7 EVP_PKEY_CTX_set_signature_md,
8 EVP_PKEY_CTX_get_signature_md,
9 EVP_PKEY_CTX_set_mac_key,
10 EVP_PKEY_CTX_set_rsa_padding,
11 EVP_PKEY_CTX_set_rsa_pss_saltlen,
12 EVP_PKEY_CTX_set_rsa_keygen_bits,
13 EVP_PKEY_CTX_set_rsa_keygen_pubexp,
14 EVP_PKEY_CTX_set_dsa_paramgen_bits,
15 EVP_PKEY_CTX_set_dh_paramgen_prime_len,
16 EVP_PKEY_CTX_set_dh_paramgen_generator,
17 EVP_PKEY_CTX_set_dh_pad,
18 EVP_PKEY_CTX_set_dh_nid,
19 EVP_PKEY_CTX_set_ec_paramgen_curve_nid,
20 EVP_PKEY_CTX_set_ec_param_enc,
21 EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len
22 - algorithm specific control operations
26 #include <openssl/evp.h>
28 int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype,
29 int cmd, int p1, void *p2);
30 int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type,
33 int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md);
34 int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **pmd);
36 int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, unsigned char *key, int len);
38 #include <openssl/rsa.h>
40 int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad);
41 int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len);
42 int EVP_PKEY_CTX_set_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits);
43 int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp);
45 #include <openssl/dsa.h>
46 int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits);
48 #include <openssl/dh.h>
49 int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len);
50 int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen);
51 int EVP_PKEY_CTX_set_dh_pad(EVP_PKEY_CTX *ctx, int pad);
52 int EVP_PKEY_CTX_set_dh_nid(EVP_PKEY_CTX *ctx, int nid);
54 #include <openssl/ec.h>
55 int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid);
56 int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc);
58 int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, void *id, size_t id_len);
59 int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
60 int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);
64 The function EVP_PKEY_CTX_ctrl() sends a control operation to the context
65 B<ctx>. The key type used must match B<keytype> if it is not -1. The parameter
66 B<optype> is a mask indicating which operations the control can be applied to.
67 The control command is indicated in B<cmd> and any additional arguments in
70 For B<cmd> = B<EVP_PKEY_CTRL_SET_MAC_KEY>, B<p1> is the length of the MAC key,
71 and B<p2> is MAC key. This is used by Poly1305, SipHash, HMAC and CMAC.
73 Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will
74 instead call one of the algorithm specific macros below.
76 The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm
77 specific control operation to a context B<ctx> in string form. This is
78 intended to be used for options specified on the command line or in text
79 files. The commands supported are documented in the openssl utility
80 command line pages for the option B<-pkeyopt> which is supported by the
81 B<pkeyutl>, B<genpkey> and B<req> commands.
83 All the remaining "functions" are implemented as macros.
85 The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used
86 in a signature. It can be used in the RSA, DSA and ECDSA algorithms.
88 The EVP_PKEY_CTX_get_signature_md() macro gets the message digest type used in a
89 signature. It can be used in the RSA, DSA and ECDSA algorithms.
91 Key generation typically involves setting up parameters to be used and
92 generating the private and public key data. Some algorithm implementations
93 allow private key data to be set explicitly using the EVP_PKEY_CTX_set_mac_key()
94 macro. In this case key generation is simply the process of setting up the
95 parameters for the key and then setting the raw key data to the value explicitly
96 provided by that macro. Normally applications would call
97 L<EVP_PKEY_new_raw_private_key(3)> or similar functions instead of this macro.
99 The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms
100 supported by the L<EVP_PKEY_new_raw_private_key(3)> function.
102 The macro EVP_PKEY_CTX_set_rsa_padding() sets the RSA padding mode for B<ctx>.
103 The B<pad> parameter can take the value RSA_PKCS1_PADDING for PKCS#1 padding,
104 RSA_SSLV23_PADDING for SSLv23 padding, RSA_NO_PADDING for no padding,
105 RSA_PKCS1_OAEP_PADDING for OAEP padding (encrypt and decrypt only),
106 RSA_X931_PADDING for X9.31 padding (signature operations only) and
107 RSA_PKCS1_PSS_PADDING (sign and verify only).
109 Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md()
110 is used. If this macro is called for PKCS#1 padding the plaintext buffer is
111 an actual digest value and is encapsulated in a DigestInfo structure according
112 to PKCS#1 when signing and this structure is expected (and stripped off) when
113 verifying. If this control is not used with RSA and PKCS#1 padding then the
114 supplied data is used directly and not encapsulated. In the case of X9.31
115 padding for RSA the algorithm identifier byte is added or checked and removed
116 if this control is called. If it is not called then the first byte of the plaintext
117 buffer is expected to be the algorithm identifier byte.
119 The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to
120 B<len> as its name implies it is only supported for PSS padding. Three special
121 values are supported: RSA_PSS_SALTLEN_DIGEST sets the salt length to the
122 digest length, RSA_PSS_SALTLEN_MAX sets the salt length to the maximum
123 permissible value. When verifying RSA_PSS_SALTLEN_AUTO causes the salt length
124 to be automatically determined based on the B<PSS> block structure. If this
125 macro is not called maximum salt length is used when signing and auto detection
126 when verifying is used by default.
128 The EVP_PKEY_CTX_set_rsa_keygen_bits() macro sets the RSA key length for
129 RSA key generation to B<bits>. If not specified 1024 bits is used.
131 The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value
132 for RSA key generation to B<pubexp> currently it should be an odd integer. The
133 B<pubexp> pointer is used internally by this function so it should not be
134 modified or free after the call. If this macro is not called then 65537 is used.
136 The macro EVP_PKEY_CTX_set_dsa_paramgen_bits() sets the number of bits used
137 for DSA parameter generation to B<bits>. If not specified 1024 is used.
139 The macro EVP_PKEY_CTX_set_dh_paramgen_prime_len() sets the length of the DH
140 prime parameter B<p> for DH parameter generation. If this macro is not called
143 The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to B<gen>
144 for DH parameter generation. If not specified 2 is used.
146 The EVP_PKEY_CTX_set_dh_pad() macro sets the DH padding mode. If B<pad> is
147 1 the shared secret is padded with zeroes up to the size of the DH prime B<p>.
148 If B<pad> is zero (the default) then no padding is performed.
150 EVP_PKEY_CTX_set_dh_nid() sets the DH parameters to values corresponding to
151 B<nid>. The B<nid> parameter must be B<NID_ffdhe2048>, B<NID_ffdhe3072>,
152 B<NID_ffdhe4096>, B<NID_ffdhe6144> or B<NID_ffdhe8192>. This macro can be
153 called during parameter or key generation.
155 The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter
156 generation to B<nid>. For EC parameter generation this macro must be called
157 or an error occurs because there is no default curve.
158 This function can also be called to set the curve explicitly when
159 generating an EC key.
161 The EVP_PKEY_CTX_set_ec_param_enc() sets the EC parameter encoding to
162 B<param_enc> when generating EC parameters or an EC key. The encoding can be
163 B<OPENSSL_EC_EXPLICIT_CURVE> for explicit parameters (the default in versions
164 of OpenSSL before 1.1.0) or B<OPENSSL_EC_NAMED_CURVE> to use named curve form.
165 For maximum compatibility the named curve form should be used. Note: the
166 B<OPENSSL_EC_NAMED_CURVE> value was only added to OpenSSL 1.1.0; previous
167 versions should use 0 instead.
169 The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len()
170 macros are used to manipulate the special identifier field for specific signature
171 algorithms such as SM2. The EVP_PKEY_CTX_set1_id() sets an ID pointed by B<id> with
172 the length B<id_len> to the library. The library takes a copy of the id so that
173 the caller can safely free the original memory pointed to by B<id>. The
174 EVP_PKEY_CTX_get1_id_len() macro returns the length of the ID set via a previous
175 call to EVP_PKEY_CTX_set1_id(). The length is usually used to allocate adequate
176 memory for further calls to EVP_PKEY_CTX_get1_id(). The EVP_PKEY_CTX_get1_id()
177 macro returns the previously set ID value to caller in B<id>. The caller should
178 allocate adequate memory space for the B<id> before calling EVP_PKEY_CTX_get1_id().
182 EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0
183 or a negative value for failure. In particular a return value of -2
184 indicates the operation is not supported by the public key algorithm.
188 L<EVP_PKEY_CTX_new(3)>,
189 L<EVP_PKEY_encrypt(3)>,
190 L<EVP_PKEY_decrypt(3)>,
192 L<EVP_PKEY_verify(3)>,
193 L<EVP_PKEY_verify_recover(3)>,
194 L<EVP_PKEY_derive(3)>
195 L<EVP_PKEY_keygen(3)>
199 EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and EVP_PKEY_CTX_get1_id_len()
200 macros were added in 1.1.1, other functions were first added to OpenSSL 1.0.0.
204 Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.
206 Licensed under the OpenSSL license (the "License"). You may not use
207 this file except in compliance with the License. You can obtain a copy
208 in the file LICENSE in the source distribution or at
209 L<https://www.openssl.org/source/license.html>.
projects / openssl.git / blob