5 EVP_PKEY_set1_RSA, EVP_PKEY_set1_DSA, EVP_PKEY_set1_DH, EVP_PKEY_set1_EC_KEY,
6 EVP_PKEY_get1_RSA, EVP_PKEY_get1_DSA, EVP_PKEY_get1_DH, EVP_PKEY_get1_EC_KEY,
7 EVP_PKEY_get0_RSA, EVP_PKEY_get0_DSA, EVP_PKEY_get0_DH, EVP_PKEY_get0_EC_KEY,
8 EVP_PKEY_assign_RSA, EVP_PKEY_assign_DSA, EVP_PKEY_assign_DH,
9 EVP_PKEY_assign_EC_KEY, EVP_PKEY_assign_POLY1305, EVP_PKEY_assign_SIPHASH,
10 EVP_PKEY_get0_hmac, EVP_PKEY_get0_poly1305, EVP_PKEY_get0_siphash,
11 EVP_PKEY_type, EVP_PKEY_id, EVP_PKEY_base_id, EVP_PKEY_set_alias_type,
12 EVP_PKEY_set1_engine, EVP_PKEY_get0_engine - EVP_PKEY assignment functions
16 #include <openssl/evp.h>
18 int EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key);
19 int EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key);
20 int EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key);
21 int EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
23 RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey);
24 DSA *EVP_PKEY_get1_DSA(EVP_PKEY *pkey);
25 DH *EVP_PKEY_get1_DH(EVP_PKEY *pkey);
26 EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);
28 const unsigned char *EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len);
29 const unsigned char *EVP_PKEY_get0_poly1305(const EVP_PKEY *pkey, size_t *len);
30 const unsigned char *EVP_PKEY_get0_siphash(const EVP_PKEY *pkey, size_t *len);
31 RSA *EVP_PKEY_get0_RSA(const EVP_PKEY *pkey);
32 DSA *EVP_PKEY_get0_DSA(const EVP_PKEY *pkey);
33 DH *EVP_PKEY_get0_DH(const EVP_PKEY *pkey);
34 EC_KEY *EVP_PKEY_get0_EC_KEY(const EVP_PKEY *pkey);
36 int EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key);
37 int EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *key);
38 int EVP_PKEY_assign_DH(EVP_PKEY *pkey, DH *key);
39 int EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);
40 int EVP_PKEY_assign_POLY1305(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
41 int EVP_PKEY_assign_SIPHASH(EVP_PKEY *pkey, ASN1_OCTET_STRING *key);
43 int EVP_PKEY_id(const EVP_PKEY *pkey);
44 int EVP_PKEY_base_id(const EVP_PKEY *pkey);
45 int EVP_PKEY_type(int type);
46 int EVP_PKEY_set_alias_type(EVP_PKEY *pkey, int type);
48 ENGINE *EVP_PKEY_get0_engine(const EVP_PKEY *pkey);
49 int EVP_PKEY_set1_engine(EVP_PKEY *pkey, ENGINE *engine);
53 EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and
54 EVP_PKEY_set1_EC_KEY() set the key referenced by B<pkey> to B<key>.
56 EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and
57 EVP_PKEY_get1_EC_KEY() return the referenced key in B<pkey> or
58 B<NULL> if the key is not of the correct type.
60 EVP_PKEY_get0_hmac(), EVP_PKEY_get0_poly1305(), EVP_PKEY_get0_siphash(),
61 EVP_PKEY_get0_RSA(), EVP_PKEY_get0_DSA(), EVP_PKEY_get0_DH()
62 and EVP_PKEY_get0_EC_KEY() also return the referenced key in B<pkey> or B<NULL>
63 if the key is not of the correct type but the reference count of the
64 returned key is B<not> incremented and so must not be freed up after use.
66 EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(),
67 EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305() and
68 EVP_PKEY_assign_SIPHASH() also set the referenced key to B<key>
69 however these use the supplied B<key> internally and so B<key>
70 will be freed when the parent B<pkey> is freed.
72 EVP_PKEY_base_id() returns the type of B<pkey>. For example
73 an RSA key will return B<EVP_PKEY_RSA>.
75 EVP_PKEY_id() returns the actual OID associated with B<pkey>. Historically keys
76 using the same algorithm could use different OIDs. For example an RSA key could
77 use the OIDs corresponding to the NIDs B<NID_rsaEncryption> (equivalent to
78 B<EVP_PKEY_RSA>) or B<NID_rsa> (equivalent to B<EVP_PKEY_RSA2>). The use of
79 alternative non-standard OIDs is now rare so B<EVP_PKEY_RSA2> et al are not
80 often seen in practice.
82 EVP_PKEY_type() returns the underlying type of the NID B<type>. For example
83 EVP_PKEY_type(EVP_PKEY_RSA2) will return B<EVP_PKEY_RSA>.
85 EVP_PKEY_get0_engine() returns a reference to the ENGINE handling B<pkey>.
87 EVP_PKEY_set1_engine() sets the ENGINE handling B<pkey> to B<engine>. It
88 must be called after the key algorithm and components are set up.
89 If B<engine> does not include an B<EVP_PKEY_METHOD> for B<pkey> an
92 EVP_PKEY_set_alias_type() allows modifying a EVP_PKEY to use a
93 different set of algorithms than the default. This is currently used
94 to support SM2 keys, which use an identical encoding to ECDSA.
98 In accordance with the OpenSSL naming convention the key obtained
99 from or assigned to the B<pkey> using the B<1> functions must be
100 freed as well as B<pkey>.
102 EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(),
103 EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305()
104 and EVP_PKEY_assign_SIPHASH() are implemented as macros.
106 Most applications wishing to know a key type will simply call
107 EVP_PKEY_base_id() and will not care about the actual type:
108 which will be identical in almost all cases.
110 Previous versions of this document suggested using EVP_PKEY_type(pkey->type)
111 to determine the type of a key. Since B<EVP_PKEY> is now opaque this
112 is no longer possible: the equivalent is EVP_PKEY_base_id(pkey).
114 EVP_PKEY_set1_engine() is typically used by an ENGINE returning an HSM
115 key as part of its routine to load a private key.
119 EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH() and
120 EVP_PKEY_set1_EC_KEY() return 1 for success or 0 for failure.
122 EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH() and
123 EVP_PKEY_get1_EC_KEY() return the referenced key or B<NULL> if
126 EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(),
127 EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_POLY1305()
128 and EVP_PKEY_assign_SIPHASH() return 1 for success and 0 for failure.
130 EVP_PKEY_base_id(), EVP_PKEY_id() and EVP_PKEY_type() return a key
131 type or B<NID_undef> (equivalently B<EVP_PKEY_NONE>) on error.
133 EVP_PKEY_set1_engine() returns 1 for success and 0 for failure.
135 EVP_PKEY_set_alias_type() returns 1 for success and 0 for error.
139 After loading an ECC key, it is possible to convert it to using SM2
140 algorithms with EVP_PKEY_set_alias_type:
142 EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2);
150 Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved.
152 Licensed under the Apache License 2.0 (the "License"). You may not use
153 this file except in compliance with the License. You can obtain a copy
154 in the file LICENSE in the source distribution or at
155 L<https://www.openssl.org/source/license.html>.