Import OpenSSL 1.1.0f
This commit is contained in:
Steve Dower
Steve Dower
@@ -2,7 +2,12 @@
|
||||
|
||||
=head1 NAME
|
||||
|
||||
EVP_PKEY_keygen_init, EVP_PKEY_keygen, EVP_PKEY_paramgen_init, EVP_PKEY_paramgen, EVP_PKEY_CTX_set_cb, EVP_PKEY_CTX_get_cb, EVP_PKEY_CTX_get_keygen_info, EVP_PKEVP_PKEY_CTX_set_app_data, EVP_PKEY_CTX_get_app_data - key and parameter generation functions
|
||||
EVP_PKEY_keygen_init, EVP_PKEY_keygen, EVP_PKEY_paramgen_init,
|
||||
EVP_PKEY_paramgen, EVP_PKEY_CTX_set_cb, EVP_PKEY_CTX_get_cb,
|
||||
EVP_PKEY_CTX_get_keygen_info, EVP_PKEY_CTX_set_app_data,
|
||||
EVP_PKEY_CTX_get_app_data,
|
||||
EVP_PKEY_gen_cb
|
||||
- key and parameter generation functions
|
||||
|
||||
=head1 SYNOPSIS
|
||||
|
||||
@@ -13,7 +18,7 @@ EVP_PKEY_keygen_init, EVP_PKEY_keygen, EVP_PKEY_paramgen_init, EVP_PKEY_paramgen
|
||||
int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx);
|
||||
int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey);
|
||||
|
||||
typedef int EVP_PKEY_gen_cb(EVP_PKEY_CTX *ctx);
|
||||
typedef int (*EVP_PKEY_gen_cb)(EVP_PKEY_CTX *ctx);
|
||||
|
||||
void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb);
|
||||
EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx);
|
||||
@@ -26,9 +31,9 @@ EVP_PKEY_keygen_init, EVP_PKEY_keygen, EVP_PKEY_paramgen_init, EVP_PKEY_paramgen
|
||||
=head1 DESCRIPTION
|
||||
|
||||
The EVP_PKEY_keygen_init() function initializes a public key algorithm
|
||||
context using key B<pkey> for a key genration operation.
|
||||
context using key B<pkey> for a key generation operation.
|
||||
|
||||
The EVP_PKEY_keygen() function performs a key generation operation, the
|
||||
The EVP_PKEY_keygen() function performs a key generation operation, the
|
||||
generated key is written to B<ppkey>.
|
||||
|
||||
The functions EVP_PKEY_paramgen_init() and EVP_PKEY_paramgen() are similar
|
||||
@@ -44,7 +49,7 @@ parameters available is returned. Any non negative value returns the value of
|
||||
that parameter. EVP_PKEY_CTX_gen_keygen_info() with a non-negative value for
|
||||
B<idx> should only be called within the generation callback.
|
||||
|
||||
If the callback returns 0 then the key genration operation is aborted and an
|
||||
If the callback returns 0 then the key generation operation is aborted and an
|
||||
error occurs. This might occur during a time consuming operation where
|
||||
a user clicks on a "cancel" button.
|
||||
|
||||
@@ -64,7 +69,7 @@ once on the same context if several operations are performed using the same
|
||||
parameters.
|
||||
|
||||
The meaning of the parameters passed to the callback will depend on the
|
||||
algorithm and the specifiic implementation of the algorithm. Some might not
|
||||
algorithm and the specific implementation of the algorithm. Some might not
|
||||
give any useful information at all during key or parameter generation. Others
|
||||
might not even call the callback.
|
||||
|
||||
@@ -95,15 +100,15 @@ Generate a 2048 bit RSA key:
|
||||
EVP_PKEY *pkey = NULL;
|
||||
ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL);
|
||||
if (!ctx)
|
||||
/* Error occurred */
|
||||
/* Error occurred */
|
||||
if (EVP_PKEY_keygen_init(ctx) <= 0)
|
||||
/* Error */
|
||||
/* Error */
|
||||
if (EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, 2048) <= 0)
|
||||
/* Error */
|
||||
/* Error */
|
||||
|
||||
/* Generate key */
|
||||
if (EVP_PKEY_keygen(ctx, &pkey) <= 0)
|
||||
/* Error */
|
||||
/* Error */
|
||||
|
||||
Generate a key from a set of parameters:
|
||||
|
||||
@@ -115,13 +120,13 @@ Generate a key from a set of parameters:
|
||||
/* Assumed param is set up already */
|
||||
ctx = EVP_PKEY_CTX_new(param);
|
||||
if (!ctx)
|
||||
/* Error occurred */
|
||||
/* Error occurred */
|
||||
if (EVP_PKEY_keygen_init(ctx) <= 0)
|
||||
/* Error */
|
||||
/* Error */
|
||||
|
||||
/* Generate key */
|
||||
if (EVP_PKEY_keygen(ctx, &pkey) <= 0)
|
||||
/* Error */
|
||||
/* Error */
|
||||
|
||||
Example of generation callback for OpenSSL public key implementations:
|
||||
|
||||
@@ -130,32 +135,41 @@ Example of generation callback for OpenSSL public key implementations:
|
||||
EVP_PKEY_CTX_set_app_data(ctx, status_bio);
|
||||
|
||||
static int genpkey_cb(EVP_PKEY_CTX *ctx)
|
||||
{
|
||||
char c='*';
|
||||
BIO *b = EVP_PKEY_CTX_get_app_data(ctx);
|
||||
int p;
|
||||
p = EVP_PKEY_CTX_get_keygen_info(ctx, 0);
|
||||
if (p == 0) c='.';
|
||||
if (p == 1) c='+';
|
||||
if (p == 2) c='*';
|
||||
if (p == 3) c='\n';
|
||||
BIO_write(b,&c,1);
|
||||
(void)BIO_flush(b);
|
||||
return 1;
|
||||
}
|
||||
{
|
||||
char c = '*';
|
||||
BIO *b = EVP_PKEY_CTX_get_app_data(ctx);
|
||||
int p;
|
||||
p = EVP_PKEY_CTX_get_keygen_info(ctx, 0);
|
||||
if (p == 0) c = '.';
|
||||
if (p == 1) c = '+';
|
||||
if (p == 2) c = '*';
|
||||
if (p == 3) c = '\n';
|
||||
BIO_write(b, &c, 1);
|
||||
(void)BIO_flush(b);
|
||||
return 1;
|
||||
}
|
||||
|
||||
=head1 SEE ALSO
|
||||
|
||||
L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
|
||||
L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
|
||||
L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
|
||||
L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
|
||||
L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
|
||||
L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
|
||||
L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
|
||||
L<EVP_PKEY_CTX_new(3)>,
|
||||
L<EVP_PKEY_encrypt(3)>,
|
||||
L<EVP_PKEY_decrypt(3)>,
|
||||
L<EVP_PKEY_sign(3)>,
|
||||
L<EVP_PKEY_verify(3)>,
|
||||
L<EVP_PKEY_verify_recover(3)>,
|
||||
L<EVP_PKEY_derive(3)>
|
||||
|
||||
=head1 HISTORY
|
||||
|
||||
These functions were first added to OpenSSL 1.0.0.
|
||||
|
||||
=head1 COPYRIGHT
|
||||
|
||||
Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
|
||||
|
||||
Licensed under the OpenSSL license (the "License"). You may not use
|
||||
this file except in compliance with the License. You can obtain a copy
|
||||
in the file LICENSE in the source distribution or at
|
||||
L<https://www.openssl.org/source/license.html>.
|
||||
|
||||
=cut
|
||||
|
||||
Reference in New Issue
Block a user