Scroll to navigation

EVP_PKEY_ASN1_NEW(3) Library Functions Manual EVP_PKEY_ASN1_NEW(3)

NAME

EVP_PKEY_asn1_new, EVP_PKEY_asn1_copy, EVP_PKEY_asn1_free, EVP_PKEY_asn1_set_public, EVP_PKEY_asn1_set_private, EVP_PKEY_asn1_set_param, EVP_PKEY_asn1_set_free, EVP_PKEY_asn1_set_ctrl, EVP_PKEY_asn1_set_check, EVP_PKEY_asn1_set_public_check, EVP_PKEY_asn1_set_param_check, EVP_PKEY_asn1_set_security_bitsmanipulating and registering an EVP_PKEY_ASN1_METHOD structure

SYNOPSIS

#include <openssl/evp.h>

EVP_PKEY_ASN1_METHOD *
EVP_PKEY_asn1_new(int id, int flags, const char *pem_str, const char *info);

void
EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst, const EVP_PKEY_ASN1_METHOD *src);

void
EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth);

void
EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth, int (*pub_decode)(EVP_PKEY *pk, X509_PUBKEY *pub), int (*pub_encode)(X509_PUBKEY *pub, const EVP_PKEY *pk), int (*pub_cmp)(const EVP_PKEY *a, const EVP_PKEY *b), int (*pub_print)(BIO *out, const EVP_PKEY *pkey, int indent, ASN1_PCTX *pctx), int (*pkey_size)(const EVP_PKEY *pk), int (*pkey_bits)(const EVP_PKEY *pk));

void
EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth, int (*priv_decode)(EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf), int (*priv_encode)(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk), int (*priv_print)(BIO *out, const EVP_PKEY *pkey, int indent, ASN1_PCTX *pctx));

void
EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth, int (*param_decode)(EVP_PKEY *pkey, const unsigned char **pder, int derlen), int (*param_encode)(const EVP_PKEY *pkey, unsigned char **pder), int (*param_missing)(const EVP_PKEY *pk), int (*param_copy)(EVP_PKEY *to, const EVP_PKEY *from), int (*param_cmp)(const EVP_PKEY *a, const EVP_PKEY *b), int (*param_print)(BIO *out, const EVP_PKEY *pkey, int indent, ASN1_PCTX *pctx));

void
EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth, void (*pkey_free)(EVP_PKEY *pkey));

void
EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth, int (*pkey_ctrl)(EVP_PKEY *pkey, int op, long arg1, void *arg2));

void
EVP_PKEY_asn1_set_check(EVP_PKEY_ASN1_METHOD *ameth, int (*pkey_check)(const EVP_PKEY *pk));

void
EVP_PKEY_asn1_set_public_check(EVP_PKEY_ASN1_METHOD *ameth, int (*pkey_public_check)(const EVP_PKEY *pk));

void
EVP_PKEY_asn1_set_param_check(EVP_PKEY_ASN1_METHOD *ameth, int (*pkey_param_check)(const EVP_PKEY *pk));

void
EVP_PKEY_asn1_set_security_bits(EVP_PKEY_ASN1_METHOD *ameth, int (*pkey_security_bits)(const EVP_PKEY *pkey));

DESCRIPTION

EVP_PKEY_ASN1_METHOD is a structure which holds a set of ASN.1 conversion, printing and information methods for a specific public key algorithm.

The built-in EVP_PKEY_ASN1_METHOD objects are stored in a table containing the standard methods for different algorithms.

Methods

The methods are the underlying implementations of a particular public key algorithm present by the EVP_PKEY object.

int (*pub_decode)(EVP_PKEY *pk, X509_PUBKEY *pub)
int (*pub_encode)(X509_PUBKEY *pub, const EVP_PKEY *pk)

Decode and encode X509_PUBKEY ASN.1 parameters to and from pk. These methods must return 0 on error and 1 on success. They are called by X509_PUBKEY_get(3) and X509_PUBKEY_set(3).

int (*pub_cmp)(const EVP_PKEY *a, const EVP_PKEY *b)

Compare two public keys. This method must return 1 when the keys are equal and 0 otherwise. It is called by EVP_PKEY_cmp(3).

int (*pub_print)(BIO *out, const EVP_PKEY *pkey, int indent, ASN1_PCTX *pctx);

Print a public key in humanly readable text to out, indented indent spaces. This method must return 0 on error and 1 on success. It is called by EVP_PKEY_print_public(3).

int (*priv_decode)(EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf)
int (*priv_encode)(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk)

Decode and encode PKCS8_PRIV_KEY_INFO form private key to and from pk. These methods must return 0 on error, 1 on success. They are called by EVP_PKCS82PKEY(3) and EVP_PKEY2PKCS8(3).

int (*priv_print)(BIO *out, const EVP_PKEY *pkey, int indent, ASN1_PCTX *pctx);

Print a private key in humanly readable text to out, indented indent spaces. This method must return 0 on error and 1 on success. It is called by EVP_PKEY_print_private(3).

int (*pkey_size)(const EVP_PKEY *pk)

Returns the key size in bytes. This method is called by EVP_PKEY_size(3).

int (*pkey_bits)(const EVP_PKEY *pk)

Returns the key size in bits. This method is called by EVP_PKEY_bits(3).

int (*param_decode)(EVP_PKEY *pkey, const unsigned char **pder, int derlen);
int (*param_encode)(const EVP_PKEY *pkey, unsigned char **pder);

Decode and encode DER formatted parameters to and from pk. These methods must return 0 on error and 1 on success. They are called by ().

int (*param_missing)(const EVP_PKEY *pk)

Return 0 if a key parameter is missing or 1 otherwise. This method is called by EVP_PKEY_missing_parameters(3).

int (*param_copy)(EVP_PKEY *to, const EVP_PKEY *from)

Copy key parameters from from to to. This method must return 0 on error and 1 on success. It is called by EVP_PKEY_copy_parameters(3).

int (*param_cmp)(const EVP_PKEY *a, const EVP_PKEY *b)

Compare the parameters of the keys a and b. This method must return 1 when the keys are equal, 0 when not equal, and a negative number on error. It is called by EVP_PKEY_cmp_parameters(3).

int (*param_print)(BIO *out, const EVP_PKEY *pkey, int indent, ASN1_PCTX *pctx);

Print the private key parameters in humanly readable text to out, indented indent spaces. This method must return 0 on error and 1 on success. It is called by EVP_PKEY_print_params(3).

void (*pkey_free)(EVP_PKEY *pkey)

Free the internals of pkey. This method is called by EVP_PKEY_free(3), EVP_PKEY_set_type(3), EVP_PKEY_set_type_str(3), and EVP_PKEY_assign(3).

int (*pkey_ctrl)(EVP_PKEY *pkey, int op, long arg1, void *arg2);

Add extra algorithm specific control.

If the op argument is ASN1_PKEY_CTRL_DEFAULT_MD_NID, the pkey_ctrl method is supposed to write the message digest NID for public key signature operations with the given pkey to *arg2 as documented in the EVP_PKEY_get_default_digest_nid(3) manual page.

The pkey_ctrl method is also called by (), (), and other functions.

int (*pkey_check)(const EVP_PKEY *pk)
int (*pkey_public_check)(const EVP_PKEY *pk)
int (*pkey_param_check)(const EVP_PKEY *pk)

Check the validity of pk for key-pair, public component, and parameters, respectively. These methods must return 0 for an invalid key or 1 for a valid key. They are called by EVP_PKEY_check(3), EVP_PKEY_public_check(3), and EVP_PKEY_param_check(3), respectively.

int (*pkey_security_bits)(const EVP_PKEY *pkey)

Return the security strength measured in bits of pkey. It is called by EVP_PKEY_security_bits(3).

Functions

() creates and returns a new EVP_PKEY_ASN1_METHOD object, marks it as dynamically allocated, and associates the given id, flags, pem_str and info. id is a NID, pem_str is the PEM type string, info is a descriptive string. If ASN1_PKEY_SIGPARAM_NULL is set in flags, the signature algorithm parameters are given the type V_ASN1_NULL by default, otherwise they will be given the type V_ASN1_UNDEF (i.e. the parameter is omitted). See X509_ALGOR_set0(3) for more information.

() copies all function pointers from src to dst. The data in dst that can be set with EVP_PKEY_asn1_new() — NIDs, flags, and strings — remains unchanged. This function is not thread safe, it is recommended to only use this when initializing the application.

() frees the dynamically allocated ameth including all memory it refers to. If ameth is NULL of not marked as dynamically allocated, no action occurs.

(), (), (), (), (), (), (), (), and () set the diverse methods of the given EVP_PKEY_ASN1_METHOD object.

RETURN VALUES

EVP_PKEY_asn1_new() returns a pointer to the new EVP_PKEY_ASN1_METHOD object or NULL if memory allocation fails.

SEE ALSO

EVP_PKEY_asn1_get_count(3), EVP_PKEY_new(3), X509_PUBKEY_new(3)

HISTORY

EVP_PKEY_asn1_new(), EVP_PKEY_asn1_copy(), EVP_PKEY_asn1_free(), EVP_PKEY_asn1_set_public(), EVP_PKEY_asn1_set_private(), EVP_PKEY_asn1_set_param(), EVP_PKEY_asn1_set_free(), and EVP_PKEY_asn1_set_ctrl() first appeared in OpenSSL 1.0.0 and have been available since OpenBSD 4.9.

EVP_PKEY_asn1_set_check(), EVP_PKEY_asn1_set_public_check(), and EVP_PKEY_asn1_set_param_check() first appeared in OpenSSL 1.1.1 and have been available since OpenBSD 7.1.

EVP_PKEY_asn1_set_security_bits() first appeared in OpenSSL 1.1.0 and has been available since OpenBSD 7.2.

December 21, 2023 Linux 6.4.0-150600.23.25-default