-/* Key domain parameter creation and destruction */
-# define OSSL_FUNC_KEYMGMT_IMPORTDOMPARAMS 1
-# define OSSL_FUNC_KEYMGMT_GENDOMPARAMS 2
-# define OSSL_FUNC_KEYMGMT_FREEDOMPARAMS 3
-OSSL_CORE_MAKE_FUNC(void *, OP_keymgmt_importdomparams,
- (void *provctx, const OSSL_PARAM params[]))
-OSSL_CORE_MAKE_FUNC(void *, OP_keymgmt_gendomparams,
- (void *provctx, const OSSL_PARAM params[]))
-OSSL_CORE_MAKE_FUNC(void, OP_keymgmt_freedomparams, (void *domparams))
-
-/* Key domain parameter export */
-# define OSSL_FUNC_KEYMGMT_EXPORTDOMPARAMS 4
-OSSL_CORE_MAKE_FUNC(int, OP_keymgmt_exportdomparams,
- (void *domparams, OSSL_PARAM params[]))
-
-/* Key domain parameter discovery */
-# define OSSL_FUNC_KEYMGMT_IMPORTDOMPARAM_TYPES 5
-# define OSSL_FUNC_KEYMGMT_EXPORTDOMPARAM_TYPES 6
-OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, OP_keymgmt_importdomparam_types,
- (void))
-OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, OP_keymgmt_exportdomparam_types,
- (void))
-
-/* Key creation and destruction */
-# define OSSL_FUNC_KEYMGMT_IMPORTKEY 10
-# define OSSL_FUNC_KEYMGMT_GENKEY 11
-# define OSSL_FUNC_KEYMGMT_LOADKEY 12
-# define OSSL_FUNC_KEYMGMT_FREEKEY 13
-OSSL_CORE_MAKE_FUNC(void *, OP_keymgmt_importkey,
- (void *provctx, const OSSL_PARAM params[]))
-OSSL_CORE_MAKE_FUNC(void *, OP_keymgmt_genkey,
- (void *provctx,
- void *domparams, const OSSL_PARAM genkeyparams[]))
-OSSL_CORE_MAKE_FUNC(void *, OP_keymgmt_loadkey,
- (void *provctx, void *id, size_t idlen))
-OSSL_CORE_MAKE_FUNC(void, OP_keymgmt_freekey, (void *key))
-
-/* Key export */
-# define OSSL_FUNC_KEYMGMT_EXPORTKEY 14
-OSSL_CORE_MAKE_FUNC(int, OP_keymgmt_exportkey,
- (void *key, OSSL_PARAM params[]))
-
-/* Key discovery */
-# define OSSL_FUNC_KEYMGMT_IMPORTKEY_TYPES 15
-# define OSSL_FUNC_KEYMGMT_EXPORTKEY_TYPES 16
-OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, OP_keymgmt_importkey_types, (void))
-OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, OP_keymgmt_exportkey_types, (void))
+/* Key data subset selection - individual bits */
+# define OSSL_KEYMGMT_SELECT_PRIVATE_KEY 0x01
+# define OSSL_KEYMGMT_SELECT_PUBLIC_KEY 0x02
+# define OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS 0x04
+# define OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS 0x80
+
+/* Key data subset selection - combinations */
+# define OSSL_KEYMGMT_SELECT_ALL_PARAMETERS \
+ ( OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS \
+ | OSSL_KEYMGMT_SELECT_OTHER_PARAMETERS)
+# define OSSL_KEYMGMT_SELECT_KEYPAIR \
+ ( OSSL_KEYMGMT_SELECT_PRIVATE_KEY | OSSL_KEYMGMT_SELECT_PUBLIC_KEY )
+# define OSSL_KEYMGMT_SELECT_ALL \
+ ( OSSL_KEYMGMT_SELECT_KEYPAIR | OSSL_KEYMGMT_SELECT_ALL_PARAMETERS )
+
+/* Basic key object creation */
+# define OSSL_FUNC_KEYMGMT_NEW 1
+OSSL_CORE_MAKE_FUNC(void *, OP_keymgmt_new, (void *provctx))
+
+/* Generation, a more complex constructor */
+# define OSSL_FUNC_KEYMGMT_GEN_INIT 2
+# define OSSL_FUNC_KEYMGMT_GEN_SET_TEMPLATE 3
+# define OSSL_FUNC_KEYMGMT_GEN_SET_PARAMS 4
+# define OSSL_FUNC_KEYMGMT_GEN_SETTABLE_PARAMS 5
+# define OSSL_FUNC_KEYMGMT_GEN 6
+# define OSSL_FUNC_KEYMGMT_GEN_CLEANUP 7
+OSSL_CORE_MAKE_FUNC(void *, OP_keymgmt_gen_init,
+ (void *provctx, int selection))
+OSSL_CORE_MAKE_FUNC(int, OP_keymgmt_gen_set_template,
+ (void *genctx, void *templ))
+OSSL_CORE_MAKE_FUNC(int, OP_keymgmt_gen_set_params,
+ (void *genctx, const OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *,
+ OP_keymgmt_gen_settable_params, (void *provctx))
+OSSL_CORE_MAKE_FUNC(int, OP_keymgmt_gen_get_params,
+ (void *genctx, OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *,
+ OP_keymgmt_gen_gettable_params, (void *provctx))
+OSSL_CORE_MAKE_FUNC(void *, OP_keymgmt_gen,
+ (void *genctx, OSSL_CALLBACK *cb, void *cbarg))
+OSSL_CORE_MAKE_FUNC(void, OP_keymgmt_gen_cleanup, (void *genctx))
+
+/* Basic key object destruction */
+# define OSSL_FUNC_KEYMGMT_FREE 10
+OSSL_CORE_MAKE_FUNC(void, OP_keymgmt_free, (void *keydata))
+
+/* Key object information, with discovery */
+#define OSSL_FUNC_KEYMGMT_GET_PARAMS 11
+#define OSSL_FUNC_KEYMGMT_GETTABLE_PARAMS 12
+OSSL_CORE_MAKE_FUNC(int, OP_keymgmt_get_params,
+ (void *keydata, OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, OP_keymgmt_gettable_params, (void))
+
+#define OSSL_FUNC_KEYMGMT_SET_PARAMS 13
+#define OSSL_FUNC_KEYMGMT_SETTABLE_PARAMS 14
+OSSL_CORE_MAKE_FUNC(int, OP_keymgmt_set_params,
+ (void *keydata, const OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, OP_keymgmt_settable_params, (void))
+
+/* Key checks - discovery of supported operations */
+# define OSSL_FUNC_KEYMGMT_QUERY_OPERATION_NAME 20
+OSSL_CORE_MAKE_FUNC(const char *, OP_keymgmt_query_operation_name,
+ (int operation_id))
+
+/* Key checks - key data content checks */
+# define OSSL_FUNC_KEYMGMT_HAS 21
+OSSL_CORE_MAKE_FUNC(int, OP_keymgmt_has, (void *keydata, int selection))
+
+/* Key checks - validation */
+# define OSSL_FUNC_KEYMGMT_VALIDATE 22
+OSSL_CORE_MAKE_FUNC(int, OP_keymgmt_validate, (void *keydata, int selection))
+
+/* Key checks - matching */
+# define OSSL_FUNC_KEYMGMT_MATCH 23
+OSSL_CORE_MAKE_FUNC(int, OP_keymgmt_match,
+ (const void *keydata1, const void *keydata2,
+ int selection))
+
+/* Import and export functions, with discovery */
+# define OSSL_FUNC_KEYMGMT_IMPORT 40
+# define OSSL_FUNC_KEYMGMT_IMPORT_TYPES 41
+# define OSSL_FUNC_KEYMGMT_EXPORT 42
+# define OSSL_FUNC_KEYMGMT_EXPORT_TYPES 43
+OSSL_CORE_MAKE_FUNC(int, OP_keymgmt_import,
+ (void *keydata, int selection, const OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, OP_keymgmt_import_types,
+ (int selection))
+OSSL_CORE_MAKE_FUNC(int, OP_keymgmt_export,
+ (void *keydata, int selection,
+ OSSL_CALLBACK *param_cb, void *cbarg))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, OP_keymgmt_export_types,
+ (int selection))
+
+/* Copy function, only works for matching keymgmt */
+# define OSSL_FUNC_KEYMGMT_COPY 44
+OSSL_CORE_MAKE_FUNC(int, OP_keymgmt_copy,
+ ( void *keydata_to, const void *keydata_from,
+ int selection))