5 EVP_PKEY_meth_new, EVP_PKEY_meth_free, EVP_PKEY_meth_copy, EVP_PKEY_meth_find,
6 EVP_PKEY_meth_add0, EVP_PKEY_METHOD,
7 EVP_PKEY_meth_set_init, EVP_PKEY_meth_set_copy, EVP_PKEY_meth_set_cleanup,
8 EVP_PKEY_meth_set_paramgen, EVP_PKEY_meth_set_keygen, EVP_PKEY_meth_set_sign,
9 EVP_PKEY_meth_set_verify, EVP_PKEY_meth_set_verify_recover, EVP_PKEY_meth_set_signctx,
10 EVP_PKEY_meth_set_verifyctx, EVP_PKEY_meth_set_encrypt, EVP_PKEY_meth_set_decrypt,
11 EVP_PKEY_meth_set_derive, EVP_PKEY_meth_set_ctrl,
12 EVP_PKEY_meth_set_digestsign, EVP_PKEY_meth_set_digestverify,
13 EVP_PKEY_meth_set_check,
14 EVP_PKEY_meth_set_public_check, EVP_PKEY_meth_set_param_check,
15 EVP_PKEY_meth_set_digest_custom,
16 EVP_PKEY_meth_get_init, EVP_PKEY_meth_get_copy, EVP_PKEY_meth_get_cleanup,
17 EVP_PKEY_meth_get_paramgen, EVP_PKEY_meth_get_keygen, EVP_PKEY_meth_get_sign,
18 EVP_PKEY_meth_get_verify, EVP_PKEY_meth_get_verify_recover, EVP_PKEY_meth_get_signctx,
19 EVP_PKEY_meth_get_verifyctx, EVP_PKEY_meth_get_encrypt, EVP_PKEY_meth_get_decrypt,
20 EVP_PKEY_meth_get_derive, EVP_PKEY_meth_get_ctrl,
21 EVP_PKEY_meth_get_digestsign, EVP_PKEY_meth_get_digestverify,
22 EVP_PKEY_meth_get_check,
23 EVP_PKEY_meth_get_public_check, EVP_PKEY_meth_get_param_check,
24 EVP_PKEY_meth_get_digest_custom,
26 - manipulating EVP_PKEY_METHOD structure
30 #include <openssl/evp.h>
32 Deprecated since OpenSSL 3.0, can be hidden entirely by defining
33 B<OPENSSL_API_COMPAT> with a suitable version value, see
34 L<openssl_user_macros(7)>:
36 typedef struct evp_pkey_method_st EVP_PKEY_METHOD;
38 EVP_PKEY_METHOD *EVP_PKEY_meth_new(int id, int flags);
39 void EVP_PKEY_meth_free(EVP_PKEY_METHOD *pmeth);
40 void EVP_PKEY_meth_copy(EVP_PKEY_METHOD *dst, const EVP_PKEY_METHOD *src);
41 const EVP_PKEY_METHOD *EVP_PKEY_meth_find(int type);
42 int EVP_PKEY_meth_add0(const EVP_PKEY_METHOD *pmeth);
43 int EVP_PKEY_meth_remove(const EVP_PKEY_METHOD *pmeth);
45 void EVP_PKEY_meth_set_init(EVP_PKEY_METHOD *pmeth,
46 int (*init) (EVP_PKEY_CTX *ctx));
47 void EVP_PKEY_meth_set_copy(EVP_PKEY_METHOD *pmeth,
48 int (*copy) (EVP_PKEY_CTX *dst,
50 void EVP_PKEY_meth_set_cleanup(EVP_PKEY_METHOD *pmeth,
51 void (*cleanup) (EVP_PKEY_CTX *ctx));
52 void EVP_PKEY_meth_set_paramgen(EVP_PKEY_METHOD *pmeth,
53 int (*paramgen_init) (EVP_PKEY_CTX *ctx),
54 int (*paramgen) (EVP_PKEY_CTX *ctx,
56 void EVP_PKEY_meth_set_keygen(EVP_PKEY_METHOD *pmeth,
57 int (*keygen_init) (EVP_PKEY_CTX *ctx),
58 int (*keygen) (EVP_PKEY_CTX *ctx,
60 void EVP_PKEY_meth_set_sign(EVP_PKEY_METHOD *pmeth,
61 int (*sign_init) (EVP_PKEY_CTX *ctx),
62 int (*sign) (EVP_PKEY_CTX *ctx,
63 unsigned char *sig, size_t *siglen,
64 const unsigned char *tbs,
66 void EVP_PKEY_meth_set_verify(EVP_PKEY_METHOD *pmeth,
67 int (*verify_init) (EVP_PKEY_CTX *ctx),
68 int (*verify) (EVP_PKEY_CTX *ctx,
69 const unsigned char *sig,
71 const unsigned char *tbs,
73 void EVP_PKEY_meth_set_verify_recover(EVP_PKEY_METHOD *pmeth,
74 int (*verify_recover_init) (EVP_PKEY_CTX
76 int (*verify_recover) (EVP_PKEY_CTX
84 void EVP_PKEY_meth_set_signctx(EVP_PKEY_METHOD *pmeth,
85 int (*signctx_init) (EVP_PKEY_CTX *ctx,
87 int (*signctx) (EVP_PKEY_CTX *ctx,
91 void EVP_PKEY_meth_set_verifyctx(EVP_PKEY_METHOD *pmeth,
92 int (*verifyctx_init) (EVP_PKEY_CTX *ctx,
94 int (*verifyctx) (EVP_PKEY_CTX *ctx,
95 const unsigned char *sig,
98 void EVP_PKEY_meth_set_encrypt(EVP_PKEY_METHOD *pmeth,
99 int (*encrypt_init) (EVP_PKEY_CTX *ctx),
100 int (*encryptfn) (EVP_PKEY_CTX *ctx,
103 const unsigned char *in,
105 void EVP_PKEY_meth_set_decrypt(EVP_PKEY_METHOD *pmeth,
106 int (*decrypt_init) (EVP_PKEY_CTX *ctx),
107 int (*decrypt) (EVP_PKEY_CTX *ctx,
110 const unsigned char *in,
112 void EVP_PKEY_meth_set_derive(EVP_PKEY_METHOD *pmeth,
113 int (*derive_init) (EVP_PKEY_CTX *ctx),
114 int (*derive) (EVP_PKEY_CTX *ctx,
117 void EVP_PKEY_meth_set_ctrl(EVP_PKEY_METHOD *pmeth,
118 int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
120 int (*ctrl_str) (EVP_PKEY_CTX *ctx,
123 void EVP_PKEY_meth_set_digestsign(EVP_PKEY_METHOD *pmeth,
124 int (*digestsign) (EVP_MD_CTX *ctx,
127 const unsigned char *tbs,
129 void EVP_PKEY_meth_set_digestverify(EVP_PKEY_METHOD *pmeth,
130 int (*digestverify) (EVP_MD_CTX *ctx,
131 const unsigned char *sig,
133 const unsigned char *tbs,
135 void EVP_PKEY_meth_set_check(EVP_PKEY_METHOD *pmeth,
136 int (*check) (EVP_PKEY *pkey));
137 void EVP_PKEY_meth_set_public_check(EVP_PKEY_METHOD *pmeth,
138 int (*check) (EVP_PKEY *pkey));
139 void EVP_PKEY_meth_set_param_check(EVP_PKEY_METHOD *pmeth,
140 int (*check) (EVP_PKEY *pkey));
141 void EVP_PKEY_meth_set_digest_custom(EVP_PKEY_METHOD *pmeth,
142 int (*digest_custom) (EVP_PKEY_CTX *ctx,
145 void EVP_PKEY_meth_get_init(const EVP_PKEY_METHOD *pmeth,
146 int (**pinit) (EVP_PKEY_CTX *ctx));
147 void EVP_PKEY_meth_get_copy(const EVP_PKEY_METHOD *pmeth,
148 int (**pcopy) (EVP_PKEY_CTX *dst,
150 void EVP_PKEY_meth_get_cleanup(const EVP_PKEY_METHOD *pmeth,
151 void (**pcleanup) (EVP_PKEY_CTX *ctx));
152 void EVP_PKEY_meth_get_paramgen(const EVP_PKEY_METHOD *pmeth,
153 int (**pparamgen_init) (EVP_PKEY_CTX *ctx),
154 int (**pparamgen) (EVP_PKEY_CTX *ctx,
156 void EVP_PKEY_meth_get_keygen(const EVP_PKEY_METHOD *pmeth,
157 int (**pkeygen_init) (EVP_PKEY_CTX *ctx),
158 int (**pkeygen) (EVP_PKEY_CTX *ctx,
160 void EVP_PKEY_meth_get_sign(const EVP_PKEY_METHOD *pmeth,
161 int (**psign_init) (EVP_PKEY_CTX *ctx),
162 int (**psign) (EVP_PKEY_CTX *ctx,
163 unsigned char *sig, size_t *siglen,
164 const unsigned char *tbs,
166 void EVP_PKEY_meth_get_verify(const EVP_PKEY_METHOD *pmeth,
167 int (**pverify_init) (EVP_PKEY_CTX *ctx),
168 int (**pverify) (EVP_PKEY_CTX *ctx,
169 const unsigned char *sig,
171 const unsigned char *tbs,
173 void EVP_PKEY_meth_get_verify_recover(const EVP_PKEY_METHOD *pmeth,
174 int (**pverify_recover_init) (EVP_PKEY_CTX
176 int (**pverify_recover) (EVP_PKEY_CTX
184 void EVP_PKEY_meth_get_signctx(const EVP_PKEY_METHOD *pmeth,
185 int (**psignctx_init) (EVP_PKEY_CTX *ctx,
187 int (**psignctx) (EVP_PKEY_CTX *ctx,
191 void EVP_PKEY_meth_get_verifyctx(const EVP_PKEY_METHOD *pmeth,
192 int (**pverifyctx_init) (EVP_PKEY_CTX *ctx,
194 int (**pverifyctx) (EVP_PKEY_CTX *ctx,
195 const unsigned char *sig,
198 void EVP_PKEY_meth_get_encrypt(const EVP_PKEY_METHOD *pmeth,
199 int (**pencrypt_init) (EVP_PKEY_CTX *ctx),
200 int (**pencryptfn) (EVP_PKEY_CTX *ctx,
203 const unsigned char *in,
205 void EVP_PKEY_meth_get_decrypt(const EVP_PKEY_METHOD *pmeth,
206 int (**pdecrypt_init) (EVP_PKEY_CTX *ctx),
207 int (**pdecrypt) (EVP_PKEY_CTX *ctx,
210 const unsigned char *in,
212 void EVP_PKEY_meth_get_derive(const EVP_PKEY_METHOD *pmeth,
213 int (**pderive_init) (EVP_PKEY_CTX *ctx),
214 int (**pderive) (EVP_PKEY_CTX *ctx,
217 void EVP_PKEY_meth_get_ctrl(const EVP_PKEY_METHOD *pmeth,
218 int (**pctrl) (EVP_PKEY_CTX *ctx, int type, int p1,
220 int (**pctrl_str) (EVP_PKEY_CTX *ctx,
223 void EVP_PKEY_meth_get_digestsign(EVP_PKEY_METHOD *pmeth,
224 int (**digestsign) (EVP_MD_CTX *ctx,
227 const unsigned char *tbs,
229 void EVP_PKEY_meth_get_digestverify(EVP_PKEY_METHOD *pmeth,
230 int (**digestverify) (EVP_MD_CTX *ctx,
231 const unsigned char *sig,
233 const unsigned char *tbs,
235 void EVP_PKEY_meth_get_check(const EVP_PKEY_METHOD *pmeth,
236 int (**pcheck) (EVP_PKEY *pkey));
237 void EVP_PKEY_meth_get_public_check(const EVP_PKEY_METHOD *pmeth,
238 int (**pcheck) (EVP_PKEY *pkey));
239 void EVP_PKEY_meth_get_param_check(const EVP_PKEY_METHOD *pmeth,
240 int (**pcheck) (EVP_PKEY *pkey));
241 void EVP_PKEY_meth_get_digest_custom(EVP_PKEY_METHOD *pmeth,
242 int (**pdigest_custom) (EVP_PKEY_CTX *ctx,
247 All of the functions described on this page are deprecated.
248 Applications should instead use the OSSL_PROVIDER APIs.
250 B<EVP_PKEY_METHOD> is a structure which holds a set of methods for a
251 specific public key cryptographic algorithm. Those methods are usually
252 used to perform different jobs, such as generating a key, signing or
253 verifying, encrypting or decrypting, etc.
255 There are two places where the B<EVP_PKEY_METHOD> objects are stored: one
256 is a built-in static array representing the standard methods for different
257 algorithms, and the other one is a stack of user-defined application-specific
258 methods, which can be manipulated by using L<EVP_PKEY_meth_add0(3)>.
260 The B<EVP_PKEY_METHOD> objects are usually referenced by B<EVP_PKEY_CTX>
265 The methods are the underlying implementations of a particular public key
266 algorithm present by the B<EVP_PKEY_CTX> object.
268 int (*init) (EVP_PKEY_CTX *ctx);
269 int (*copy) (EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src);
270 void (*cleanup) (EVP_PKEY_CTX *ctx);
272 The init() method is called to initialize algorithm-specific data when a new
273 B<EVP_PKEY_CTX> is created. As opposed to init(), the cleanup() method is called
274 when an B<EVP_PKEY_CTX> is freed. The copy() method is called when an B<EVP_PKEY_CTX>
275 is being duplicated. Refer to L<EVP_PKEY_CTX_new(3)>, L<EVP_PKEY_CTX_new_id(3)>,
276 L<EVP_PKEY_CTX_free(3)> and L<EVP_PKEY_CTX_dup(3)>.
278 int (*paramgen_init) (EVP_PKEY_CTX *ctx);
279 int (*paramgen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
281 The paramgen_init() and paramgen() methods deal with key parameter generation.
282 They are called by L<EVP_PKEY_paramgen_init(3)> and L<EVP_PKEY_paramgen(3)> to
283 handle the parameter generation process.
285 int (*keygen_init) (EVP_PKEY_CTX *ctx);
286 int (*keygen) (EVP_PKEY_CTX *ctx, EVP_PKEY *pkey);
288 The keygen_init() and keygen() methods are used to generate the actual key for
289 the specified algorithm. They are called by L<EVP_PKEY_keygen_init(3)> and
290 L<EVP_PKEY_keygen(3)>.
292 int (*sign_init) (EVP_PKEY_CTX *ctx);
293 int (*sign) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
294 const unsigned char *tbs, size_t tbslen);
296 The sign_init() and sign() methods are used to generate the signature of a
297 piece of data using a private key. They are called by L<EVP_PKEY_sign_init(3)>
298 and L<EVP_PKEY_sign(3)>.
300 int (*verify_init) (EVP_PKEY_CTX *ctx);
301 int (*verify) (EVP_PKEY_CTX *ctx,
302 const unsigned char *sig, size_t siglen,
303 const unsigned char *tbs, size_t tbslen);
305 The verify_init() and verify() methods are used to verify whether a signature is
306 valid. They are called by L<EVP_PKEY_verify_init(3)> and L<EVP_PKEY_verify(3)>.
308 int (*verify_recover_init) (EVP_PKEY_CTX *ctx);
309 int (*verify_recover) (EVP_PKEY_CTX *ctx,
310 unsigned char *rout, size_t *routlen,
311 const unsigned char *sig, size_t siglen);
313 The verify_recover_init() and verify_recover() methods are used to verify a
314 signature and then recover the digest from the signature (for instance, a
315 signature that was generated by RSA signing algorithm). They are called by
316 L<EVP_PKEY_verify_recover_init(3)> and L<EVP_PKEY_verify_recover(3)>.
318 int (*signctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
319 int (*signctx) (EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,
322 The signctx_init() and signctx() methods are used to sign a digest present by
323 a B<EVP_MD_CTX> object. They are called by the EVP_DigestSign functions. See
324 L<EVP_DigestSignInit(3)> for details.
326 int (*verifyctx_init) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
327 int (*verifyctx) (EVP_PKEY_CTX *ctx, const unsigned char *sig, int siglen,
330 The verifyctx_init() and verifyctx() methods are used to verify a signature
331 against the data in a B<EVP_MD_CTX> object. They are called by the various
332 EVP_DigestVerify functions. See L<EVP_DigestVerifyInit(3)> for details.
334 int (*encrypt_init) (EVP_PKEY_CTX *ctx);
335 int (*encrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
336 const unsigned char *in, size_t inlen);
338 The encrypt_init() and encrypt() methods are used to encrypt a piece of data.
339 They are called by L<EVP_PKEY_encrypt_init(3)> and L<EVP_PKEY_encrypt(3)>.
341 int (*decrypt_init) (EVP_PKEY_CTX *ctx);
342 int (*decrypt) (EVP_PKEY_CTX *ctx, unsigned char *out, size_t *outlen,
343 const unsigned char *in, size_t inlen);
345 The decrypt_init() and decrypt() methods are used to decrypt a piece of data.
346 They are called by L<EVP_PKEY_decrypt_init(3)> and L<EVP_PKEY_decrypt(3)>.
348 int (*derive_init) (EVP_PKEY_CTX *ctx);
349 int (*derive) (EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
351 The derive_init() and derive() methods are used to derive the shared secret
352 from a public key algorithm (for instance, the DH algorithm). They are called by
353 L<EVP_PKEY_derive_init(3)> and L<EVP_PKEY_derive(3)>.
355 int (*ctrl) (EVP_PKEY_CTX *ctx, int type, int p1, void *p2);
356 int (*ctrl_str) (EVP_PKEY_CTX *ctx, const char *type, const char *value);
358 The ctrl() and ctrl_str() methods are used to adjust algorithm-specific
359 settings. See L<EVP_PKEY_CTX_ctrl(3)> and related functions for details.
361 int (*digestsign) (EVP_MD_CTX *ctx, unsigned char *sig, size_t *siglen,
362 const unsigned char *tbs, size_t tbslen);
363 int (*digestverify) (EVP_MD_CTX *ctx, const unsigned char *sig,
364 size_t siglen, const unsigned char *tbs,
367 The digestsign() and digestverify() methods are used to generate or verify
368 a signature in a one-shot mode. They could be called by L<EVP_DigestSign(3)>
369 and L<EVP_DigestVerify(3)>.
371 int (*check) (EVP_PKEY *pkey);
372 int (*public_check) (EVP_PKEY *pkey);
373 int (*param_check) (EVP_PKEY *pkey);
375 The check(), public_check() and param_check() methods are used to validate a
376 key-pair, the public component and parameters respectively for a given B<pkey>.
377 They could be called by L<EVP_PKEY_check(3)>, L<EVP_PKEY_public_check(3)> and
378 L<EVP_PKEY_param_check(3)> respectively.
380 int (*digest_custom) (EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx);
382 The digest_custom() method is used to generate customized digest content before
383 the real message is passed to functions like L<EVP_DigestSignUpdate(3)> or
384 L<EVP_DigestVerifyInit(3)>. This is usually required by some public key
385 signature algorithms like SM2 which requires a hashed prefix to the message to
386 be signed. The digest_custom() function will be called by L<EVP_DigestSignInit(3)>
387 and L<EVP_DigestVerifyInit(3)>.
391 EVP_PKEY_meth_new() creates and returns a new B<EVP_PKEY_METHOD> object,
392 and associates the given B<id> and B<flags>. The following flags are
395 EVP_PKEY_FLAG_AUTOARGLEN
396 EVP_PKEY_FLAG_SIGCTX_CUSTOM
398 If an B<EVP_PKEY_METHOD> is set with the B<EVP_PKEY_FLAG_AUTOARGLEN> flag, the
399 maximum size of the output buffer will be automatically calculated or checked
400 in corresponding EVP methods by the EVP framework. Thus the implementations of
401 these methods don't need to care about handling the case of returning output
402 buffer size by themselves. For details on the output buffer size, refer to
405 The B<EVP_PKEY_FLAG_SIGCTX_CUSTOM> is used to indicate the signctx() method
406 of an B<EVP_PKEY_METHOD> is always called by the EVP framework while doing a
407 digest signing operation by calling L<EVP_DigestSignFinal(3)>.
409 EVP_PKEY_meth_free() frees an existing B<EVP_PKEY_METHOD> pointed by
412 EVP_PKEY_meth_copy() copies an B<EVP_PKEY_METHOD> object from B<src>
415 EVP_PKEY_meth_find() finds an B<EVP_PKEY_METHOD> object with the B<id>.
416 This function first searches through the user-defined method objects and
417 then the built-in objects.
419 EVP_PKEY_meth_add0() adds B<pmeth> to the user defined stack of methods.
421 EVP_PKEY_meth_remove() removes an B<EVP_PKEY_METHOD> object added by
422 EVP_PKEY_meth_add0().
424 The EVP_PKEY_meth_set functions set the corresponding fields of
425 B<EVP_PKEY_METHOD> structure with the arguments passed.
427 The EVP_PKEY_meth_get functions get the corresponding fields of
428 B<EVP_PKEY_METHOD> structure to the arguments provided.
432 EVP_PKEY_meth_new() returns a pointer to a new B<EVP_PKEY_METHOD>
433 object or returns NULL on error.
435 EVP_PKEY_meth_free() and EVP_PKEY_meth_copy() do not return values.
437 EVP_PKEY_meth_find() returns a pointer to the found B<EVP_PKEY_METHOD>
438 object or returns NULL if not found.
440 EVP_PKEY_meth_add0() returns 1 if method is added successfully or 0
441 if an error occurred.
443 EVP_PKEY_meth_remove() returns 1 if method is removed successfully or
444 0 if an error occurred.
446 All EVP_PKEY_meth_set and EVP_PKEY_meth_get functions have no return
447 values. For the 'get' functions, function pointers are returned by
452 All of these functions were deprecated in OpenSSL 3.0.
456 Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
458 Licensed under the Apache License 2.0 (the "License"). You may not use
459 this file except in compliance with the License. You can obtain a copy
460 in the file LICENSE in the source distribution or at
461 L<https://www.openssl.org/source/license.html>.