1=pod 2 3=head1 NAME 4 5EVP_PKEY_CTX_ctrl, EVP_PKEY_CTX_ctrl_str, EVP_PKEY_get_default_digest_nid, 6EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_set_rsa_padding, 7EVP_PKEY_CTX_set_rsa_pss_saltlen, EVP_PKEY_CTX_set_rsa_rsa_keygen_bits, 8EVP_PKEY_CTX_set_rsa_keygen_pubexp, EVP_PKEY_CTX_set_dsa_paramgen_bits, 9EVP_PKEY_CTX_set_dh_paramgen_prime_len, 10EVP_PKEY_CTX_set_dh_paramgen_generator, 11EVP_PKEY_CTX_set_ec_paramgen_curve_nid - algorithm specific control operations 12 13=head1 SYNOPSIS 14 15 #include <openssl/evp.h> 16 17 int EVP_PKEY_CTX_ctrl(EVP_PKEY_CTX *ctx, int keytype, int optype, 18 int cmd, int p1, void *p2); 19 int EVP_PKEY_CTX_ctrl_str(EVP_PKEY_CTX *ctx, const char *type, 20 const char *value); 21 22 int EVP_PKEY_get_default_digest_nid(EVP_PKEY *pkey, int *pnid); 23 24 #include <openssl/rsa.h> 25 26 int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md); 27 28 int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *ctx, int pad); 29 int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *ctx, int len); 30 int EVP_PKEY_CTX_set_rsa_rsa_keygen_bits(EVP_PKEY_CTX *ctx, int mbits); 31 int EVP_PKEY_CTX_set_rsa_keygen_pubexp(EVP_PKEY_CTX *ctx, BIGNUM *pubexp); 32 33 #include <openssl/dsa.h> 34 int EVP_PKEY_CTX_set_dsa_paramgen_bits(EVP_PKEY_CTX *ctx, int nbits); 35 36 #include <openssl/dh.h> 37 int EVP_PKEY_CTX_set_dh_paramgen_prime_len(EVP_PKEY_CTX *ctx, int len); 38 int EVP_PKEY_CTX_set_dh_paramgen_generator(EVP_PKEY_CTX *ctx, int gen); 39 40 #include <openssl/ec.h> 41 int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid); 42 43=head1 DESCRIPTION 44 45The function EVP_PKEY_CTX_ctrl() sends a control operation to the context 46B<ctx>. The key type used must match B<keytype> if it is not -1. The parameter 47B<optype> is a mask indicating which operations the control can be applied to. 48The control command is indicated in B<cmd> and any additional arguments in 49B<p1> and B<p2>. 50 51Applications will not normally call EVP_PKEY_CTX_ctrl() directly but will 52instead call one of the algorithm specific macros below. 53 54The function EVP_PKEY_CTX_ctrl_str() allows an application to send an algorithm 55specific control operation to a context B<ctx> in string form. This is 56intended to be used for options specified on the command line or in text 57files. The commands supported are documented in the openssl utility 58command line pages for the option B<-pkeyopt> which is supported by the 59B<pkeyutl>, B<genpkey> and B<req> commands. 60 61All the remaining "functions" are implemented as macros. 62 63The EVP_PKEY_CTX_set_signature_md() macro sets the message digest type used 64in a signature. It can be used with any public key algorithm supporting 65signature operations. 66 67The macro EVP_PKEY_CTX_set_rsa_padding() sets the RSA padding mode for B<ctx>. 68The B<pad> parameter can take the value RSA_PKCS1_PADDING for PKCS#1 padding, 69RSA_SSLV23_PADDING for SSLv23 padding, RSA_NO_PADDING for no padding, 70RSA_PKCS1_OAEP_PADDING for OAEP padding (encrypt and decrypt only), 71RSA_X931_PADDING for X9.31 padding (signature operations only) and 72RSA_PKCS1_PSS_PADDING (sign and verify only). 73 74Two RSA padding modes behave differently if EVP_PKEY_CTX_set_signature_md() 75is used. If this macro is called for PKCS#1 padding the plaintext buffer is 76an actual digest value and is encapsulated in a DigestInfo structure according 77to PKCS#1 when signing and this structure is expected (and stripped off) when 78verifying. If this control is not used with RSA and PKCS#1 padding then the 79supplied data is used directly and not encapsulated. In the case of X9.31 80padding for RSA the algorithm identifier byte is added or checked and removed 81if this control is called. If it is not called then the first byte of the plaintext buffer is expected to be the algorithm identifier byte. 82 83The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro sets the RSA PSS salt length to 84B<len> as its name implies it is only supported for PSS padding. Two special 85values are supported: -1 sets the salt length to the digest length. When 86signing -2 sets the salt length to the maximum permissible value. When 87verifying -2 causes the salt length to be automatically determined based on the 88B<PSS> block structure. If this macro is not called a salt length value of -2 89is used by default. 90 91The EVP_PKEY_CTX_set_rsa_rsa_keygen_bits() macro sets the RSA key length for 92RSA key genration to B<bits>. If not specified 1024 bits is used. 93 94The EVP_PKEY_CTX_set_rsa_keygen_pubexp() macro sets the public exponent value 95for RSA key generation to B<pubexp> currently it should be an odd integer. The 96B<pubexp> pointer is used internally by this function so it should not be 97modified or free after the call. If this macro is not called then 65537 is used. 98 99The macro EVP_PKEY_CTX_set_dsa_paramgen_bits() sets the number of bits used 100for DSA parameter generation to B<bits>. If not specified 1024 is used. 101 102The macro EVP_PKEY_CTX_set_dh_paramgen_prime_len() sets the length of the DH 103prime parameter B<p> for DH parameter generation. If this macro is not called 104then 1024 is used. 105 106The EVP_PKEY_CTX_set_dh_paramgen_generator() macro sets DH generator to B<gen> 107for DH parameter generation. If not specified 2 is used. 108 109The EVP_PKEY_CTX_set_ec_paramgen_curve_nid() sets the EC curve for EC parameter 110generation to B<nid>. For EC parameter generation this macro must be called 111or an error occurs because there is no default curve. 112 113=head1 RETURN VALUES 114 115EVP_PKEY_CTX_ctrl() and its macros return a positive value for success and 0 116or a negative value for failure. In particular a return value of -2 117indicates the operation is not supported by the public key algorithm. 118 119=head1 SEE ALSO 120 121L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>, 122L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>, 123L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>, 124L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>, 125L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>, 126L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>, 127L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)> 128L<EVP_PKEY_keygen(3)|EVP_PKEY_keygen(3)> 129 130=head1 HISTORY 131 132These functions were first added to OpenSSL 1.0.0. 133 134=cut 135