OpenBSD manual page server

Manual Page Search Parameters

EVP_PKEY_SET1_RSA(3) Library Functions Manual EVP_PKEY_SET1_RSA(3)

EVP_PKEY_set1_RSA, EVP_PKEY_set1_DSA, EVP_PKEY_set1_DH, EVP_PKEY_set1_EC_KEY, EVP_PKEY_get1_RSA, EVP_PKEY_get1_DSA, EVP_PKEY_get1_DH, EVP_PKEY_get1_EC_KEY, EVP_PKEY_get0_RSA, EVP_PKEY_get0_DSA, EVP_PKEY_get0_DH, EVP_PKEY_get0_EC_KEY, EVP_PKEY_get0_hmac, EVP_PKEY_get0, EVP_PKEY_assign_RSA, EVP_PKEY_assign_DSA, EVP_PKEY_assign_DH, EVP_PKEY_assign_EC_KEY, EVP_PKEY_assign, EVP_PKEY_base_id, EVP_PKEY_id, EVP_PKEY_type, EVP_PKEY_set_type, EVP_PKEY_set_type_strEVP_PKEY assignment functions

#include <openssl/evp.h>

int
EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key);

int
EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key);

int
EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key);

int
EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);

RSA *
EVP_PKEY_get1_RSA(EVP_PKEY *pkey);

DSA *
EVP_PKEY_get1_DSA(EVP_PKEY *pkey);

DH *
EVP_PKEY_get1_DH(EVP_PKEY *pkey);

EC_KEY *
EVP_PKEY_get1_EC_KEY(EVP_PKEY *pkey);

RSA *
EVP_PKEY_get0_RSA(EVP_PKEY *pkey);

DSA *
EVP_PKEY_get0_DSA(EVP_PKEY *pkey);

DH *
EVP_PKEY_get0_DH(EVP_PKEY *pkey);

EC_KEY *
EVP_PKEY_get0_EC_KEY(EVP_PKEY *pkey);

const unsigned char *
EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len);

void *
EVP_PKEY_get0(const EVP_PKEY *pkey);

int
EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key);

int
EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *key);

int
EVP_PKEY_assign_DH(EVP_PKEY *pkey, DH *key);

int
EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);

int
EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key);

int
EVP_PKEY_base_id(EVP_PKEY *pkey);

int
EVP_PKEY_id(EVP_PKEY *pkey);

int
EVP_PKEY_type(int type);

int
EVP_PKEY_set_type(EVP_PKEY *pkey, int type);

int
EVP_PKEY_set_type_str(EVP_PKEY *pkey, const char *str, int len);

(), (), (), and () set the key referenced by pkey to key and increment the reference count of key by 1 in case of success.

(), (), (), and () return the key referenced in pkey, incrementing its reference count by 1, or NULL if the key is not of the correct type.

(), (), (), (), and () are identical except that they do not increment the reference count. Consequently, the returned key must not be freed by the caller.

() returns an internal pointer to the key referenced in pkey and sets *len to its length in bytes. The returned pointer must not be freed by the caller. If pkey is not of the correct type, NULL is returned and the content of *len becomes unspecified.

(), (), (), (), and () also set the referenced key to key; however these use the supplied key internally without incrementing its reference count, such that key will be freed when the parent pkey is freed. If the key is of the wrong type, these functions report success even though pkey ends up in a corrupted state. Even the functions explicitly containing the type in their name are type safe because they are implemented as macros. The following types are supported: EVP_PKEY_RSA, EVP_PKEY_DSA, EVP_PKEY_DH, and EVP_PKEY_EC.

() returns the type of pkey according to the following table:

= NID_cmac CMAC
= NID_dhKeyAgreement DH
= NID_dsa DSA
= NID_X9_62_id_ecPublicKey EC
= NID_hmac HMAC
= NID_rsaEncryption RSA
= NID_rsassaPss RSA-PSS

() returns the actual OID associated with pkey. Historically keys using the same algorithm could use different OIDs. The following deprecated aliases are still supported:

= NID_dsa_2 DSA
= NID_dsaWithSHA DSA
= NID_dsaWithSHA1 DSA
= NID_dsaWithSHA1_2 DSA
= NID_rsa RSA

Most applications wishing to know a key type will simply call () and will not care about the actual type, which will be identical in almost all cases.

() returns the underlying type of the NID type. For example, EVP_PKEY_type(EVP_PKEY_RSA2) will return EVP_PKEY_RSA.

() frees the key referenced in pkey, if any, and sets the key type of pkey to type without referencing a new key from pkey yet. For type, any of the possible return values of EVP_PKEY_base_id() and EVP_PKEY_id() can be passed.

() frees the key referenced in pkey, if any, and sets the key type of pkey according to the PEM type string given by the first len bytes of str. If len is -1, the strlen(3) of str is used instead. The PEM type strings supported by default are listed in the table above. This function does not reference a new key from pkey.

If pkey is a NULL pointer, () and EVP_PKEY_set_type_str() check that a matching key type exists but do not change any object.

In accordance with the OpenSSL naming convention, the key obtained from or assigned to pkey using the functions must be freed as well as pkey.

EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH(), EVP_PKEY_set1_EC_KEY(), EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign(), EVP_PKEY_set_type(), and EVP_PKEY_set_type_str() return 1 for success or 0 for failure.

EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH(), EVP_PKEY_get1_EC_KEY(), EVP_PKEY_get0_RSA(), EVP_PKEY_get0_DSA(), EVP_PKEY_get0_DH(), EVP_PKEY_get0_EC_KEY(), EVP_PKEY_get0_hmac(), and EVP_PKEY_get0() return the referenced key or NULL if an error occurred. For EVP_PKEY_get0(), the return value points to an RSA, DSA, DH, EC_KEY, or ASN1_OCTET_STRING object depending on the type of pkey.

EVP_PKEY_base_id(), EVP_PKEY_id(), and EVP_PKEY_type() return a key type or NID_undef (equivalently EVP_PKEY_NONE) on error.

DH_new(3), DSA_new(3), EC_KEY_new(3), EVP_PKEY_get0_asn1(3), EVP_PKEY_new(3), RSA_new(3)

EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign(), and EVP_PKEY_type() first appeared in SSLeay 0.8.0 and have been available since OpenBSD 2.4.

EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH(), EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), and EVP_PKEY_get1_DH() first appeared in OpenSSL 0.9.5 and have been available since OpenBSD 2.7.

EVP_PKEY_set1_EC_KEY(), EVP_PKEY_get1_EC_KEY(), and EVP_PKEY_assign_EC_KEY() first appeared in OpenSSL 0.9.8 and have been available since OpenBSD 4.5.

EVP_PKEY_get0(), EVP_PKEY_base_id(), EVP_PKEY_id(), EVP_PKEY_set_type(), and EVP_PKEY_set_type_str() first appeared in OpenSSL 1.0.0 and have been available since OpenBSD 4.9.

EVP_PKEY_get0_RSA(), EVP_PKEY_get0_DSA(), EVP_PKEY_get0_DH(), and EVP_PKEY_get0_EC_KEY() first appeared in OpenSSL 1.1.0 and have been available since OpenBSD 6.3.

EVP_PKEY_get0_hmac() first appeared in OpenSSL 1.1.0 and has been available since OpenBSD 6.5.

March 5, 2024 OpenBSD-current