Methods
The methods are the underlying implementations of a particular public key algorithm present by the EVP_PKEY object.
int (*pub_decode) (EVP_PKEY *pk, X509_PUBKEY *pub);
int (*pub_encode) (X509_PUBKEY *pub, const EVP_PKEY *pk);
int (*pub_cmp) (const EVP_PKEY *a, const EVP_PKEY *b);
int (*pub_print) (BIO *out, const EVP_PKEY *pkey, int indent,
ASN1_PCTX *pctx);
The pub_decode() and pub_encode() methods are called to decode / encode X509_PUBKEY ASN.1 parameters to / from pk. They MUST return 0 on error, 1 on success. They're called by X509_PUBKEY_set(3).
The pub_cmp() method is called when two public keys are to be compared. It MUST return 1 when the keys are equal, 0 otherwise. It's called by EVP_PKEY_print_public(3).
int (*priv_decode) (EVP_PKEY *pk, const PKCS8_PRIV_KEY_INFO *p8inf);
int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk);
int (*priv_print) (BIO *out, const EVP_PKEY *pkey, int indent,
ASN1_PCTX *pctx);
The priv_decode() and priv_encode() methods are called to decode / encode PKCS8_PRIV_KEY_INFO form private key to / from pk. They MUST return 0 on error, 1 on success. They're called by EVP_PKEY2PKCS8(3).
The priv_print() method is called to print a private key in humanly readable text to out, indented indent spaces. It MUST return 0 on error, 1 on success. It's called by EVP_PKEY_size(3).
The pkey_bits() method returns the key size in bits. It's called by PEM_read_bio_Parameters(3) and the file: EVP_PKEY_missing_parameters(3).
The param_copy() method copies key parameters from from to to. It MUST return 0 on error, 1 on success. It's called by EVP_PKEY_cmp_parameters(3).
The param_print() method prints the private key parameters in humanly readable text to out, indented indent spaces. It MUST return 0 on error, 1 on success. It's called by X509_signature_print(3).
void (*pkey_free) (EVP_PKEY *pkey);
The pkey_free() method helps freeing the internals of pkey. It's called by EVP_PKEY_set_type(3), EVP_PKEY_assign(3).
int (*pkey_ctrl) (EVP_PKEY *pkey, int op, long arg1, void *arg2);
The pkey_ctrl() method adds extra algorithm specific control. It's called by EVP_PKEY_set1_tls_encodedpoint(3), PKCS7_SIGNER_INFO_set(3), d2i_PrivateKey(3) and <=0
error
1
item_sign() did everything, OpenSSL internals just needs to pass the signature length back.
2
item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.
3
item_sign() set the algorithm identifier algor1 and algor2, OpenSSL internals should just sign using those algorithms.
item_verify() MUST return one of:
- <=0
-
error
- 1
-
item_sign() did everything, OpenSSL internals just needs to pass the signature length back.
- 2
-
item_sign() did nothing, OpenSSL internal standard routines are expected to continue with the default signature production.
item_verify() and item_sign() are called by ASN1_item_sign(3), and by extension, X509_REQ_verify(3), X509_REQ_sign(3), ...
Functions
EVP_PKEY_asn1_new() creates and returns a new EVP_PKEY_ASN1_METHOD object, and associates the given id, flags, pem_str and info. id is a NID, pem_str is the PEM type string, info is a descriptive string. The following flags are supported:
ASN1_PKEY_SIGPARAM_NULL
If ASN1_PKEY_SIGPARAM_NULL is set, then the signature algorithm parameters are given the type V_ASN1_NULL by default, otherwise they will be given the type V_ASN1_UNDEF (i.e. the parameter is omitted). See RETURN VALUES
EVP_PKEY_asn1_new() returns NULL on error, or a pointer to an EVP_PKEY_ASN1_METHOD object otherwise.
EVP_PKEY_asn1_add0() and EVP_PKEY_asn1_add_alias() return 0 on error, or 1 on success.
EVP_PKEY_get0_asn1() returns NULL on error, or a pointer to a constant EVP_PKEY_ASN1_METHOD object otherwise.
COPYRIGHT
Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at https://www.openssl.org/source/license.html.