diff options
author | Matt Caswell <matt@openssl.org> | 2020-05-19 15:24:25 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2020-06-19 10:19:31 +0100 |
commit | 11a1b341f3bc6a0afe75f9432f623026624fb720 (patch) | |
tree | 8beadffedb50c9c324a3234832bb5dd80f56ca95 /doc | |
parent | 9d2d857f135abd281591ee0c2b58e01a710c3cea (diff) |
Make EVP_PKEY_CTX_[get|set]_ec_paramgen_curve_name more generic
We rename these function to EVP_PKEY_CTX_get_group_name and
EVP_PKEY_CTX_set_group_name so that they can be used for other algorithms
other than EC.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11914)
Diffstat (limited to 'doc')
-rw-r--r-- | doc/man3/EVP_PKEY_CTX_ctrl.pod | 38 | ||||
-rw-r--r-- | doc/man3/EVP_PKEY_gettable_params.pod | 2 | ||||
-rw-r--r-- | doc/man7/EVP_PKEY-EC.pod | 8 |
3 files changed, 27 insertions, 21 deletions
diff --git a/doc/man3/EVP_PKEY_CTX_ctrl.pod b/doc/man3/EVP_PKEY_CTX_ctrl.pod index db91f01038..1e836fc30e 100644 --- a/doc/man3/EVP_PKEY_CTX_ctrl.pod +++ b/doc/man3/EVP_PKEY_CTX_ctrl.pod @@ -9,6 +9,8 @@ EVP_PKEY_CTX_md, EVP_PKEY_CTX_set_signature_md, EVP_PKEY_CTX_get_signature_md, EVP_PKEY_CTX_set_mac_key, +EVP_PKEY_CTX_set_group_name, +EVP_PKEY_CTX_get_group_name, EVP_PKEY_CTX_set_rsa_padding, EVP_PKEY_CTX_get_rsa_padding, EVP_PKEY_CTX_set_rsa_pss_saltlen, @@ -53,8 +55,6 @@ EVP_PKEY_CTX_set_dh_kdf_outlen, EVP_PKEY_CTX_get_dh_kdf_outlen, EVP_PKEY_CTX_set0_dh_kdf_ukm, EVP_PKEY_CTX_get0_dh_kdf_ukm, -EVP_PKEY_CTX_set_ec_paramgen_curve_name, -EVP_PKEY_CTX_get_ec_paramgen_curve_name, EVP_PKEY_CTX_set_ec_paramgen_curve_nid, EVP_PKEY_CTX_set_ec_param_enc, EVP_PKEY_CTX_set_ecdh_cofactor_mode, @@ -88,6 +88,8 @@ EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len int EVP_PKEY_CTX_set_mac_key(EVP_PKEY_CTX *ctx, const unsigned char *key, int len); + int EVP_PKEY_CTX_set_group_name(EVP_PKEY_CTX *ctx, const char *name); + int EVP_PKEY_CTX_get_group_name(EVP_PKEY_CTX *ctx, char *name, size_t namelen); #include <openssl/rsa.h> @@ -154,10 +156,6 @@ EVP_PKEY_CTX_set1_id, EVP_PKEY_CTX_get1_id, EVP_PKEY_CTX_get1_id_len #include <openssl/ec.h> - int EVP_PKEY_CTX_set_ec_paramgen_curve_name(EVP_PKEY_CTX *ctx, - const char *name); - int EVP_PKEY_CTX_get_ec_paramgen_curve_name(EVP_PKEY_CTX *ctx, - char *name, size_t namelen); int EVP_PKEY_CTX_set_ec_paramgen_curve_nid(EVP_PKEY_CTX *ctx, int nid); int EVP_PKEY_CTX_set_ec_param_enc(EVP_PKEY_CTX *ctx, int param_enc); int EVP_PKEY_CTX_set_ecdh_cofactor_mode(EVP_PKEY_CTX *ctx, int cofactor_mode); @@ -221,6 +219,15 @@ L<EVP_PKEY_new_raw_private_key(3)> or similar functions instead of this macro. The EVP_PKEY_CTX_set_mac_key() macro can be used with any of the algorithms supported by the L<EVP_PKEY_new_raw_private_key(3)> function. +EVP_PKEY_CTX_set_group_name() sets the group name to I<name> for parameter and +key generation. For example for EC keys this will set the curve name and for +DH keys it will set the name of the finite field group. + +EVP_PKEY_CTX_get_group_name() finds the group name that's currently +set with I<ctx>, and writes it to the location that I<name> points at, as long +as its size I<namelen> is large enough to store that name, including a +terminating NUL byte. + =head2 RSA parameters The EVP_PKEY_CTX_set_rsa_padding() function sets the RSA padding mode for I<ctx>. @@ -524,23 +531,21 @@ by the library and should not be freed by the caller. =head2 EC parameters -EVP_PKEY_CTX_set_ec_paramgen_curve_name() sets the EC curve to I<name> for EC -parameter generation. +Use EVP_PKEY_CTX_set_group_name() (described above) to set the curve name to +I<name> for parameter and key generation. EVP_PKEY_CTX_set_ec_paramgen_curve_nid() does the same as -EVP_PKEY_CTX_set_ec_paramgen_curve_name(), but uses a I<nid> rather than a -name string. +EVP_PKEY_CTX_set_group_name(), but is specific to EC and uses a I<nid> rather +than a name string. -For EC parameter generation, one of EVP_PKEY_CTX_set_ec_paramgen_curve_name() +For EC parameter generation, one of EVP_PKEY_CTX_set_group_name() or EVP_PKEY_CTX_set_ec_paramgen_curve_nid() must be called or an error occurs because there is no default curve. These function can also be called to set the curve explicitly when generating an EC key. -EVP_PKEY_CTX_get_ec_paramgen_curve_name() finds the curve name that's currently -set with I<ctx>, and writes it to the location that I<name> points at, as long -as its size I<namelen> is large enough to store that name, including a -terminating NUL byte. +EVP_PKEY_CTX_get_group_name() (described above) can be used to obtain the curve +name that's currently set with I<ctx>. The EVP_PKEY_CTX_set_ec_param_enc() macro sets the EC parameter encoding to I<param_enc> when generating EC parameters or an EC key. The encoding can be @@ -642,7 +647,8 @@ From OpenSSL 3.0 they are functions. EVP_PKEY_CTX_get_rsa_oaep_md_name(), EVP_PKEY_CTX_get_rsa_mgf1_md_name(), EVP_PKEY_CTX_set_rsa_mgf1_md_name(), EVP_PKEY_CTX_set_rsa_oaep_md_name(), EVP_PKEY_CTX_set_dsa_paramgen_md_props(), EVP_PKEY_CTX_set_dsa_paramgen_gindex(), -EVP_PKEY_CTX_set_dsa_paramgen_type() and EVP_PKEY_CTX_set_dsa_paramgen_seed() +EVP_PKEY_CTX_set_dsa_paramgen_type(), EVP_PKEY_CTX_set_dsa_paramgen_seed(), +EVP_PKEY_CTX_set_group_name() and EVP_PKEY_CTX_get_group_name() were added in OpenSSL 3.0. The EVP_PKEY_CTX_set1_id(), EVP_PKEY_CTX_get1_id() and diff --git a/doc/man3/EVP_PKEY_gettable_params.pod b/doc/man3/EVP_PKEY_gettable_params.pod index 87d25c7b99..8f6854a568 100644 --- a/doc/man3/EVP_PKEY_gettable_params.pod +++ b/doc/man3/EVP_PKEY_gettable_params.pod @@ -72,7 +72,7 @@ value. * is an EC key. */ - if (!EVP_PKEY_get_utf8_string_param(key, OSSL_PKEY_PARAM_EC_NAME, + if (!EVP_PKEY_get_utf8_string_param(key, OSSL_PKEY_PARAM_GROUP_NAME, curve_name, sizeof(curve_name), &len)) { /* Error */ } diff --git a/doc/man7/EVP_PKEY-EC.pod b/doc/man7/EVP_PKEY-EC.pod index 85e633ceed..ea25d5dc02 100644 --- a/doc/man7/EVP_PKEY-EC.pod +++ b/doc/man7/EVP_PKEY-EC.pod @@ -16,9 +16,9 @@ The following Import/Export types are available for the built-in EC algorithm: =over 4 -=item "curve-name" (B<OSSL_PKEY_PARAM_EC_NAME>) <utf8 string> +=item "group-name" (B<OSSL_PKEY_PARAM_GROUP_NAME>) <utf8 string> -The EC curve name. +The curve name. =item "use-cofactor-flag" (B<OSSL_PKEY_PARAM_USE_COFACTOR_ECDH>) <integer> @@ -63,7 +63,7 @@ calling: EVP_PKEY_keygen_init(gctx); - params[0] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_EC_NAME, + params[0] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME, "P-256", 0); params[1] = OSSL_PARAM_construct_end(); EVP_PKEY_CTX_set_params(gctx, params); @@ -90,7 +90,7 @@ An B<EVP_PKEY> EC CDH (Cofactor Diffie-Hellman) key can be generated with a EVP_PKEY_keygen_init(gctx); - params[0] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_EC_NAME, + params[0] = OSSL_PARAM_construct_utf8_string(OSSL_PKEY_PARAM_GROUP_NAME, "K-571", 0); /* * This curve has a cofactor that is not 1 - so setting CDH mode changes |