OpenBSD manual page server

Manual Page Search Parameters

EVP_PKEY_SET1_RSA(3) Library Functions Manual EVP_PKEY_SET1_RSA(3)

EVP_PKEY_set1_RSA, EVP_PKEY_set1_DSA, EVP_PKEY_set1_DH, EVP_PKEY_set1_EC_KEY, EVP_PKEY_get1_RSA, EVP_PKEY_get1_DSA, EVP_PKEY_get1_DH, EVP_PKEY_get1_EC_KEY, EVP_PKEY_get0_RSA, EVP_PKEY_get0_DSA, EVP_PKEY_get0_DH, EVP_PKEY_get0_EC_KEY, EVP_PKEY_get0_hmac, EVP_PKEY_get0, EVP_PKEY_assign_RSA, EVP_PKEY_assign_DSA, EVP_PKEY_assign_DH, EVP_PKEY_assign_EC_KEY, EVP_PKEY_assign_GOST, EVP_PKEY_assign, EVP_PKEY_base_id, EVP_PKEY_id, EVP_PKEY_type, EVP_PKEY_set_typeEVP_PKEY assignment functions

#include <openssl/evp.h>

EVP_PKEY_set1_RSA(EVP_PKEY *pkey, RSA *key);

EVP_PKEY_set1_DSA(EVP_PKEY *pkey, DSA *key);

EVP_PKEY_set1_DH(EVP_PKEY *pkey, DH *key);

EVP_PKEY_set1_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);

EVP_PKEY_get1_RSA(EVP_PKEY *pkey);

EVP_PKEY_get1_DSA(EVP_PKEY *pkey);

DH *
EVP_PKEY_get1_DH(EVP_PKEY *pkey);


EVP_PKEY_get0_RSA(EVP_PKEY *pkey);

EVP_PKEY_get0_DSA(EVP_PKEY *pkey);

DH *
EVP_PKEY_get0_DH(EVP_PKEY *pkey);


const unsigned char *
EVP_PKEY_get0_hmac(const EVP_PKEY *pkey, size_t *len);

void *
EVP_PKEY_get0(const EVP_PKEY *pkey);

EVP_PKEY_assign_RSA(EVP_PKEY *pkey, RSA *key);

EVP_PKEY_assign_DSA(EVP_PKEY *pkey, DSA *key);

EVP_PKEY_assign_DH(EVP_PKEY *pkey, DH *key);

EVP_PKEY_assign_EC_KEY(EVP_PKEY *pkey, EC_KEY *key);

EVP_PKEY_assign_GOST(EVP_PKEY *pkey, GOST_KEY *key);

EVP_PKEY_assign(EVP_PKEY *pkey, int type, void *key);

EVP_PKEY_base_id(EVP_PKEY *pkey);

EVP_PKEY_id(EVP_PKEY *pkey);

EVP_PKEY_type(int type);

EVP_PKEY_set_type(EVP_PKEY *pkey, int type);

(), (), (), and () set the key referenced by pkey to key and increment the reference count of key by 1 in case of success.

(), (), (), and () return the key referenced in pkey, incrementing its reference count by 1, or NULL if the key is not of the correct type.

(), (), (), (), and () are identical except that they do not increment the reference count. Consequently, the returned key must not be freed by the caller.

() returns an internal pointer to the key referenced in pkey and sets *len to its length in bytes. The returned pointer must not be freed by the caller. If pkey is not of the correct type, NULL is returned and the content of *len becomes unspecified.

(), (), (), (), (), and () also set the referenced key to key; however these use the supplied key internally without incrementing its reference count, such that key will be freed when the parent pkey is freed. If the key is of the wrong type, these functions report success even though pkey ends up in a corrupted state. Even the functions explicitly containing the type in their name are type safe because they are implemented as macros. The following types are supported: EVP_PKEY_RSA, EVP_PKEY_DSA, EVP_PKEY_DH, EVP_PKEY_EC, and EVP_PKEY_GOSTR01.

() returns the type of pkey according to the following table:

= NID_cmac CMAC
= NID_dhKeyAgreement DH
= NID_dsa DSA
= NID_X9_62_id_ecPublicKey EC
= NID_id_Gost28147_89_MAC GOST-MAC
= NID_id_GostR3410_2001 GOST2001
= NID_hmac HMAC
= NID_rsaEncryption RSA
= NID_rsassaPss RSA-PSS

Application programs can support additional key types by calling EVP_PKEY_asn1_add0(3).

() returns the actual OID associated with pkey. Historically keys using the same algorithm could use different OIDs. The following deprecated aliases are still supported:

= NID_dsa_2 DSA
= NID_dsaWithSHA DSA
= NID_dsaWithSHA1 DSA
= NID_dsaWithSHA1_2 DSA
= NID_id_tc26_gost3410_2012_256 GOST2001
= NID_id_tc26_gost3410_2012_512 GOST2001
= NID_rsa RSA

Application programs can support additional alternative OIDs by calling EVP_PKEY_asn1_add_alias(3).

Most applications wishing to know a key type will simply call () and will not care about the actual type, which will be identical in almost all cases.

() returns the underlying type of the NID type. For example, EVP_PKEY_type(EVP_PKEY_RSA2) will return EVP_PKEY_RSA.

() frees the key referenced in pkey, if any, and sets the key type of pkey to type without referencing a new key from pkey yet. For type, any of the possible return values of EVP_PKEY_base_id() and EVP_PKEY_id() can be passed.

In accordance with the OpenSSL naming convention, the key obtained from or assigned to pkey using the functions must be freed as well as pkey.

EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH(), EVP_PKEY_set1_EC_KEY(), EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign_EC_KEY(), EVP_PKEY_assign_GOST(), EVP_PKEY_assign(), and EVP_PKEY_set_type() return 1 for success or 0 for failure.

EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), EVP_PKEY_get1_DH(), EVP_PKEY_get1_EC_KEY(), EVP_PKEY_get0_RSA(), EVP_PKEY_get0_DSA(), EVP_PKEY_get0_DH(), EVP_PKEY_get0_EC_KEY(), EVP_PKEY_get0_hmac(), and EVP_PKEY_get0() return the referenced key or NULL if an error occurred. For EVP_PKEY_get0(), the return value points to an RSA, DSA, DH, EC_KEY, GOST_KEY, or ASN1_OCTET_STRING object depending on the type of pkey.

EVP_PKEY_base_id(), EVP_PKEY_id(), and EVP_PKEY_type() return a key type or NID_undef (equivalently EVP_PKEY_NONE) on error.

DH_new(3), DSA_new(3), EC_KEY_new(3), EVP_PKEY_get0_asn1(3), EVP_PKEY_new(3), RSA_new(3)

EVP_PKEY_assign_RSA(), EVP_PKEY_assign_DSA(), EVP_PKEY_assign_DH(), EVP_PKEY_assign(), and EVP_PKEY_type() first appeared in SSLeay 0.8.0 and have been available since OpenBSD 2.4.

EVP_PKEY_set1_RSA(), EVP_PKEY_set1_DSA(), EVP_PKEY_set1_DH(), EVP_PKEY_get1_RSA(), EVP_PKEY_get1_DSA(), and EVP_PKEY_get1_DH() first appeared in OpenSSL 0.9.5 and have been available since OpenBSD 2.7.

EVP_PKEY_set1_EC_KEY(), EVP_PKEY_get1_EC_KEY(), and EVP_PKEY_assign_EC_KEY() first appeared in OpenSSL 0.9.8 and have been available since OpenBSD 4.5.

EVP_PKEY_get0(), EVP_PKEY_set_type(), EVP_PKEY_base_id(), and EVP_PKEY_id() first appeared in OpenSSL 1.0.0 and have been available since OpenBSD 4.9.

EVP_PKEY_assign_GOST() first appeared in OpenBSD 5.7.

EVP_PKEY_get0_RSA(), EVP_PKEY_get0_DSA(), EVP_PKEY_get0_DH(), and EVP_PKEY_get0_EC_KEY() first appeared in OpenSSL 1.1.0 and have been available since OpenBSD 6.3.

EVP_PKEY_get0_hmac() first appeared in OpenSSL 1.1.0 and has been available since OpenBSD 6.5.

June 24, 2020 OpenBSD-current