2019-09-03 23:15:21 +08:00
|
|
|
=pod
|
|
|
|
|
|
|
|
=head1 NAME
|
|
|
|
|
2021-10-01 20:05:02 +08:00
|
|
|
EVP_SIGNATURE,
|
2019-09-03 23:15:21 +08:00
|
|
|
EVP_SIGNATURE_fetch, EVP_SIGNATURE_free, EVP_SIGNATURE_up_ref,
|
2021-06-01 19:17:47 +08:00
|
|
|
EVP_SIGNATURE_is_a, EVP_SIGNATURE_get0_provider,
|
2020-08-12 09:59:43 +08:00
|
|
|
EVP_SIGNATURE_do_all_provided, EVP_SIGNATURE_names_do_all,
|
Rename all getters to use get/get0 in name
For functions that exist in 1.1.1 provide a simple aliases via #define.
Fixes #15236
Functions with OSSL_DECODER_, OSSL_ENCODER_, OSSL_STORE_LOADER_,
EVP_KEYEXCH_, EVP_KEM_, EVP_ASYM_CIPHER_, EVP_SIGNATURE_,
EVP_KEYMGMT_, EVP_RAND_, EVP_MAC_, EVP_KDF_, EVP_PKEY_,
EVP_MD_, and EVP_CIPHER_ prefixes are renamed.
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15405)
2021-05-21 22:58:08 +08:00
|
|
|
EVP_SIGNATURE_get0_name, EVP_SIGNATURE_get0_description,
|
2020-08-12 09:59:43 +08:00
|
|
|
EVP_SIGNATURE_gettable_ctx_params, EVP_SIGNATURE_settable_ctx_params
|
2019-09-03 23:15:21 +08:00
|
|
|
- Functions to manage EVP_SIGNATURE algorithm objects
|
|
|
|
|
|
|
|
=head1 SYNOPSIS
|
|
|
|
|
|
|
|
#include <openssl/evp.h>
|
|
|
|
|
2021-10-01 20:05:02 +08:00
|
|
|
typedef struct evp_signature_st EVP_SIGNATURE;
|
|
|
|
|
2020-10-15 17:55:50 +08:00
|
|
|
EVP_SIGNATURE *EVP_SIGNATURE_fetch(OSSL_LIB_CTX *ctx, const char *algorithm,
|
2019-09-03 23:15:21 +08:00
|
|
|
const char *properties);
|
|
|
|
void EVP_SIGNATURE_free(EVP_SIGNATURE *signature);
|
|
|
|
int EVP_SIGNATURE_up_ref(EVP_SIGNATURE *signature);
|
Rename all getters to use get/get0 in name
For functions that exist in 1.1.1 provide a simple aliases via #define.
Fixes #15236
Functions with OSSL_DECODER_, OSSL_ENCODER_, OSSL_STORE_LOADER_,
EVP_KEYEXCH_, EVP_KEM_, EVP_ASYM_CIPHER_, EVP_SIGNATURE_,
EVP_KEYMGMT_, EVP_RAND_, EVP_MAC_, EVP_KDF_, EVP_PKEY_,
EVP_MD_, and EVP_CIPHER_ prefixes are renamed.
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15405)
2021-05-21 22:58:08 +08:00
|
|
|
const char *EVP_SIGNATURE_get0_name(const EVP_SIGNATURE *signature);
|
EVP: add missing common functionality
This adds the missing functions that should be common for all
fetchable EVP sub-APIs:
EVP_KEYMGMT_is_a(), EVP_KEYMGMT_do_all_provided(), EVP_KEYEXCH_is_a(),
EVP_KEYEXCH_do_all_provided(), EVP_KDF_is_a(), EVP_MD_is_a(),
EVP_SIGNATURE_do_all_provided(), EVP_SIGNATURE_is_a().
This also renames EVP_MD_do_all_ex(), EVP_CIPHER_do_all_ex(),
EVP_KDF_do_all_ex(), EVP_MAC_do_all_ex() to change '_ex'
to '_provided'.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/9979)
2019-09-23 16:33:26 +08:00
|
|
|
int EVP_SIGNATURE_is_a(const EVP_SIGNATURE *signature, const char *name);
|
Rename all getters to use get/get0 in name
For functions that exist in 1.1.1 provide a simple aliases via #define.
Fixes #15236
Functions with OSSL_DECODER_, OSSL_ENCODER_, OSSL_STORE_LOADER_,
EVP_KEYEXCH_, EVP_KEM_, EVP_ASYM_CIPHER_, EVP_SIGNATURE_,
EVP_KEYMGMT_, EVP_RAND_, EVP_MAC_, EVP_KDF_, EVP_PKEY_,
EVP_MD_, and EVP_CIPHER_ prefixes are renamed.
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15405)
2021-05-21 22:58:08 +08:00
|
|
|
OSSL_PROVIDER *EVP_SIGNATURE_get0_provider(const EVP_SIGNATURE *signature);
|
2020-10-15 17:55:50 +08:00
|
|
|
void EVP_SIGNATURE_do_all_provided(OSSL_LIB_CTX *libctx,
|
EVP: add missing common functionality
This adds the missing functions that should be common for all
fetchable EVP sub-APIs:
EVP_KEYMGMT_is_a(), EVP_KEYMGMT_do_all_provided(), EVP_KEYEXCH_is_a(),
EVP_KEYEXCH_do_all_provided(), EVP_KDF_is_a(), EVP_MD_is_a(),
EVP_SIGNATURE_do_all_provided(), EVP_SIGNATURE_is_a().
This also renames EVP_MD_do_all_ex(), EVP_CIPHER_do_all_ex(),
EVP_KDF_do_all_ex(), EVP_MAC_do_all_ex() to change '_ex'
to '_provided'.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/9979)
2019-09-23 16:33:26 +08:00
|
|
|
void (*fn)(EVP_SIGNATURE *signature,
|
|
|
|
void *arg),
|
|
|
|
void *arg);
|
2021-02-20 01:03:43 +08:00
|
|
|
int EVP_SIGNATURE_names_do_all(const EVP_SIGNATURE *signature,
|
|
|
|
void (*fn)(const char *name, void *data),
|
|
|
|
void *data);
|
Rename all getters to use get/get0 in name
For functions that exist in 1.1.1 provide a simple aliases via #define.
Fixes #15236
Functions with OSSL_DECODER_, OSSL_ENCODER_, OSSL_STORE_LOADER_,
EVP_KEYEXCH_, EVP_KEM_, EVP_ASYM_CIPHER_, EVP_SIGNATURE_,
EVP_KEYMGMT_, EVP_RAND_, EVP_MAC_, EVP_KDF_, EVP_PKEY_,
EVP_MD_, and EVP_CIPHER_ prefixes are renamed.
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15405)
2021-05-21 22:58:08 +08:00
|
|
|
const char *EVP_SIGNATURE_get0_name(const EVP_SIGNATURE *signature);
|
|
|
|
const char *EVP_SIGNATURE_get0_description(const EVP_SIGNATURE *signature);
|
2020-08-12 09:59:43 +08:00
|
|
|
const OSSL_PARAM *EVP_SIGNATURE_gettable_ctx_params(const EVP_SIGNATURE *sig);
|
|
|
|
const OSSL_PARAM *EVP_SIGNATURE_settable_ctx_params(const EVP_SIGNATURE *sig);
|
2019-09-03 23:15:21 +08:00
|
|
|
|
|
|
|
=head1 DESCRIPTION
|
|
|
|
|
|
|
|
EVP_SIGNATURE_fetch() fetches the implementation for the given
|
|
|
|
B<algorithm> from any provider offering it, within the criteria given
|
|
|
|
by the B<properties>.
|
|
|
|
The algorithm will be one offering functions for performing signature related
|
|
|
|
tasks such as signing and verifying.
|
2021-03-26 01:02:25 +08:00
|
|
|
See L<crypto(7)/ALGORITHM FETCHING> for further information.
|
2019-09-03 23:15:21 +08:00
|
|
|
|
|
|
|
The returned value must eventually be freed with EVP_SIGNATURE_free().
|
|
|
|
|
|
|
|
EVP_SIGNATURE_free() decrements the reference count for the B<EVP_SIGNATURE>
|
|
|
|
structure. Typically this structure will have been obtained from an earlier call
|
|
|
|
to EVP_SIGNATURE_fetch(). If the reference count drops to 0 then the
|
|
|
|
structure is freed.
|
|
|
|
|
|
|
|
EVP_SIGNATURE_up_ref() increments the reference count for an B<EVP_SIGNATURE>
|
|
|
|
structure.
|
|
|
|
|
EVP: add missing common functionality
This adds the missing functions that should be common for all
fetchable EVP sub-APIs:
EVP_KEYMGMT_is_a(), EVP_KEYMGMT_do_all_provided(), EVP_KEYEXCH_is_a(),
EVP_KEYEXCH_do_all_provided(), EVP_KDF_is_a(), EVP_MD_is_a(),
EVP_SIGNATURE_do_all_provided(), EVP_SIGNATURE_is_a().
This also renames EVP_MD_do_all_ex(), EVP_CIPHER_do_all_ex(),
EVP_KDF_do_all_ex(), EVP_MAC_do_all_ex() to change '_ex'
to '_provided'.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/9979)
2019-09-23 16:33:26 +08:00
|
|
|
EVP_SIGNATURE_is_a() returns 1 if I<signature> is an implementation of an
|
|
|
|
algorithm that's identifiable with I<name>, otherwise 0.
|
|
|
|
|
Rename all getters to use get/get0 in name
For functions that exist in 1.1.1 provide a simple aliases via #define.
Fixes #15236
Functions with OSSL_DECODER_, OSSL_ENCODER_, OSSL_STORE_LOADER_,
EVP_KEYEXCH_, EVP_KEM_, EVP_ASYM_CIPHER_, EVP_SIGNATURE_,
EVP_KEYMGMT_, EVP_RAND_, EVP_MAC_, EVP_KDF_, EVP_PKEY_,
EVP_MD_, and EVP_CIPHER_ prefixes are renamed.
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15405)
2021-05-21 22:58:08 +08:00
|
|
|
EVP_SIGNATURE_get0_provider() returns the provider that I<signature> was
|
|
|
|
fetched from.
|
2019-09-03 23:15:21 +08:00
|
|
|
|
EVP: add missing common functionality
This adds the missing functions that should be common for all
fetchable EVP sub-APIs:
EVP_KEYMGMT_is_a(), EVP_KEYMGMT_do_all_provided(), EVP_KEYEXCH_is_a(),
EVP_KEYEXCH_do_all_provided(), EVP_KDF_is_a(), EVP_MD_is_a(),
EVP_SIGNATURE_do_all_provided(), EVP_SIGNATURE_is_a().
This also renames EVP_MD_do_all_ex(), EVP_CIPHER_do_all_ex(),
EVP_KDF_do_all_ex(), EVP_MAC_do_all_ex() to change '_ex'
to '_provided'.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/9979)
2019-09-23 16:33:26 +08:00
|
|
|
EVP_SIGNATURE_do_all_provided() traverses all SIGNATURE implemented by all
|
|
|
|
activated roviders in the given library context I<libctx>, and for each of the
|
|
|
|
implementations, calls the given function I<fn> with the implementation method
|
|
|
|
and the given I<arg> as argument.
|
|
|
|
|
Rename all getters to use get/get0 in name
For functions that exist in 1.1.1 provide a simple aliases via #define.
Fixes #15236
Functions with OSSL_DECODER_, OSSL_ENCODER_, OSSL_STORE_LOADER_,
EVP_KEYEXCH_, EVP_KEM_, EVP_ASYM_CIPHER_, EVP_SIGNATURE_,
EVP_KEYMGMT_, EVP_RAND_, EVP_MAC_, EVP_KDF_, EVP_PKEY_,
EVP_MD_, and EVP_CIPHER_ prefixes are renamed.
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15405)
2021-05-21 22:58:08 +08:00
|
|
|
EVP_SIGNATURE_get0_name() returns the algorithm name from the provided
|
2021-04-16 22:22:03 +08:00
|
|
|
implementation for the given I<signature>. Note that the I<signature> may have
|
|
|
|
multiple synonyms associated with it. In this case the first name from the
|
|
|
|
algorithm definition is returned. Ownership of the returned string is retained
|
|
|
|
by the I<signature> object and should not be freed by the caller.
|
|
|
|
|
2019-09-23 16:56:13 +08:00
|
|
|
EVP_SIGNATURE_names_do_all() traverses all names for I<signature>, and calls
|
|
|
|
I<fn> with each name and I<data>.
|
|
|
|
|
Rename all getters to use get/get0 in name
For functions that exist in 1.1.1 provide a simple aliases via #define.
Fixes #15236
Functions with OSSL_DECODER_, OSSL_ENCODER_, OSSL_STORE_LOADER_,
EVP_KEYEXCH_, EVP_KEM_, EVP_ASYM_CIPHER_, EVP_SIGNATURE_,
EVP_KEYMGMT_, EVP_RAND_, EVP_MAC_, EVP_KDF_, EVP_PKEY_,
EVP_MD_, and EVP_CIPHER_ prefixes are renamed.
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15405)
2021-05-21 22:58:08 +08:00
|
|
|
EVP_SIGNATURE_get0_description() returns a description of the I<signature>,
|
|
|
|
meant for display and human consumption. The description is at the
|
|
|
|
discretion of the I<signature> implementation.
|
EVP: Add EVP_<TYPE>_description()
The following operation types are covered:
EVP_MD, EVP_CIPHER, EVP_MAC, EVP_RAND, EVP_KEYMGMT, EVP_SIGNATURE,
EVP_ASYM_CIPHER, EVP_KEM, EVP_KEYEXCH, EVP_KDF. Also EVP_PKEY.
For EVP_MD and EVP_CIPHER, OBJ_nid2ln() is used as a fallback for
legacy implementations.
For EVP_PKEY, the info field of the EVP_PKEY_ASN1_METHOD is used as a
fallback for legacy implementations.
Fixes #14514
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14656)
2021-03-16 21:23:54 +08:00
|
|
|
|
2020-08-12 09:59:43 +08:00
|
|
|
EVP_SIGNATURE_gettable_ctx_params() and EVP_SIGNATURE_settable_ctx_params()
|
|
|
|
return a constant B<OSSL_PARAM> array that describes the names and types of key
|
|
|
|
parameters that can be retrieved or set by a signature algorithm using
|
|
|
|
L<EVP_PKEY_CTX_get_params(3)> and L<EVP_PKEY_CTX_set_params(3)>.
|
|
|
|
|
2019-09-03 23:15:21 +08:00
|
|
|
=head1 RETURN VALUES
|
|
|
|
|
|
|
|
EVP_SIGNATURE_fetch() returns a pointer to an B<EVP_SIGNATURE> for success
|
|
|
|
or B<NULL> for failure.
|
|
|
|
|
|
|
|
EVP_SIGNATURE_up_ref() returns 1 for success or 0 otherwise.
|
|
|
|
|
2021-02-20 01:03:43 +08:00
|
|
|
EVP_SIGNATURE_names_do_all() returns 1 if the callback was called for all names.
|
|
|
|
A return value of 0 means that the callback was not called for any names.
|
|
|
|
|
2020-08-12 09:59:43 +08:00
|
|
|
EVP_SIGNATURE_gettable_ctx_params() and EVP_SIGNATURE_settable_ctx_params()
|
|
|
|
return a constant B<OSSL_PARAM> array or NULL on error.
|
|
|
|
|
2019-09-03 23:15:21 +08:00
|
|
|
=head1 SEE ALSO
|
|
|
|
|
2021-03-26 01:02:25 +08:00
|
|
|
L<crypto(7)/ALGORITHM FETCHING>, L<OSSL_PROVIDER(3)>
|
2019-09-03 23:15:21 +08:00
|
|
|
|
|
|
|
=head1 HISTORY
|
|
|
|
|
|
|
|
The functions described here were added in OpenSSL 3.0.
|
|
|
|
|
|
|
|
=head1 COPYRIGHT
|
|
|
|
|
2021-03-11 21:27:36 +08:00
|
|
|
Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
|
2019-09-03 23:15:21 +08:00
|
|
|
|
|
|
|
Licensed under the Apache License 2.0 (the "License"). You may not use
|
|
|
|
this file except in compliance with the License. You can obtain a copy
|
|
|
|
in the file LICENSE in the source distribution or at
|
|
|
|
L<https://www.openssl.org/source/license.html>.
|
|
|
|
|
|
|
|
=cut
|