From: schwarze Date: Thu, 15 Feb 2018 14:52:16 +0000 (+0000) Subject: Import the new manual page EVP_PKEY_meth_new(3) from OpenSSL, X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=dd30bed9f4eeb566931989ba0d02d6a28c10219a;p=openbsd Import the new manual page EVP_PKEY_meth_new(3) from OpenSSL, removing parts that don't apply to OpenBSD. --- diff --git a/lib/libcrypto/man/EVP_DigestSignInit.3 b/lib/libcrypto/man/EVP_DigestSignInit.3 index 26a56cad2b3..7665b215124 100644 --- a/lib/libcrypto/man/EVP_DigestSignInit.3 +++ b/lib/libcrypto/man/EVP_DigestSignInit.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: EVP_DigestSignInit.3,v 1.3 2016/11/26 17:38:55 schwarze Exp $ +.\" $OpenBSD: EVP_DigestSignInit.3,v 1.4 2018/02/15 14:52:16 schwarze Exp $ .\" OpenSSL 9b86974e Aug 17 15:21:33 2015 -0400 .\" .\" This file was written by Dr. Stephen Henson . @@ -49,7 +49,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: November 26 2016 $ +.Dd $Mdocdate: February 15 2018 $ .Dt EVP_DIGESTSIGNINIT 3 .Os .Sh NAME @@ -194,7 +194,8 @@ The error codes can be obtained from .Xr ERR 3 , .Xr evp 3 , .Xr EVP_DigestInit 3 , -.Xr EVP_DigestVerifyInit 3 +.Xr EVP_DigestVerifyInit 3 , +.Xr EVP_PKEY_meth_set_signctx 3 .Sh HISTORY .Fn EVP_DigestSignInit , .Fn EVP_DigestSignUpdate , diff --git a/lib/libcrypto/man/EVP_DigestVerifyInit.3 b/lib/libcrypto/man/EVP_DigestVerifyInit.3 index e92b21fd4eb..b4b4e4d9743 100644 --- a/lib/libcrypto/man/EVP_DigestVerifyInit.3 +++ b/lib/libcrypto/man/EVP_DigestVerifyInit.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: EVP_DigestVerifyInit.3,v 1.3 2016/11/26 17:40:58 schwarze Exp $ +.\" $OpenBSD: EVP_DigestVerifyInit.3,v 1.4 2018/02/15 14:52:16 schwarze Exp $ .\" OpenSSL fb552ac6 Sep 30 23:43:01 2009 +0000 .\" .\" This file was written by Dr. Stephen Henson . @@ -49,7 +49,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: November 26 2016 $ +.Dd $Mdocdate: February 15 2018 $ .Dt EVP_DIGESTVERIFYINIT 3 .Os .Sh NAME @@ -175,7 +175,8 @@ The error codes can be obtained from .Xr ERR 3 , .Xr evp 3 , .Xr EVP_DigestInit 3 , -.Xr EVP_DigestSignInit 3 +.Xr EVP_DigestSignInit 3 , +.Xr EVP_PKEY_meth_set_verifyctx 3 .Sh HISTORY .Fn EVP_DigestVerifyInit , .Fn EVP_DigestVerifyUpdate , diff --git a/lib/libcrypto/man/EVP_PKEY_CTX_ctrl.3 b/lib/libcrypto/man/EVP_PKEY_CTX_ctrl.3 index b65ea0d5d3e..880cff4e0e5 100644 --- a/lib/libcrypto/man/EVP_PKEY_CTX_ctrl.3 +++ b/lib/libcrypto/man/EVP_PKEY_CTX_ctrl.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: EVP_PKEY_CTX_ctrl.3,v 1.8 2017/08/28 17:41:59 jsing Exp $ +.\" $OpenBSD: EVP_PKEY_CTX_ctrl.3,v 1.9 2018/02/15 14:52:16 schwarze Exp $ .\" OpenSSL EVP_PKEY_CTX_ctrl.pod 1722496f Jun 8 15:18:38 2017 -0400 .\" OpenSSL EVP_PKEY_CTX_ctrl.pod e03af178 Dec 11 17:05:57 2014 -0500 .\" @@ -50,7 +50,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: August 28 2017 $ +.Dd $Mdocdate: February 15 2018 $ .Dt EVP_PKEY_CTX_CTRL 3 .Os .Sh NAME @@ -284,6 +284,7 @@ supported by the public key algorithm. .Xr EVP_PKEY_encrypt 3 , .Xr EVP_PKEY_get_default_digest_nid 3 , .Xr EVP_PKEY_keygen 3 , +.Xr EVP_PKEY_meth_set_ctrl 3 , .Xr EVP_PKEY_sign 3 , .Xr EVP_PKEY_verify 3 , .Xr EVP_PKEY_verify_recover 3 diff --git a/lib/libcrypto/man/EVP_PKEY_CTX_new.3 b/lib/libcrypto/man/EVP_PKEY_CTX_new.3 index 72c0e36d5e4..5c7a0eca588 100644 --- a/lib/libcrypto/man/EVP_PKEY_CTX_new.3 +++ b/lib/libcrypto/man/EVP_PKEY_CTX_new.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: EVP_PKEY_CTX_new.3,v 1.5 2017/04/10 17:45:06 schwarze Exp $ +.\" $OpenBSD: EVP_PKEY_CTX_new.3,v 1.6 2018/02/15 14:52:16 schwarze Exp $ .\" OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 .\" .\" This file was written by Dr. Stephen Henson . @@ -48,7 +48,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: April 10 2017 $ +.Dd $Mdocdate: February 15 2018 $ .Dt EVP_PKEY_CTX_NEW 3 .Os .Sh NAME @@ -123,6 +123,7 @@ structure or .Dv NULL if an error occurred. .Sh SEE ALSO +.Xr EVP_PKEY_meth_set_init 3 , .Xr EVP_PKEY_new 3 , .Xr X25519 3 .Sh HISTORY diff --git a/lib/libcrypto/man/EVP_PKEY_decrypt.3 b/lib/libcrypto/man/EVP_PKEY_decrypt.3 index afba8976f1e..61a99dcb31d 100644 --- a/lib/libcrypto/man/EVP_PKEY_decrypt.3 +++ b/lib/libcrypto/man/EVP_PKEY_decrypt.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: EVP_PKEY_decrypt.3,v 1.5 2018/02/15 12:52:37 schwarze Exp $ +.\" $OpenBSD: EVP_PKEY_decrypt.3,v 1.6 2018/02/15 14:52:16 schwarze Exp $ .\" full merge up to: OpenSSL 48e5119a Jan 19 10:49:22 2018 +0100 .\" .\" This file was written by Dr. Stephen Henson . @@ -165,6 +165,7 @@ if (EVP_PKEY_decrypt(ctx, out, &outlen, in, inlen) <= 0) .Xr EVP_PKEY_CTX_new 3 , .Xr EVP_PKEY_derive 3 , .Xr EVP_PKEY_encrypt 3 , +.Xr EVP_PKEY_meth_set_decrypt 3 , .Xr EVP_PKEY_sign 3 , .Xr EVP_PKEY_verify 3 , .Xr EVP_PKEY_verify_recover 3 diff --git a/lib/libcrypto/man/EVP_PKEY_derive.3 b/lib/libcrypto/man/EVP_PKEY_derive.3 index 61fc1bced8e..6649b43c33f 100644 --- a/lib/libcrypto/man/EVP_PKEY_derive.3 +++ b/lib/libcrypto/man/EVP_PKEY_derive.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: EVP_PKEY_derive.3,v 1.6 2018/02/15 12:52:37 schwarze Exp $ +.\" $OpenBSD: EVP_PKEY_derive.3,v 1.7 2018/02/15 14:52:16 schwarze Exp $ .\" full merge up to: OpenSSL 48e5119a Jan 19 10:49:22 2018 +0100 .\" .\" This file was written by Dr. Stephen Henson . @@ -165,6 +165,7 @@ if (EVP_PKEY_derive(ctx, skey, &skeylen) <= 0) .Xr EVP_PKEY_CTX_new 3 , .Xr EVP_PKEY_decrypt 3 , .Xr EVP_PKEY_encrypt 3 , +.Xr EVP_PKEY_meth_set_derive 3 , .Xr EVP_PKEY_sign 3 , .Xr EVP_PKEY_verify 3 , .Xr EVP_PKEY_verify_recover 3 , diff --git a/lib/libcrypto/man/EVP_PKEY_encrypt.3 b/lib/libcrypto/man/EVP_PKEY_encrypt.3 index 7309c3478b0..d24d5a80fa8 100644 --- a/lib/libcrypto/man/EVP_PKEY_encrypt.3 +++ b/lib/libcrypto/man/EVP_PKEY_encrypt.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: EVP_PKEY_encrypt.3,v 1.4 2016/11/27 15:23:29 schwarze Exp $ +.\" $OpenBSD: EVP_PKEY_encrypt.3,v 1.5 2018/02/15 14:52:16 schwarze Exp $ .\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 .\" .\" This file was written by Dr. Stephen Henson . @@ -49,7 +49,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: November 27 2016 $ +.Dd $Mdocdate: February 15 2018 $ .Dt EVP_PKEY_ENCRYPT 3 .Os .Sh NAME @@ -172,6 +172,7 @@ if (EVP_PKEY_encrypt(ctx, out, &outlen, in, inlen) <= 0) .Xr EVP_PKEY_CTX_new 3 , .Xr EVP_PKEY_decrypt 3 , .Xr EVP_PKEY_derive 3 , +.Xr EVP_PKEY_meth_set_encrypt 3 , .Xr EVP_PKEY_sign 3 , .Xr EVP_PKEY_verify 3 , .Xr EVP_PKEY_verify_recover 3 diff --git a/lib/libcrypto/man/EVP_PKEY_keygen.3 b/lib/libcrypto/man/EVP_PKEY_keygen.3 index ded45b33026..523363aa34e 100644 --- a/lib/libcrypto/man/EVP_PKEY_keygen.3 +++ b/lib/libcrypto/man/EVP_PKEY_keygen.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: EVP_PKEY_keygen.3,v 1.7 2018/02/15 12:52:37 schwarze Exp $ +.\" $OpenBSD: EVP_PKEY_keygen.3,v 1.8 2018/02/15 14:52:16 schwarze Exp $ .\" full merge up to: OpenSSL e9b77246 Jan 20 19:58:49 2017 +0100 .\" selective merge up to: OpenSSL 48e5119a Jan 19 10:49:22 2018 +0100 .\" @@ -284,6 +284,7 @@ genpkey_cb(EVP_PKEY_CTX *ctx) .Xr EVP_PKEY_decrypt 3 , .Xr EVP_PKEY_derive 3 , .Xr EVP_PKEY_encrypt 3 , +.Xr EVP_PKEY_meth_set_keygen 3 , .Xr EVP_PKEY_sign 3 , .Xr EVP_PKEY_verify 3 , .Xr EVP_PKEY_verify_recover 3 , diff --git a/lib/libcrypto/man/EVP_PKEY_meth_new.3 b/lib/libcrypto/man/EVP_PKEY_meth_new.3 new file mode 100644 index 00000000000..8d77661608f --- /dev/null +++ b/lib/libcrypto/man/EVP_PKEY_meth_new.3 @@ -0,0 +1,525 @@ +.\" $OpenBSD: EVP_PKEY_meth_new.3,v 1.1 2018/02/15 14:52:16 schwarze Exp $ +.\" selective merge up to: OpenSSL 43f985fd Aug 21 11:47:17 2017 -0400 +.\" +.\" This file was written by Paul Yang +.\" Copyright (c) 2017 The OpenSSL Project. All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in +.\" the documentation and/or other materials provided with the +.\" distribution. +.\" +.\" 3. All advertising materials mentioning features or use of this +.\" software must display the following acknowledgment: +.\" "This product includes software developed by the OpenSSL Project +.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" +.\" +.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to +.\" endorse or promote products derived from this software without +.\" prior written permission. For written permission, please contact +.\" openssl-core@openssl.org. +.\" +.\" 5. Products derived from this software may not be called "OpenSSL" +.\" nor may "OpenSSL" appear in their names without prior written +.\" permission of the OpenSSL Project. +.\" +.\" 6. Redistributions of any form whatsoever must retain the following +.\" acknowledgment: +.\" "This product includes software developed by the OpenSSL Project +.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY +.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR +.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT +.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED +.\" OF THE POSSIBILITY OF SUCH DAMAGE. +.\" +.Dd $Mdocdate: February 15 2018 $ +.Dt EVP_PKEY_METH_NEW 3 +.Os +.Sh NAME +.Nm EVP_PKEY_meth_new , +.Nm EVP_PKEY_meth_free , +.Nm EVP_PKEY_meth_copy , +.Nm EVP_PKEY_meth_find , +.Nm EVP_PKEY_meth_add0 , +.Nm EVP_PKEY_meth_set_init , +.Nm EVP_PKEY_meth_set_copy , +.Nm EVP_PKEY_meth_set_cleanup , +.Nm EVP_PKEY_meth_set_paramgen , +.Nm EVP_PKEY_meth_set_keygen , +.Nm EVP_PKEY_meth_set_sign , +.Nm EVP_PKEY_meth_set_verify , +.Nm EVP_PKEY_meth_set_verify_recover , +.Nm EVP_PKEY_meth_set_signctx , +.Nm EVP_PKEY_meth_set_verifyctx , +.Nm EVP_PKEY_meth_set_encrypt , +.Nm EVP_PKEY_meth_set_decrypt , +.Nm EVP_PKEY_meth_set_derive , +.Nm EVP_PKEY_meth_set_ctrl +.Nd manipulate an EVP_PKEY_METHOD structure +.Sh SYNOPSIS +.In openssl/evp.h +.Ft EVP_PKEY_METHOD * +.Fo EVP_PKEY_meth_new +.Fa "int id" +.Fa "int flags" +.Fc +.Ft void +.Fo EVP_PKEY_meth_free +.Fa "EVP_PKEY_METHOD *pmeth" +.Fc +.Ft void +.Fo EVP_PKEY_meth_copy +.Fa "EVP_PKEY_METHOD *dst" +.Fa "const EVP_PKEY_METHOD *src" +.Fc +.Ft const EVP_PKEY_METHOD * +.Fo EVP_PKEY_meth_find +.Fa "int type" +.Fc +.Ft int +.Fo EVP_PKEY_meth_add0 +.Fa "const EVP_PKEY_METHOD *pmeth" +.Fc +.Ft void +.Fo EVP_PKEY_meth_set_init +.Fa "EVP_PKEY_METHOD *pmeth" +.Fa "int (*init)(EVP_PKEY_CTX *ctx)" +.Fc +.Ft void +.Fo EVP_PKEY_meth_set_copy +.Fa "EVP_PKEY_METHOD *pmeth" +.Fa "int (*copy)(EVP_PKEY_CTX *dst, EVP_PKEY_CTX *src)" +.Fc +.Ft void +.Fo EVP_PKEY_meth_set_cleanup +.Fa "EVP_PKEY_METHOD *pmeth" +.Fa "void (*cleanup)(EVP_PKEY_CTX *ctx)" +.Fc +.Ft void +.Fo EVP_PKEY_meth_set_paramgen +.Fa "EVP_PKEY_METHOD *pmeth" +.Fa "int (*paramgen_init)(EVP_PKEY_CTX *ctx)" +.Fa "int (*paramgen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)" +.Fc +.Ft void +.Fo EVP_PKEY_meth_set_keygen +.Fa "EVP_PKEY_METHOD *pmeth" +.Fa "int (*keygen_init)(EVP_PKEY_CTX *ctx)" +.Fa "int (*keygen)(EVP_PKEY_CTX *ctx, EVP_PKEY *pkey)" +.Fc +.Ft void +.Fo EVP_PKEY_meth_set_sign +.Fa "EVP_PKEY_METHOD *pmeth" +.Fa "int (*sign_init)(EVP_PKEY_CTX *ctx)" +.Fa "int (*sign)(EVP_PKEY_CTX *ctx, unsigned char *sig, size_t *siglen,\ + const unsigned char *tbs, size_t tbslen)" +.Fc +.Ft void +.Fo EVP_PKEY_meth_set_verify +.Fa "EVP_PKEY_METHOD *pmeth" +.Fa "int (*verify_init)(EVP_PKEY_CTX *ctx)" +.Fa "int (*verify)(EVP_PKEY_CTX *ctx, const unsigned char *sig,\ + size_t siglen, const unsigned char *tbs, size_t tbslen)" +.Fc +.Ft void +.Fo EVP_PKEY_meth_set_verify_recover +.Fa "EVP_PKEY_METHOD *pmeth" +.Fa "int (*verify_recover_init)(EVP_PKEY_CTX *ctx)" +.Fa "int (*verify_recover)(EVP_PKEY_CTX *ctx, unsigned char *sig,\ + size_t *siglen, const unsigned char *tbs, size_t tbslen)" +.Fc +.Ft void +.Fo EVP_PKEY_meth_set_signctx +.Fa "EVP_PKEY_METHOD *pmeth" +.Fa "int (*signctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx)" +.Fa "int (*signctx)(EVP_PKEY_CTX *ctx, unsigned char *sig,\ + size_t *siglen, EVP_MD_CTX *mctx)" +.Fc +.Ft void +.Fo EVP_PKEY_meth_set_verifyctx +.Fa "EVP_PKEY_METHOD *pmeth" +.Fa "int (*verifyctx_init)(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx)" +.Fa "int (*verifyctx)(EVP_PKEY_CTX *ctx, const unsigned char *sig,\ + int siglen, EVP_MD_CTX *mctx)" +.Fc +.Ft void +.Fo EVP_PKEY_meth_set_encrypt +.Fa "EVP_PKEY_METHOD *pmeth" +.Fa "int (*encrypt_init)(EVP_PKEY_CTX *ctx)" +.Fa "int (*encryptfn)(EVP_PKEY_CTX *ctx, unsigned char *out,\ + size_t *outlen, const unsigned char *in, size_t inlen)" +.Fc +.Ft void +.Fo EVP_PKEY_meth_set_decrypt +.Fa "EVP_PKEY_METHOD *pmeth" +.Fa "int (*decrypt_init)(EVP_PKEY_CTX *ctx)" +.Fa "int (*decrypt)(EVP_PKEY_CTX *ctx, unsigned char *out,\ + size_t *outlen, const unsigned char *in, size_t inlen)" +.Fc +.Ft void +.Fo EVP_PKEY_meth_set_derive +.Fa "EVP_PKEY_METHOD *pmeth" +.Fa "int (*derive_init)(EVP_PKEY_CTX *ctx)" +.Fa "int (*derive)(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen)" +.Fc +.Ft void +.Fo EVP_PKEY_meth_set_ctrl +.Fa "EVP_PKEY_METHOD *pmeth" +.Fa "int (*ctrl)(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)" +.Fa "int (*ctrl_str)(EVP_PKEY_CTX *ctx, const char *type, const char *value)" +.Fc +.Sh DESCRIPTION +The +.Vt EVP_PKEY_METHOD +structure holds a set of methods +for a specific public key cryptographic algorithm. +Those methods perform tasks such as generating keys, signing, verifying, +encrypting, decrypting, and so on. +.Pp +There are two places where the +.Vt EVP_PKEY_METHOD +objects are stored: one is a built-in static array representing the +standard methods for different algorithms, and the other one is a stack +of user-defined application-specific methods, which can be manipulated +with +.Fn EVP_PKEY_meth_add0 . +.Pp +The +.Vt EVP_PKEY_METHOD +objects are usually referenced by +.Vt EVP_PKEY_CTX +objects. +.Ss Methods +The methods implement the particular public key algorithm represented by the +.Vt EVP_PKEY_CTX +object. +.Bd -unfilled +.Ft int Fn (*init) "EVP_PKEY_CTX *ctx" +.Ft int Fn (*copy) "EVP_PKEY_CTX *dst" "EVP_PKEY_CTX *src" +.Ft void Fn (*cleanup) "EVP_PKEY_CTX *ctx" +.Ed +.Pp +The +.Fn init +method is called by +.Xr EVP_PKEY_CTX_new 3 +and +.Xr EVP_PKEY_CTX_new_id 3 +to initialize the algorithm-specific data when a new +.Vt EVP_PKEY_CTX +is created. +The +.Fn cleanup +method is called by +.Xr EVP_PKEY_CTX_free 3 +when an +.Vt EVP_PKEY_CTX +is freed. +The +.Fn copy +method is called by +.Xr EVP_PKEY_CTX_dup 3 +when an +.Vt EVP_PKEY_CTX +is duplicated. +.Bd -unfilled +.Ft int Fn (*paramgen_init) "EVP_PKEY_CTX *ctx" +.Ft int Fn (*paramgen) "EVP_PKEY_CTX *ctx" "EVP_PKEY *pkey" +.Ed +.Pp +The +.Fn paramgen_init +and +.Fn paramgen +methods deal with key parameter generation. +They are called by +.Xr EVP_PKEY_paramgen_init 3 +and +.Xr EVP_PKEY_paramgen 3 +to handle the parameter generation process. +.Bd -unfilled +.Ft int Fn (*keygen_init) "EVP_PKEY_CTX *ctx" +.Ft int Fn (*keygen) "EVP_PKEY_CTX *ctx" "EVP_PKEY *pkey" +.Ed +.Pp +The +.Fn keygen_init +and +.Fn keygen +methods are used to generate a key for the specified algorithm. +They are called by +.Xr EVP_PKEY_keygen_init 3 +and +.Xr EVP_PKEY_keygen 3 . +.Bd -unfilled +.Ft int Fn (*sign_init) "EVP_PKEY_CTX *ctx" +.Ft int Fo (*sign) +.Fa "EVP_PKEY_CTX *ctx" +.Fa "unsigned char *sig" +.Fa "size_t *siglen" +.Fa "const unsigned char *tbs" +.Fa "size_t tbslen" +.Fc +.Ed +.Pp +The +.Fn sign_init +and +.Fn sign +methods are used to generate the signature of a piece of data using a +private key. +They are called by +.Xr EVP_PKEY_sign_init 3 +and +.Xr EVP_PKEY_sign 3 . +.Bd -unfilled +.Ft int Fn (*verify_init) "EVP_PKEY_CTX *ctx" +.Ft int Fo (*verify) +.Fa "EVP_PKEY_CTX *ctx" +.Fa "const unsigned char *sig" +.Fa "size_t siglen" +.Fa "const unsigned char *tbs" +.Fa "size_t tbslen" +.Fc +.Ed +.Pp +The +.Fn verify_init +and +.Fn verify +methods are used to verify whether a signature is valid. +They are called by +.Xr EVP_PKEY_verify_init 3 +and +.Xr EVP_PKEY_verify 3 . +.Bd -unfilled +.Ft int Fn (*verify_recover_init) "EVP_PKEY_CTX *ctx" +.Ft int Fo (*verify_recover) +.Fa "EVP_PKEY_CTX *ctx" +.Fa "unsigned char *rout" +.Fa "size_t *routlen" +.Fa "const unsigned char *sig" +.Fa "size_t siglen" +.Fc +.Ed +.Pp +The +.Fn verify_recover_init +and +.Fn verify_recover +methods are used to verify a signature and then recover the digest from +the signature (for instance, a signature that was generated by the RSA +signing algorithm). +They are called by +.Xr EVP_PKEY_verify_recover_init 3 +and +.Xr EVP_PKEY_verify_recover 3 . +.Bd -unfilled +.Ft int Fn (*signctx_init) "EVP_PKEY_CTX *ctx" "EVP_MD_CTX *mctx" +.Ft int Fo (*signctx) +.Fa "EVP_PKEY_CTX *ctx" +.Fa "unsigned char *sig" +.Fa "size_t *siglen" +.Fa "EVP_MD_CTX *mctx" +.Fc +.Ed +.Pp +The +.Fn signctx_init +and +.Fn signctx +methods are used to sign a digest represented by an +.Vt EVP_MD_CTX +object. +They are called by the +.Xr EVP_DigestSignInit 3 +functions. +.Bd -unfilled +.Ft int Fn (*verifyctx_init) "EVP_PKEY_CTX *ctx" "EVP_MD_CTX *mctx" +.Ft int Fo (*verifyctx) +.Fa "EVP_PKEY_CTX *ctx" +.Fa "const unsigned char *sig" +.Fa "int siglen" +.Fa "EVP_MD_CTX *mctx" +.Fc +.Ed +.Pp +The +.Fn verifyctx_init +and +.Fn verifyctx +methods are used to verify a signature against the data in an +.Vt EVP_MD_CTX +object. +They are called by the +.Xr EVP_DigestVerifyInit 3 +functions. +.Bd -unfilled +.Ft int Fn (*encrypt_init) "EVP_PKEY_CTX *ctx" +.Ft int Fo (*encrypt) +.Fa "EVP_PKEY_CTX *ctx" +.Fa "unsigned char *out" +.Fa "size_t *outlen" +.Fa "const unsigned char *in" +.Fa "size_t inlen" +.Fc +.Ed +.Pp +The +.Fn encrypt_init +and +.Fn encrypt +methods are used to encrypt a piece of data. +They are called by +.Xr EVP_PKEY_encrypt_init 3 +and +.Xr EVP_PKEY_encrypt 3 . +.Bd -unfilled +.Ft int Fn (*decrypt_init) "EVP_PKEY_CTX *ctx" +.Ft int Fo (*decrypt) +.Fa "EVP_PKEY_CTX *ctx" +.Fa "unsigned char *out" +.Fa "size_t *outlen" +.Fa "const unsigned char *in" +.Fa "size_t inlen" +.Fc +.Ed +.Pp +The +.Fn decrypt_init +and +.Fn decrypt +methods are used to decrypt a piece of data. +They are called by +.Xr EVP_PKEY_decrypt_init 3 +and +.Xr EVP_PKEY_decrypt 3 . +.Bd -unfilled +.Ft int Fn (*derive_init) "EVP_PKEY_CTX *ctx" +.Ft int Fo (*derive) +.Fa "EVP_PKEY_CTX *ctx" +.Fa "unsigned char *key" +.Fa "size_t *keylen" +.Fc +.Ed +.Pp +The +.Fn derive_init +and +.Fn derive +methods are used to derive the shared secret from a public key algorithm +(for instance, the DH algorithm). +They are called by +.Xr EVP_PKEY_derive_init 3 +and +.Xr EVP_PKEY_derive 3 . +.Bd -unfilled +.Ft int Fo (*ctrl) +.Fa "EVP_PKEY_CTX *ctx" +.Fa "int type" +.Fa "int p1" +.Fa "void *p2" +.Fc +.Ft int Fo (*ctrl_str) +.Fa "EVP_PKEY_CTX *ctx" +.Fa "const char *type" +.Fa "const char *value" +.Fc +.Ed +.Pp +The +.Fn ctrl +and +.Fn ctrl_str +methods are used to adjust algorithm-specific settings. +See +.Xr EVP_PKEY_CTX_ctrl 3 +for details. +.Ss Functions +.Fn EVP_PKEY_meth_new +creates a new +.Vt EVP_PKEY_METHOD +object with the given +.Fa id +and +.Fa flags . +The following flags are supported: +.Bl -tag -width Ds +.It Dv EVP_PKEY_FLAG_AUTOARGLEN +Automatically calculate the maximum size of the output buffer +in corresponding EVP methods by the EVP framework. +Thus the implementations of these methods don't need to care about +handling the case of returning output buffer size by themselves. +For details on the output buffer size, refer to +.Xr EVP_PKEY_sign 3 . +.It Dv EVP_PKEY_FLAG_SIGCTX_CUSTOM +Indicate that the +.Fn signctx +method of an +.Vt EVP_PKEY_METHOD +is always called by the EVP framework while doing a digest signing +operation by calling +.Xr EVP_DigestSignFinal 3 . +.El +.Pp +.Fn EVP_PKEY_meth_free +frees +.Fa pmeth . +.Pp +.Fn EVP_PKEY_meth_copy +copies +.Fa src +to +.Fa dst . +.Pp +.Fn EVP_PKEY_meth_find +finds an +.Vt EVP_PKEY_METHOD +object with the given +.Fa id . +This function first searches through the user-defined method objects and +then through the built-in objects. +.Pp +.Fn EVP_PKEY_meth_add0 +adds +.Fa pmeth +to the stack of user defined methods. +.Pp +The +.Fn EVP_PKEY_meth_set_* +functions set the corresponding fields of +.Fa pmeth +to the arguments passed. +.Sh RETURN VALUES +.Fn EVP_PKEY_meth_new +returns a pointer to a new +.Vt EVP_PKEY_METHOD +object or +.Dv NULL +on error. +.Pp +.Fn EVP_PKEY_meth_find +returns a pointer to the found +.Vt EVP_PKEY_METHOD +object or +.Dv NULL +if no matching object is found. +.Pp +.Fn EVP_PKEY_meth_add0 +returns 1 if the method is added successfully or 0 if an error occurred. diff --git a/lib/libcrypto/man/EVP_PKEY_sign.3 b/lib/libcrypto/man/EVP_PKEY_sign.3 index d7812186f3a..cb16e00c777 100644 --- a/lib/libcrypto/man/EVP_PKEY_sign.3 +++ b/lib/libcrypto/man/EVP_PKEY_sign.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: EVP_PKEY_sign.3,v 1.5 2017/01/06 02:43:14 schwarze Exp $ +.\" $OpenBSD: EVP_PKEY_sign.3,v 1.6 2018/02/15 14:52:16 schwarze Exp $ .\" OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400 .\" .\" This file was written by Dr. Stephen Henson . @@ -49,7 +49,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: January 6 2017 $ +.Dd $Mdocdate: February 15 2018 $ .Dt EVP_PKEY_SIGN 3 .Os .Sh NAME @@ -180,6 +180,7 @@ if (EVP_PKEY_sign(ctx, sig, &siglen, md, mdlen) <= 0) .Xr EVP_PKEY_decrypt 3 , .Xr EVP_PKEY_derive 3 , .Xr EVP_PKEY_encrypt 3 , +.Xr EVP_PKEY_meth_set_sign 3 , .Xr EVP_PKEY_verify 3 , .Xr EVP_PKEY_verify_recover 3 .Sh HISTORY diff --git a/lib/libcrypto/man/EVP_PKEY_verify.3 b/lib/libcrypto/man/EVP_PKEY_verify.3 index 97c0a68cd89..0ee9f271a53 100644 --- a/lib/libcrypto/man/EVP_PKEY_verify.3 +++ b/lib/libcrypto/man/EVP_PKEY_verify.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: EVP_PKEY_verify.3,v 1.5 2018/02/15 12:52:37 schwarze Exp $ +.\" $OpenBSD: EVP_PKEY_verify.3,v 1.6 2018/02/15 14:52:16 schwarze Exp $ .\" full merge up to: OpenSSL 48e5119a Jan 19 10:49:22 2018 +0100 .\" .\" This file was written by Dr. Stephen Henson . @@ -157,6 +157,7 @@ ret = EVP_PKEY_verify(ctx, sig, siglen, md, mdlen); .Xr EVP_PKEY_decrypt 3 , .Xr EVP_PKEY_derive 3 , .Xr EVP_PKEY_encrypt 3 , +.Xr EVP_PKEY_meth_set_verify 3 , .Xr EVP_PKEY_sign 3 , .Xr EVP_PKEY_verify_recover 3 .Sh HISTORY diff --git a/lib/libcrypto/man/EVP_PKEY_verify_recover.3 b/lib/libcrypto/man/EVP_PKEY_verify_recover.3 index c453aa747ec..75df64134cd 100644 --- a/lib/libcrypto/man/EVP_PKEY_verify_recover.3 +++ b/lib/libcrypto/man/EVP_PKEY_verify_recover.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: EVP_PKEY_verify_recover.3,v 1.7 2018/02/15 12:52:37 schwarze Exp $ +.\" $OpenBSD: EVP_PKEY_verify_recover.3,v 1.8 2018/02/15 14:52:16 schwarze Exp $ .\" full merge up to: OpenSSL 48e5119a Jan 19 10:49:22 2018 +0100 .\" .\" This file was written by Dr. Stephen Henson . @@ -178,6 +178,7 @@ if (EVP_PKEY_verify_recover(ctx, rout, &routlen, sig, siglen) <= 0) .Xr EVP_PKEY_decrypt 3 , .Xr EVP_PKEY_derive 3 , .Xr EVP_PKEY_encrypt 3 , +.Xr EVP_PKEY_meth_set_verify_recover 3 , .Xr EVP_PKEY_sign 3 , .Xr EVP_PKEY_verify 3 .Sh HISTORY diff --git a/lib/libcrypto/man/Makefile b/lib/libcrypto/man/Makefile index 606f346588d..7043c8397bf 100644 --- a/lib/libcrypto/man/Makefile +++ b/lib/libcrypto/man/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.128 2018/02/15 12:09:55 schwarze Exp $ +# $OpenBSD: Makefile,v 1.129 2018/02/15 14:52:16 schwarze Exp $ .include @@ -124,6 +124,7 @@ MAN= \ EVP_PKEY_get_default_digest_nid.3 \ EVP_PKEY_keygen.3 \ EVP_PKEY_meth_get0_info.3 \ + EVP_PKEY_meth_new.3 \ EVP_PKEY_new.3 \ EVP_PKEY_print_private.3 \ EVP_PKEY_set1_RSA.3 \