openssl/doc/man3/EVP_PKEY_CTX_new.pod

=pod

=head1 NAME

EVP_PKEY_CTX_new, EVP_PKEY_CTX_new_id, EVP_PKEY_CTX_new_from_name,
EVP_PKEY_CTX_new_from_pkey, EVP_PKEY_CTX_dup, EVP_PKEY_CTX_free
- public key algorithm context functions

=head1 SYNOPSIS

 #include <openssl/evp.h>

 EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *pkey, ENGINE *e);
 EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int id, ENGINE *e);
 EVP_PKEY_CTX *EVP_PKEY_CTX_new_from_name(OPENSSL_CTX *libctx,
                                          const char *name,
                                          const char *propquery);
 EVP_PKEY_CTX *EVP_PKEY_CTX_new_from_pkey(OPENSSL_CTX *libctx,
                                          EVP_PKEY *pkey);
 EVP_PKEY_CTX *EVP_PKEY_CTX_dup(const EVP_PKEY_CTX *ctx);
 void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx);

=head1 DESCRIPTION

The EVP_PKEY_CTX_new() function allocates public key algorithm context using
the I<pkey> key type and ENGINE I<e>.

The EVP_PKEY_CTX_new_id() function allocates public key algorithm context
using the key type specified by I<id> and ENGINE I<e>.

The EVP_PKEY_CTX_new_from_name() function allocates a public key algorithm
context using the library context I<libctx> (see L<OPENSSL_CTX(3)>), the
key type specified by I<name> and the property query I<propquery>.  None
of the arguments are duplicated, so they  must remain unchanged for the
lifetime of the returned B<EVP_PKEY_CTX> or of any of its duplicates.

The EVP_PKEY_CTX_new_from_pkey() function allocates a public key algorithm
context using the library context I<libctx> (see L<OPENSSL_CTX(3)>) and the
algorithm specified by I<pkey> and the property query I<propquery>. None of the
arguments are duplicated, so they must remain unchanged for the lifetime of the
returned B<EVP_PKEY_CTX> or any of its duplicates.

EVP_PKEY_CTX_new_id() and EVP_PKEY_CTX_new_from_name() are normally
used when no B<EVP_PKEY> structure is associated with the operations,
for example during parameter generation or key generation for some
algorithms.

EVP_PKEY_CTX_dup() duplicates the context I<ctx>.

EVP_PKEY_CTX_free() frees up the context I<ctx>.
If I<ctx> is NULL, nothing is done.

=head1 NOTES

=over 4

=item 1.

The B<EVP_PKEY_CTX> structure is an opaque public key algorithm context used
by the OpenSSL high level public key API. Contexts B<MUST NOT> be shared between
threads: that is it is not permissible to use the same context simultaneously
in two threads.

=item 2.

We mention "key type" in this manual, which is the same
as "algorithm" in most cases, allowing either term to be used
interchangeably.  There are algorithms where the I<key type> and the
I<algorithm> of the operations that use the keys are not the same,
such as EC keys being used for ECDSA and ECDH operations.

=back

=head1 RETURN VALUES

EVP_PKEY_CTX_new(), EVP_PKEY_CTX_new_id(), EVP_PKEY_CTX_dup() returns either
the newly allocated B<EVP_PKEY_CTX> structure of B<NULL> if an error occurred.

EVP_PKEY_CTX_free() does not return a value.

=head1 SEE ALSO

L<EVP_PKEY_new(3)>

=head1 HISTORY

The EVP_PKEY_CTX_new(), EVP_PKEY_CTX_new_id(), EVP_PKEY_CTX_dup() and
EVP_PKEY_CTX_free() functions were added in OpenSSL 1.0.0.

The EVP_PKEY_CTX_new_from_name() and EVP_PKEY_CTX_new_from_pkey() functions were
added in OpenSSL 3.0.

=head1 COPYRIGHT

Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License").  You may not use
this file except in compliance with the License.  You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.

=cut
Add some EVP_PKEY_METHOD docs. 2006-07-08 18:45:08 +08:00			`=pod`

			`=head1 NAME`

Add dsa signature alg to fips provider Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10615) 2020-01-12 09:32:12 +08:00			`EVP_PKEY_CTX_new, EVP_PKEY_CTX_new_id, EVP_PKEY_CTX_new_from_name,`
			`EVP_PKEY_CTX_new_from_pkey, EVP_PKEY_CTX_dup, EVP_PKEY_CTX_free`
Add EVP_PKEY_CTX_new_provided() This works as much as possible EVP_PKEY_CTX_new_id(), except it takes data that's relevant for providers, algorithm name and property query string instead of NID and engine. Additionally, if EVP_PKEY_CTX_new() or EVP_PKEY_CTX_new_id() was called, the algorithm name in the EVP_PKEY context will be set to the short name of the given NID (explicit or the one of the given EVP_PKEY), thereby giving an easier transition from legacy methods to provided methods. The intent is that operations will use this information to fetch provider methods implicitly as needed. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10184) 2019-10-15 19:08:17 +08:00			`- public key algorithm context functions`
Add some EVP_PKEY_METHOD docs. 2006-07-08 18:45:08 +08:00
			`=head1 SYNOPSIS`

			`#include <openssl/evp.h>`

			`EVP_PKEY_CTX EVP_PKEY_CTX_new(EVP_PKEY pkey, ENGINE *e);`
			`EVP_PKEY_CTX EVP_PKEY_CTX_new_id(int id, ENGINE e);`
Add dsa signature alg to fips provider Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10615) 2020-01-12 09:32:12 +08:00			`EVP_PKEY_CTX EVP_PKEY_CTX_new_from_name(OPENSSL_CTX libctx,`
			`const char *name,`
			`const char *propquery);`
			`EVP_PKEY_CTX EVP_PKEY_CTX_new_from_pkey(OPENSSL_CTX libctx,`
			`EVP_PKEY *pkey);`
constify _dup() and i2d_*() and related functions as far as possible, introducing DECLARE_ASN1_DUP_FUNCTION Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/8029) 2019-01-16 04:51:25 +08:00			`EVP_PKEY_CTX EVP_PKEY_CTX_dup(const EVP_PKEY_CTX ctx);`
Add some EVP_PKEY_METHOD docs. 2006-07-08 18:45:08 +08:00			`void EVP_PKEY_CTX_free(EVP_PKEY_CTX *ctx);`

			`=head1 DESCRIPTION`

			`The EVP_PKEY_CTX_new() function allocates public key algorithm context using`
EVP: Adapt KEYEXCH, SIGNATURE and ASYM_CIPHER to handle key types better The adaptation is to handle the case when key types and operations that use these keys have different names. For example, EC keys can be used for ECDSA and ECDH. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10647) 2019-12-18 20:24:27 +08:00			`the I<pkey> key type and ENGINE I<e>.`
Add some EVP_PKEY_METHOD docs. 2006-07-08 18:45:08 +08:00
			`The EVP_PKEY_CTX_new_id() function allocates public key algorithm context`
EVP: Adapt KEYEXCH, SIGNATURE and ASYM_CIPHER to handle key types better The adaptation is to handle the case when key types and operations that use these keys have different names. For example, EC keys can be used for ECDSA and ECDH. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10647) 2019-12-18 20:24:27 +08:00			`using the key type specified by I<id> and ENGINE I<e>.`
Add EVP_PKEY_CTX_new_provided() This works as much as possible EVP_PKEY_CTX_new_id(), except it takes data that's relevant for providers, algorithm name and property query string instead of NID and engine. Additionally, if EVP_PKEY_CTX_new() or EVP_PKEY_CTX_new_id() was called, the algorithm name in the EVP_PKEY context will be set to the short name of the given NID (explicit or the one of the given EVP_PKEY), thereby giving an easier transition from legacy methods to provided methods. The intent is that operations will use this information to fetch provider methods implicitly as needed. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10184) 2019-10-15 19:08:17 +08:00
Add dsa signature alg to fips provider Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10615) 2020-01-12 09:32:12 +08:00			`The EVP_PKEY_CTX_new_from_name() function allocates a public key algorithm`
Change EVP_PKEY_CTX_new_provided() to take a library context too. With provided algorithms, the library context is ever present, so of course it should be specified alongside the algorithm name and property query string. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10308) 2019-11-01 23:56:31 +08:00			`context using the library context I<libctx> (see L<OPENSSL_CTX(3)>), the`
EVP: Adapt KEYEXCH, SIGNATURE and ASYM_CIPHER to handle key types better The adaptation is to handle the case when key types and operations that use these keys have different names. For example, EC keys can be used for ECDSA and ECDH. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10647) 2019-12-18 20:24:27 +08:00			`key type specified by I<name> and the property query I<propquery>. None`
Change EVP_PKEY_CTX_new_provided() to take a library context too. With provided algorithms, the library context is ever present, so of course it should be specified alongside the algorithm name and property query string. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10308) 2019-11-01 23:56:31 +08:00			`of the arguments are duplicated, so they must remain unchanged for the`
			`lifetime of the returned B<EVP_PKEY_CTX> or of any of its duplicates.`
Add EVP_PKEY_CTX_new_provided() This works as much as possible EVP_PKEY_CTX_new_id(), except it takes data that's relevant for providers, algorithm name and property query string instead of NID and engine. Additionally, if EVP_PKEY_CTX_new() or EVP_PKEY_CTX_new_id() was called, the algorithm name in the EVP_PKEY context will be set to the short name of the given NID (explicit or the one of the given EVP_PKEY), thereby giving an easier transition from legacy methods to provided methods. The intent is that operations will use this information to fetch provider methods implicitly as needed. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10184) 2019-10-15 19:08:17 +08:00
Add dsa signature alg to fips provider Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10615) 2020-01-12 09:32:12 +08:00			`The EVP_PKEY_CTX_new_from_pkey() function allocates a public key algorithm`
			`context using the library context I<libctx> (see L<OPENSSL_CTX(3)>) and the`
Modify EVP_PKEY_CTX_new_from_pkey() to add a propquery parameter The function EVP_PKEY_CTX_new_from_pkey() infers the name of the algorithm to fetch from the EVP_PKEY that has been supplied as an argument. But there was no way to specify properties to be used during that fetch. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10926) 2020-01-15 19:10:43 +08:00			`algorithm specified by I<pkey> and the property query I<propquery>. None of the`
			`arguments are duplicated, so they must remain unchanged for the lifetime of the`
			`returned B<EVP_PKEY_CTX> or any of its duplicates.`
Add dsa signature alg to fips provider Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10615) 2020-01-12 09:32:12 +08:00
			`EVP_PKEY_CTX_new_id() and EVP_PKEY_CTX_new_from_name() are normally`
Add EVP_PKEY_CTX_new_provided() This works as much as possible EVP_PKEY_CTX_new_id(), except it takes data that's relevant for providers, algorithm name and property query string instead of NID and engine. Additionally, if EVP_PKEY_CTX_new() or EVP_PKEY_CTX_new_id() was called, the algorithm name in the EVP_PKEY context will be set to the short name of the given NID (explicit or the one of the given EVP_PKEY), thereby giving an easier transition from legacy methods to provided methods. The intent is that operations will use this information to fetch provider methods implicitly as needed. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10184) 2019-10-15 19:08:17 +08:00			`used when no B<EVP_PKEY> structure is associated with the operations,`
			`for example during parameter generation or key generation for some`
			`algorithms.`
Add some EVP_PKEY_METHOD docs. 2006-07-08 18:45:08 +08:00
doc/man3/EVP_PKEY_CTX_new.pod: change markup according to conventions Convention source is man-pages(7) Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10184) 2019-10-15 22:55:00 +08:00			`EVP_PKEY_CTX_dup() duplicates the context I<ctx>.`
Add some EVP_PKEY_METHOD docs. 2006-07-08 18:45:08 +08:00
doc/man3/EVP_PKEY_CTX_new.pod: change markup according to conventions Convention source is man-pages(7) Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10184) 2019-10-15 22:55:00 +08:00			`EVP_PKEY_CTX_free() frees up the context I<ctx>.`
			`If I<ctx> is NULL, nothing is done.`
Add some EVP_PKEY_METHOD docs. 2006-07-08 18:45:08 +08:00
			`=head1 NOTES`

EVP: Adapt KEYEXCH, SIGNATURE and ASYM_CIPHER to handle key types better The adaptation is to handle the case when key types and operations that use these keys have different names. For example, EC keys can be used for ECDSA and ECDH. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10647) 2019-12-18 20:24:27 +08:00			`=over 4`

			`=item 1.`

Add some EVP_PKEY_METHOD docs. 2006-07-08 18:45:08 +08:00			`The B<EVP_PKEY_CTX> structure is an opaque public key algorithm context used`
			`by the OpenSSL high level public key API. Contexts B<MUST NOT> be shared between`
			`threads: that is it is not permissible to use the same context simultaneously`
			`in two threads.`

EVP: Adapt KEYEXCH, SIGNATURE and ASYM_CIPHER to handle key types better The adaptation is to handle the case when key types and operations that use these keys have different names. For example, EC keys can be used for ECDSA and ECDH. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/10647) 2019-12-18 20:24:27 +08:00			`=item 2.`

			`We mention "key type" in this manual, which is the same`
			`as "algorithm" in most cases, allowing either term to be used`
			`interchangeably. There are algorithms where the I<key type> and the`
			`I<algorithm> of the operations that use the keys are not the same,`
			`such as EC keys being used for ECDSA and ECDH operations.`

			`=back`

Add some EVP_PKEY_METHOD docs. 2006-07-08 18:45:08 +08:00			`=head1 RETURN VALUES`

			`EVP_PKEY_CTX_new(), EVP_PKEY_CTX_new_id(), EVP_PKEY_CTX_dup() returns either`
			`the newly allocated B<EVP_PKEY_CTX> structure of B<NULL> if an error occurred.`

			`EVP_PKEY_CTX_free() does not return a value.`

			`=head1 SEE ALSO`

Fix L<> content in manpages L<foo\|foo> is sub-optimal If the xref is the same as the title, which is what we do, then you only need L<foo>. This fixes all 1457 occurrences in 349 files. Approximately. (And pod used to need both.) Reviewed-by: Richard Levitte <levitte@openssl.org> 2015-08-18 03:21:33 +08:00			`L<EVP_PKEY_new(3)>`
Add some EVP_PKEY_METHOD docs. 2006-07-08 18:45:08 +08:00
			`=head1 HISTORY`

Add dsa signature alg to fips provider Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10615) 2020-01-12 09:32:12 +08:00			`The EVP_PKEY_CTX_new(), EVP_PKEY_CTX_new_id(), EVP_PKEY_CTX_dup() and`
			`EVP_PKEY_CTX_free() functions were added in OpenSSL 1.0.0.`

			`The EVP_PKEY_CTX_new_from_name() and EVP_PKEY_CTX_new_from_pkey() functions were`
			`added in OpenSSL 3.0.`
Add some EVP_PKEY_METHOD docs. 2006-07-08 18:45:08 +08:00
Add copyright to manpages Reviewed-by: Richard Levitte <levitte@openssl.org> 2016-05-18 23:44:05 +08:00			`=head1 COPYRIGHT`

			`Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.`

Following the license change, modify the boilerplates in doc/man3/ [skip ci] Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7829) 2018-12-06 21:04:44 +08:00			`Licensed under the Apache License 2.0 (the "License"). You may not use`
Add copyright to manpages Reviewed-by: Richard Levitte <levitte@openssl.org> 2016-05-18 23:44:05 +08:00			`this file except in compliance with the License. You can obtain a copy`
			`in the file LICENSE in the source distribution or at`
			`L<https://www.openssl.org/source/license.html>.`

			`=cut`