNNOOPPSSIISS #include typedef struct evp_pkey_method_st EVP_PKEY_METHOD; EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags); void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth); void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src); const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type); int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth); void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth, int (*init) (EVP_PKEY_CTX *ctx)); void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth, int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)); void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth, void (*cleanup) (EVP_PKEY_CTX *ctx)); void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth, int (*paramgen_init) (EVP_PKEY_CTX *ctx), int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)); void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth, int (*keygen_init) (EVP_PKEY_CTX *ctx), int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)); void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth, int (*sign_init) (EVP_PKEY_CTX *ctx), int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, const unsigned char *tbs, size_t tbslen)); void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth, int (*verify_init) (EVP_PKEY_CTX *ctx), int (*verify) (EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen, const unsigned char *tbs, size_t tbslen)); void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth, int (*verify_recover_init) (EVP_PKEY_CTX *ctx), int (*verify_recover) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, const unsigned char *tbs, size_t tbslen)); void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth, int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx), int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, EVP_MD_CTX *mctx)); void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth, int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx), int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen, EVP_MD_CTX *mctx)); void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth, int (*encrypt_init) (EVP_PKEY_CTX *ctx), int (*encryptfn) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char *in, size_t inlen)); void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth, int (*decrypt_init) (EVP_PKEY_CTX *ctx), int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char *in, size_t inlen)); void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth, int (*derive_init) (EVP_PKEY_CTX *ctx), int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen)); void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth, int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2), int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value)); void EVP_PKEY_meth_get_init(EVP_PKEY_METHOD *pmeth, int (**pinit) (EVP_PKEY_CTX *ctx)); void EVP_PKEY_meth_get_copy(EVP_PKEY_METHOD *pmeth, int (**pcopy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)); void EVP_PKEY_meth_get_cleanup(EVP_PKEY_METHOD *pmeth, void (**pcleanup) (EVP_PKEY_CTX *ctx)); void EVP_PKEY_meth_get_paramgen(EVP_PKEY_METHOD *pmeth, int (**pparamgen_init) (EVP_PKEY_CTX *ctx), int (**pparamgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)); void EVP_PKEY_meth_get_keygen(EVP_PKEY_METHOD *pmeth, int (**pkeygen_init) (EVP_PKEY_CTX *ctx), int (**pkeygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)); void EVP_PKEY_meth_get_sign(EVP_PKEY_METHOD *pmeth, int (**psign_init) (EVP_PKEY_CTX *ctx), int (**psign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, const unsigned char *tbs, size_t tbslen)); void EVP_PKEY_meth_get_verify(EVP_PKEY_METHOD *pmeth, int (**pverify_init) (EVP_PKEY_CTX *ctx), int (**pverify) (EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen, const unsigned char *tbs, size_t tbslen)); void EVP_PKEY_meth_get_verify_recover(EVP_PKEY_METHOD *pmeth, int (**pverify_recover_init) (EVP_PKEY_CTX *ctx), int (**pverify_recover) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, const unsigned char *tbs, size_t tbslen)); void EVP_PKEY_meth_get_signctx(EVP_PKEY_METHOD *pmeth, int (**psignctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx), int (**psignctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, EVP_MD_CTX *mctx)); void EVP_PKEY_meth_get_verifyctx(EVP_PKEY_METHOD *pmeth, int (**pverifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx), int (**pverifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen, EVP_MD_CTX *mctx)); void EVP_PKEY_meth_get_encrypt(EVP_PKEY_METHOD *pmeth, int (**pencrypt_init) (EVP_PKEY_CTX *ctx), int (**pencryptfn) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char *in, size_t inlen)); void EVP_PKEY_meth_get_decrypt(EVP_PKEY_METHOD *pmeth, int (**pdecrypt_init) (EVP_PKEY_CTX *ctx), int (**pdecrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char *in, size_t inlen)); void EVP_PKEY_meth_get_derive(EVP_PKEY_METHOD *pmeth, int (**pderive_init) (EVP_PKEY_CTX *ctx), int (**pderive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen)); void EVP_PKEY_meth_get_ctrl(EVP_PKEY_METHOD *pmeth, int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2), int (**pctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value)); DDEESSCCRRIIPPTTIIOONN EEVVPP__PPKKEEYY__MMEETTHHOODD is a structure which holds a set of methods for a spe- cific public key cryptographic algorithm. Those methods are usually used to perform different jobs, such as generating a key, signing or verifying, encrypting or decrypting, etc. There are two places where the EEVVPP__PPKKEEYY__MMEETTHHOODD objects are stored: one is a built-in static array representing the standard methods for dif- ferent algorithms, and the other one is a stack of user-defined appli- cation-specific methods, which can be manipulated by using _E_V_P___P_K_E_Y___m_e_t_h___a_d_d_0(3). The EEVVPP__PPKKEEYY__MMEETTHHOODD objects are usually referenced by EEVVPP__PPKKEEYY__CCTTXX objects. MMeetthhooddss The methods are the underlying implementations of a particular public key algorithm present by the EEVVPP__PPKKEEYY__CCTTXX object. int (*init) (EVP_PKEY_CTX *ctx); int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src); void (*cleanup) (EVP_PKEY_CTX *ctx); The _i_n_i_t_(_) method is called to initialize algorithm-specific data when a new EEVVPP__PPKKEEYY__CCTTXX is created. As opposed to _i_n_i_t_(_), the _c_l_e_a_n_u_p_(_) method is called when an EEVVPP__PPKKEEYY__CCTTXX is freed. The _c_o_p_y_(_) method is called when an EEVVPP__PPKKEEYY__CCTTXX is being duplicated. Refer to _E_V_P___P_K_E_Y___C_T_X___n_e_w(3), _E_V_P___P_K_E_Y___C_T_X___n_e_w___i_d(3), _E_V_P___P_K_E_Y___C_T_X___f_r_e_e(3) and _E_V_P___P_K_E_Y___C_T_X___d_u_p(3). int (*paramgen_init) (EVP_PKEY_CTX *ctx); int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey); The _p_a_r_a_m_g_e_n___i_n_i_t_(_) and _p_a_r_a_m_g_e_n_(_) methods deal with key parameter gen- eration. They are called by _E_V_P___P_K_E_Y___p_a_r_a_m_g_e_n___i_n_i_t(3) and _E_V_P___P_K_E_Y___p_a_r_a_m_g_e_n(3) to handle the parameter generation process. int (*keygen_init) (EVP_PKEY_CTX *ctx); int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey); The _k_e_y_g_e_n___i_n_i_t_(_) and _k_e_y_g_e_n_(_) methods are used to generate the actual key for the specified algorithm. They are called by _E_V_P___P_K_E_Y___k_e_y_- _g_e_n___i_n_i_t(3) and _E_V_P___P_K_E_Y___k_e_y_g_e_n(3). int (*sign_init) (EVP_PKEY_CTX *ctx); int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, const unsigned char *tbs, size_t tbslen); The _s_i_g_n___i_n_i_t_(_) and _s_i_g_n_(_) methods are used to generate the signature of a piece of data using a private key. They are called by _E_V_P___P_K_E_Y___s_i_g_n___i_n_i_t(3) and _E_V_P___P_K_E_Y___s_i_g_n(3). int (*verify_init) (EVP_PKEY_CTX *ctx); int (*verify) (EVP_PKEY_CTX *ctx, const unsigned char *sig, size_t siglen, const unsigned char *tbs, size_t tbslen); The _v_e_r_i_f_y___i_n_i_t_(_) and _v_e_r_i_f_y_(_) methods are used to verify whether a signature is valid. They are called by _E_V_P___P_K_E_Y___v_e_r_i_f_y___i_n_i_t(3) and _E_V_P___P_K_E_Y___v_e_r_i_f_y(3). int (*verify_recover_init) (EVP_PKEY_CTX *ctx); int (*verify_recover) (EVP_PKEY_CTX *ctx, unsigned char *rout, size_t *routlen, const unsigned char *sig, size_t siglen); The _v_e_r_i_f_y___r_e_c_o_v_e_r___i_n_i_t_(_) and _v_e_r_i_f_y___r_e_c_o_v_e_r_(_) methods are used to ver- ify a signature and then recover the digest from the signature (for instance, a signature that was generated by RSA signing algorithm). They are called by _E_V_P___P_K_E_Y___v_e_r_i_f_y___r_e_c_o_v_e_r___i_n_i_t(3) and _E_V_P___P_K_E_Y___v_e_r_- _i_f_y___r_e_c_o_v_e_r(3). int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx); int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen, EVP_MD_CTX *mctx); The _s_i_g_n_c_t_x___i_n_i_t_(_) and _s_i_g_n_c_t_x_(_) methods are used to sign a digest present by a EEVVPP__MMDD__CCTTXX object. They are called by the EVP_DigestSign functions. See _E_V_P___D_i_g_e_s_t_S_i_g_n_I_n_i_t(3) for detail. int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx); int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen, EVP_MD_CTX *mctx); The _v_e_r_i_f_y_c_t_x___i_n_i_t_(_) and _v_e_r_i_f_y_c_t_x_(_) methods are used to verify a sig- nature against the data in a EEVVPP__MMDD__CCTTXX object. They are called by the various EVP_DigestVerify functions. See _E_V_P___D_i_g_e_s_t_V_e_r_i_f_y_I_n_i_t(3) for detail. int (*encrypt_init) (EVP_PKEY_CTX *ctx); int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char *in, size_t inlen); The _e_n_c_r_y_p_t___i_n_i_t_(_) and _e_n_c_r_y_p_t_(_) methods are used to encrypt a piece of data. They are called by _E_V_P___P_K_E_Y___e_n_c_r_y_p_t___i_n_i_t(3) and _E_V_P___P_K_E_Y___e_n_c_r_y_p_t(3). int (*decrypt_init) (EVP_PKEY_CTX *ctx); int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen, const unsigned char *in, size_t inlen); The _d_e_c_r_y_p_t___i_n_i_t_(_) and _d_e_c_r_y_p_t_(_) methods are used to decrypt a piece of data. They are called by _E_V_P___P_K_E_Y___d_e_c_r_y_p_t___i_n_i_t(3) and _E_V_P___P_K_E_Y___d_e_c_r_y_p_t(3). int (*derive_init) (EVP_PKEY_CTX *ctx); int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen); The _d_e_r_i_v_e___i_n_i_t_(_) and _d_e_r_i_v_e_(_) methods are used to derive the shared secret from a public key algorithm (for instance, the DH algorithm). They are called by _E_V_P___P_K_E_Y___d_e_r_i_v_e___i_n_i_t(3) and _E_V_P___P_K_E_Y___d_e_r_i_v_e(3). int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2); int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value); The _c_t_r_l_(_) and _c_t_r_l___s_t_r_(_) methods are used to adjust algorithm-specific settings. See _E_V_P___P_K_E_Y___C_T_X___c_t_r_l(3) and related functions for detail. int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen, const unsigned char *tbs, size_t tbslen); int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig, size_t siglen, const unsigned char *tbs, size_t tbslen); The _d_i_g_e_s_t_s_i_g_n_(_) and _d_i_g_e_s_t_v_e_r_i_f_y_(_) methods are used to generate or verify a signature in a one-shot mode. They could be called by _E_V_P___D_i_g_e_t_S_i_g_n(3) and _E_V_P___D_i_g_e_s_t_V_e_r_i_f_y(3). FFuunnccttiioonnss _E_V_P___P_K_E_Y___m_e_t_h___n_e_w_(_) creates and returns a new EEVVPP__PPKKEEYY__MMEETTHHOODD object, and associates the given iidd and ffllaaggss. The following flags are sup- ported: EVP_PKEY_FLAG_AUTOARGLEN EVP_PKEY_FLAG_SIGCTX_CUSTOM If an EEVVPP__PPKKEEYY__MMEETTHHOODD is set with the EEVVPP__PPKKEEYY__FFLLAAGG__AAUUTTOOAARRGGLLEENN flag, the maximum size of the output buffer will be automatically calculated or checked in corresponding EVP methods by the EVP framework. Thus the implementations of these methods don't need to care about handling the case of returning output buffer size by themselves. For details on the output buffer size, refer to _E_V_P___P_K_E_Y___s_i_g_n(3). The EEVVPP__PPKKEEYY__FFLLAAGG__SSIIGGCCTTXX__CCUUSSTTOOMM is used to indicate the _s_i_g_n_c_t_x_(_) method of an EEVVPP__PPKKEEYY__MMEETTHHOODD is always called by the EVP framework while doing a digest signing operation by calling _E_V_P___D_i_g_e_s_t_S_i_g_n_F_i_- _n_a_l(3). _E_V_P___P_K_E_Y___m_e_t_h___f_r_e_e_(_) frees an existing EEVVPP__PPKKEEYY__MMEETTHHOODD pointed by ppmmeetthh. _E_V_P___P_K_E_Y___m_e_t_h___c_o_p_y_(_) copies an EEVVPP__PPKKEEYY__MMEETTHHOODD object from ssrrcc to ddsstt. _E_V_P___P_K_E_Y___m_e_t_h___f_i_n_d_(_) finds an EEVVPP__PPKKEEYY__MMEETTHHOODD object with the iidd. This function first searches through the user-defined method objects and then the built-in objects. _E_V_P___P_K_E_Y___m_e_t_h___a_d_d_0_(_) adds ppmmeetthh to the user defined stack of methods. The EVP_PKEY_meth_set functions set the corresponding fields of EEVVPP__PPKKEEYY__MMEETTHHOODD structure with the arguments passed. The EVP_PKEY_meth_get functions get the corresponding fields of EEVVPP__PPKKEEYY__MMEETTHHOODD structure to the arguments provided. RREETTUURRNN VVAALLUUEESS _E_V_P___P_K_E_Y___m_e_t_h___n_e_w_(_) returns a pointer to a new EEVVPP__PPKKEEYY__MMEETTHHOODD object or returns NULL on error. _E_V_P___P_K_E_Y___m_e_t_h___f_r_e_e_(_) and _E_V_P___P_K_E_Y___m_e_t_h___c_o_p_y_(_) do not return values. _E_V_P___P_K_E_Y___m_e_t_h___f_i_n_d_(_) returns a pointer to the found EEVVPP__PPKKEEYY__MMEETTHHOODD object or returns NULL if not found. _E_V_P___P_K_E_Y___m_e_t_h___a_d_d_0_(_) returns 1 if method is added successfully or 0 if an error occurred. All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return values. For the 'get' functions, function pointers are returned by arguments. CCOOPPYYRRIIGGHHTT Copyright 2017 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at . 1.0.2u 2019-12-20 EVP_PKEY_meth_new(3)