current nightly

Sortix nightly manual

This manual documents Sortix nightly, a development build that has not been officially released. You can instead view this document in the latest official manual.

EVP_PKEY_SET1_RSA(3)

Library Functions Manual

EVP_PKEY_SET1_RSA(3)

NAME

EVP_PKEY_set1_RSA, EVP_PKEY_set1_DSA, EVP_PKEY_set1_DH, EVP_PKEY_set1_EC_KEY, EVP_PKEY_get1_RSA, EVP_PKEY_get1_DSA, EVP_PKEY_get1_DH, EVP_PKEY_get1_EC_KEY, EVP_PKEY_get0_RSA, EVP_PKEY_get0_DSA, EVP_PKEY_get0_DH, EVP_PKEY_get0_EC_KEY, EVP_PKEY_get0_hmac, EVP_PKEY_get0, EVP_PKEY_assign_RSA, EVP_PKEY_assign_DSA, EVP_PKEY_assign_DH, EVP_PKEY_assign_EC_KEY, EVP_PKEY_assign_GOST, EVP_PKEY_assign, EVP_PKEY_base_id, EVP_PKEY_id, EVP_PKEY_type, EVP_PKEY_set_type —

EVP_PKEY assignment functions

SYNOPSIS

#include
  <openssl/evp.h>

int
EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key);

int
EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key);

int
EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key);

int
EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);

RSA *
EVP_PKEY_get1_RSA(EVP_PKEY *pkey);

DSA *
EVP_PKEY_get1_DSA(EVP_PKEY *pkey);

DH *
EVP_PKEY_get1_DH(EVP_PKEY *pkey);

EC_KEY *
EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);

RSA *
EVP_PKEY_get0_RSA(EVP_PKEY *pkey);

DSA *
EVP_PKEY_get0_DSA(EVP_PKEY *pkey);

DH *
EVP_PKEY_get0_DH(EVP_PKEY *pkey);

EC_KEY *
EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey);

const unsigned char *
EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len);

void *
EVP_PKEY_get0(const EVP_PKEY *pkey);

int
EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key);

int
EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *key);

int
EVP_PKEY_assign_DH(EVP_PKEY *pkey, DH *key);

int
EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);

int
EVP_PKEY_assign_GOST(EVP_PKEY *pkey, GOST_KEY *key);

int
EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key);

int
EVP_PKEY_base_id(EVP_PKEY *pkey);

int
EVP_PKEY_id(EVP_PKEY *pkey);

int
EVP_PKEY_type(int type);

int
EVP_PKEY_set_type(EVP_PKEY *pkey, int type);

DESCRIPTION

EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH(), and EVP_PKEY_set1_EC_KEY() set the key referenced by pkey to key and increment the reference count of key by 1 in case of success.

EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH(), and EVP_PKEY_get1_EC_KEY() return the key referenced in pkey, incrementing its reference count by 1, or NULL if the key is not of the correct type.

EVP_PKEY_get0_RSA(), EVP_PKEY_get0_DSA(), EVP_PKEY_get0_DH(), EVP_PKEY_get0_EC_KEY(), and EVP_PKEY_get0() are identical except that they do not increment the reference count. Consequently, the returned key must not be freed by the caller.

EVP_PKEY_get0_hmac() returns an internal pointer to the key referenced in pkey and sets *len to its length in bytes. The returned pointer must not be freed by the caller. If pkey is not of the correct type, NULL is returned and the content of *len becomes unspecified.

EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_GOST(), and EVP_PKEY_assign() also set the referenced key to key; however these use the supplied key internally without incrementing its reference count, such that key will be freed when the parent pkey is freed. If the key is of the wrong type, these functions report success even though pkey ends up in a corrupted state. Even the functions explicitly containing the type in their name are not type safe because they are implemented as macros. The following types are supported: EVP_PKEY_RSA, EVP_PKEY_DSA, EVP_PKEY_DH, EVP_PKEY_EC, and EVP_PKEY_GOSTR01.

EVP_PKEY_base_id() returns the type of pkey according to the following table:

return value		PEM type string
`EVP_PKEY_CMAC`	= `NID_cmac`	CMAC
`EVP_PKEY_DH`	= `NID_dhKeyAgreement`	DH
`EVP_PKEY_DSA`	= `NID_dsa`	DSA
`EVP_PKEY_EC`	= `NID_X9_62_id_ecPublicKey`	EC
`EVP_PKEY_GOSTIMIT`	= `NID_id_Gost28147_89_MAC`	GOST-MAC
`EVP_PKEY_GOSTR01`	= `NID_id_GostR3410_2001`	GOST2001
`EVP_PKEY_HMAC`	= `NID_hmac`	HMAC
`EVP_PKEY_RSA`	= `NID_rsaEncryption`	RSA
`EVP_PKEY_RSA_PSS`	= `NID_rsassaPss`	RSA-PSS

Application programs can support additional key types by calling EVP_PKEY_asn1_add0(3).

EVP_PKEY_id() returns the actual OID associated with pkey. Historically keys using the same algorithm could use different OIDs. The following deprecated aliases are still supported:

return value		alias for
`EVP_PKEY_DSA1`	= `NID_dsa_2`	DSA
`EVP_PKEY_DSA2`	= `NID_dsaWithSHA`	DSA
`EVP_PKEY_DSA3`	= `NID_dsaWithSHA1`	DSA
`EVP_PKEY_DSA4`	= `NID_dsaWithSHA1_2`	DSA
`EVP_PKEY_GOSTR12_256`	= `NID_id_tc26_gost3410_2012_256`	GOST2001
`EVP_PKEY_GOSTR12_512`	= `NID_id_tc26_gost3410_2012_512`	GOST2001
`EVP_PKEY_RSA2`	= `NID_rsa`	RSA

Application programs can support additional alternative OIDs by calling EVP_PKEY_asn1_add_alias(3).

Most applications wishing to know a key type will simply call EVP_PKEY_base_id() and will not care about the actual type, which will be identical in almost all cases.

EVP_PKEY_type() returns the underlying type of the NID type. For example, EVP_PKEY_type(EVP_PKEY_RSA2) will return EVP_PKEY_RSA.

EVP_PKEY_set_type() frees the key referenced in pkey, if any, and sets the key type of pkey to type without referencing a new key from pkey yet. For type, any of the possible return values of EVP_PKEY_base_id() and EVP_PKEY_id() can be passed.

In accordance with the OpenSSL naming convention, the key obtained from or assigned to pkey using the 1 functions must be freed as well as pkey.

RETURN VALUES

EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH(), EVP_PKEY_set1_EC_KEY(), EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_GOST(), EVP_PKEY_assign(), and EVP_PKEY_set_type() return 1 for success or 0 for failure.

EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH(), EVP_PKEY_get1_EC_KEY(), EVP_PKEY_get0_RSA(), EVP_PKEY_get0_DSA(), EVP_PKEY_get0_DH(), EVP_PKEY_get0_EC_KEY(), EVP_PKEY_get0_hmac(), and EVP_PKEY_get0() return the referenced key or NULL if an error occurred. For EVP_PKEY_get0(), the return value points to an RSA, DSA, DH, EC_KEY, GOST_KEY, or ASN1_OCTET_STRING object depending on the type of pkey.

EVP_PKEY_base_id(), EVP_PKEY_id(), and EVP_PKEY_type() return a key type or NID_undef (equivalently EVP_PKEY_NONE) on error.

HISTORY

EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign(), and EVP_PKEY_type() first appeared in SSLeay 0.8.0 and have been available since OpenBSD 2.4.

EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH(), EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), and EVP_PKEY_get1_DH() first appeared in OpenSSL 0.9.5 and have been available since OpenBSD 2.7.

EVP_PKEY_set1_EC_KEY(), EVP_PKEY_get1_EC_KEY(), and EVP_PKEY_assign_EC_KEY() first appeared in OpenSSL 0.9.8 and have been available since OpenBSD 4.5.

EVP_PKEY_get0(), EVP_PKEY_set_type(), EVP_PKEY_base_id(), and EVP_PKEY_id() first appeared in OpenSSL 1.0.0 and have been available since OpenBSD 4.9.

EVP_PKEY_assign_GOST() first appeared in OpenBSD 5.7.

EVP_PKEY_get0_RSA(), EVP_PKEY_get0_DSA(), EVP_PKEY_get0_DH(), and EVP_PKEY_get0_EC_KEY() first appeared in OpenSSL 1.1.0 and have been available since OpenBSD 6.3.

EVP_PKEY_get0_hmac() first appeared in OpenSSL 1.1.0 and has been available since OpenBSD 6.5.

July 2, 2021

Debian