void *OSSL_FUNC_asym_cipher_dupctx(void *ctx);
/* Encryption */
- int OSSL_FUNC_asym_cipher_encrypt_init(void *ctx, void *provkey);
+ int OSSL_FUNC_asym_cipher_encrypt_init(void *ctx, void *provkey,
+ const OSSL_PARAM params[]);
int OSSL_FUNC_asym_cipher_encrypt(void *ctx, unsigned char *out, size_t *outlen,
size_t outsize, const unsigned char *in,
size_t inlen);
/* Decryption */
- int OSSL_FUNC_asym_cipher_decrypt_init(void *ctx, void *provkey);
+ int OSSL_FUNC_asym_cipher_decrypt_init(void *ctx, void *provkey,
+ const OSSL_PARAM params[]);
int OSSL_FUNC_asym_cipher_decrypt(void *ctx, unsigned char *out, size_t *outlen,
size_t outsize, const unsigned char *in,
size_t inlen);
OSSL_FUNC_asym_cipher_encrypt_init() initialises a context for an asymmetric encryption
given a provider side asymmetric cipher context in the I<ctx> parameter, and a
pointer to a provider key object in the I<provkey> parameter.
+The I<params>, if not NULL, should be set on the context in a manner similar to
+using OSSL_FUNC_asym_cipher_set_ctx_params().
The key object should have been previously generated, loaded or imported into
the provider using the key management (OSSL_OP_KEYMGMT) operation (see
provider-keymgmt(7)>.
-
OSSL_FUNC_asym_cipher_encrypt() performs the actual encryption itself.
A previously initialised asymmetric cipher context is passed in the I<ctx>
parameter.
OSSL_FUNC_asym_cipher_decrypt_init() initialises a context for an asymmetric decryption
given a provider side asymmetric cipher context in the I<ctx> parameter, and a
pointer to a provider key object in the I<provkey> parameter.
+The I<params>, if not NULL, should be set on the context in a manner similar to
+using OSSL_FUNC_asym_cipher_set_ctx_params().
The key object should have been previously generated, loaded or imported into
the provider using the key management (OSSL_OP_KEYMGMT) operation (see
provider-keymgmt(7)>.
/* Encryption/decryption */
int OSSL_FUNC_cipher_encrypt_init(void *cctx, const unsigned char *key,
size_t keylen, const unsigned char *iv,
- size_t ivlen);
+ size_t ivlen, const OSSL_PARAM params[]);
int OSSL_FUNC_cipher_decrypt_init(void *cctx, const unsigned char *key,
size_t keylen, const unsigned char *iv,
- size_t ivlen);
+ size_t ivlen, const OSSL_PARAM params[]);
int OSSL_FUNC_cipher_update(void *cctx, unsigned char *out, size_t *outl,
size_t outsize, const unsigned char *in, size_t inl);
int OSSL_FUNC_cipher_final(void *cctx, unsigned char *out, size_t *outl,
newly created provider side cipher context in the I<cctx> parameter.
The key to be used is given in I<key> which is I<keylen> bytes long.
The IV to be used is given in I<iv> which is I<ivlen> bytes long.
+The I<params>, if not NULL, should be set on the context in a manner similar to
+using OSSL_FUNC_cipher_set_ctx_params().
OSSL_FUNC_cipher_decrypt_init() is the same as OSSL_FUNC_cipher_encrypt_init() except that it
initialises the context for a decryption operation.
void *OSSL_FUNC_digest_dupctx(void *dctx);
/* Digest generation */
- int OSSL_FUNC_digest_init(void *dctx);
+ int OSSL_FUNC_digest_init(void *dctx, const OSSL_PARAM params[]);
int OSSL_FUNC_digest_update(void *dctx, const unsigned char *in, size_t inl);
int OSSL_FUNC_digest_final(void *dctx, unsigned char *out, size_t *outl,
size_t outsz);
OSSL_FUNC_digest_init() initialises a digest operation given a newly created
provider side digest context in the I<dctx> parameter.
+The I<params>, if not NULL, should be set on the context in a manner similar to
+using OSSL_FUNC_digest_set_ctx_params().
OSSL_FUNC_digest_update() is called to supply data to be digested as part of a
previously initialised digest operation.
void *OSSL_FUNC_kem_dupctx(void *ctx);
/* Encapsulation */
- int OSSL_FUNC_kem_encapsulate_init(void *ctx, void *provkey, const char *name);
+ int OSSL_FUNC_kem_encapsulate_init(void *ctx, void *provkey, const char *name,
+ const OSSL_PARAM params[]);
int OSSL_FUNC_kem_encapsulate(void *ctx, unsigned char *out, size_t *outlen,
unsigned char *secret, size_t *secretlen);
encapsulation given a provider side asymmetric kem context in the I<ctx>
parameter, a pointer to a provider key object in the I<provkey> parameter and
the I<name> of the algorithm.
+The I<params>, if not NULL, should be set on the context in a manner similar to
+using OSSL_FUNC_kem_set_ctx_params().
The key object should have been previously generated, loaded or imported into
the provider using the key management (OSSL_OP_KEYMGMT) operation (see
provider-keymgmt(7)>.
void *OSSL_FUNC_keyexch_dupctx(void *ctx);
/* Shared secret derivation */
- int OSSL_FUNC_keyexch_init(void *ctx, void *provkey);
+ int OSSL_FUNC_keyexch_init(void *ctx, void *provkey,
+ const OSSL_PARAM params[]);
int OSSL_FUNC_keyexch_set_peer(void *ctx, void *provkey);
int OSSL_FUNC_keyexch_derive(void *ctx, unsigned char *secret, size_t *secretlen,
size_t outlen);
OSSL_FUNC_keyexch_init() initialises a key exchange operation given a provider side key
exchange context in the I<ctx> parameter, and a pointer to a provider key object
-in the I<provkey> parameter. The key object should have been previously
+in the I<provkey> parameter.
+The I<params>, if not NULL, should be set on the context in a manner similar to
+using OSSL_FUNC_keyexch_set_params().
+The key object should have been previously
generated, loaded or imported into the provider using the key management
(OSSL_OP_KEYMGMT) operation (see provider-keymgmt(7)>.
OSSL_FUNC_keymgmt_gen_init() should create the key object generation context
and initialize it with I<selections>, which will determine what kind
-of contents the key object to be generated should get. The I<params>, if
-not NULL, should be set on the generation context.
+of contents the key object to be generated should get.
+The I<params>, if not NULL, should be set on the context in a manner similar to
+using OSSL_FUNC_keymgmt_set_params().
OSSL_FUNC_keymgmt_gen_set_template() should add I<template> to the context
I<genctx>. The I<template> is assumed to be a key object constructed
void *OSSL_FUNC_signature_dupctx(void *ctx);
/* Signing */
- int OSSL_FUNC_signature_sign_init(void *ctx, void *provkey);
+ int OSSL_FUNC_signature_sign_init(void *ctx, void *provkey,
+ const OSSL_PARAM params[]);
int OSSL_FUNC_signature_sign(void *ctx, unsigned char *sig, size_t *siglen,
size_t sigsize, const unsigned char *tbs, size_t tbslen);
/* Verifying */
- int OSSL_FUNC_signature_verify_init(void *ctx, void *provkey);
+ int OSSL_FUNC_signature_verify_init(void *ctx, void *provkey,
+ const OSSL_PARAM params[]);
int OSSL_FUNC_signature_verify(void *ctx, const unsigned char *sig, size_t siglen,
const unsigned char *tbs, size_t tbslen);
/* Verify Recover */
- int OSSL_FUNC_signature_verify_recover_init(void *ctx, void *provkey);
+ int OSSL_FUNC_signature_verify_recover_init(void *ctx, void *provkey,
+ const OSSL_PARAM params[]);
int OSSL_FUNC_signature_verify_recover(void *ctx, unsigned char *rout,
size_t *routlen, size_t routsize,
const unsigned char *sig, size_t siglen);
/* Digest Sign */
int OSSL_FUNC_signature_digest_sign_init(void *ctx, const char *mdname,
- const char *props, void *provkey);
+ const char *props, void *provkey,
+ const OSSL_PARAM params[]);
int OSSL_FUNC_signature_digest_sign_update(void *ctx, const unsigned char *data,
size_t datalen);
int OSSL_FUNC_signature_digest_sign_final(void *ctx, unsigned char *sig,
/* Digest Verify */
int OSSL_FUNC_signature_digest_verify_init(void *ctx, const char *mdname,
- const char *props, void *provkey);
+ const char *props, void *provkey,
+ const OSSL_PARAM params[]);
int OSSL_FUNC_signature_digest_verify_update(void *ctx,
const unsigned char *data,
size_t datalen);
OSSL_FUNC_signature_sign_init() initialises a context for signing given a provider side
signature context in the I<ctx> parameter, and a pointer to a provider key object
in the I<provkey> parameter.
+The I<params>, if not NULL, should be set on the context in a manner similar to
+using OSSL_FUNC_signature_set_ctx_params().
The key object should have been previously generated, loaded or imported into
the provider using the key management (OSSL_OP_KEYMGMT) operation (see
provider-keymgmt(7)>.
OSSL_FUNC_signature_verify_init() initialises a context for verifying a signature given
a provider side signature context in the I<ctx> parameter, and a pointer to a
provider key object in the I<provkey> parameter.
+The I<params>, if not NULL, should be set on the context in a manner similar to
+using OSSL_FUNC_signature_set_ctx_params().
The key object should have been previously generated, loaded or imported into
the provider using the key management (OSSL_OP_KEYMGMT) operation (see
provider-keymgmt(7)>.
OSSL_FUNC_signature_verify_recover_init() initialises a context for recovering the
signed data given a provider side signature context in the I<ctx> parameter, and
a pointer to a provider key object in the I<provkey> parameter.
+The I<params>, if not NULL, should be set on the context in a manner similar to
+using OSSL_FUNC_signature_set_ctx_params().
The key object should have been previously generated, loaded or imported into
the provider using the key management (OSSL_OP_KEYMGMT) operation (see
provider-keymgmt(7)>.
OSSL_FUNC_signature_digeset_sign_init() initialises a context for signing given a
provider side signature context in the I<ctx> parameter, and a pointer to a
-provider key object in the I<provkey> parameter. The key object should have been
+provider key object in the I<provkey> parameter.
+The I<params>, if not NULL, should be set on the context in a manner similar to
+using OSSL_FUNC_signature_set_ctx_params() and
+OSSL_FUNC_signature_set_ctx_md_params().
+The key object should have been
previously generated, loaded or imported into the provider using the
key management (OSSL_OP_KEYMGMT) operation (see provider-keymgmt(7)>.
The name of the digest to be used will be in the I<mdname> parameter. There may
OSSL_FUNC_signature_digeset_verify_init() initialises a context for verifying given a
provider side verification context in the I<ctx> parameter, and a pointer to a
-provider key object in the I<provkey> parameter. The key object should have been
+provider key object in the I<provkey> parameter.
+The I<params>, if not NULL, should be set on the context in a manner similar to
+OSSL_FUNC_signature_set_ctx_params() and
+OSSL_FUNC_signature_set_ctx_md_params().
+The key object should have been
previously generated, loaded or imported into the provider using the
key management (OSSL_OP_KEYMGMT) operation (see provider-keymgmt(7)>.
The name of the digest to be used will be in the I<mdname> parameter. There may