diff options
| author | Richard Levitte <levitte@openssl.org> | 2019-12-18 13:24:27 +0100 |
|---|---|---|
| committer | Richard Levitte <levitte@openssl.org> | 2020-01-09 15:01:28 +0100 |
| commit | f23bc0b770efd229e27519786d9f28da56752d0a (patch) | |
| tree | 9ed18bbd3e8a3cc97c6a78a387fc1f7c585c78cd /doc | |
| parent | e62a45b60e3166d995eb83840f437debf575c328 (diff) | |
EVP: Adapt KEYEXCH, SIGNATURE and ASYM_CIPHER to handle key types better
The adaptation is to handle the case when key types and operations
that use these keys have different names. For example, EC keys can be
used for ECDSA and ECDH.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10647)
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/man3/EVP_PKEY_CTX_new.pod | 20 |
1 files changed, 17 insertions, 3 deletions
diff --git a/doc/man3/EVP_PKEY_CTX_new.pod b/doc/man3/EVP_PKEY_CTX_new.pod index 5d18a04344..90486ae0dc 100644 --- a/doc/man3/EVP_PKEY_CTX_new.pod +++ b/doc/man3/EVP_PKEY_CTX_new.pod @@ -21,14 +21,14 @@ EVP_PKEY_CTX_dup, EVP_PKEY_CTX_free =head1 DESCRIPTION The EVP_PKEY_CTX_new() function allocates public key algorithm context using -the algorithm specified in I<pkey> and ENGINE I<e>. +the I<pkey> key type and ENGINE I<e>. The EVP_PKEY_CTX_new_id() function allocates public key algorithm context -using the algorithm specified by I<id> and ENGINE I<e>. +using the key type specified by I<id> and ENGINE I<e>. The EVP_PKEY_CTX_new_provided() function allocates a public key algorithm context using the library context I<libctx> (see L<OPENSSL_CTX(3)>), the -algorithm specified by I<name> and the property query I<propquery>. None +key type specified by I<name> and the property query I<propquery>. None of the arguments are duplicated, so they must remain unchanged for the lifetime of the returned B<EVP_PKEY_CTX> or of any of its duplicates. @@ -44,11 +44,25 @@ If I<ctx> is NULL, nothing is done. =head1 NOTES +=over 4 + +=item 1. + The B<EVP_PKEY_CTX> structure is an opaque public key algorithm context used by the OpenSSL high level public key API. Contexts B<MUST NOT> be shared between threads: that is it is not permissible to use the same context simultaneously in two threads. +=item 2. + +We mention "key type" in this manual, which is the same +as "algorithm" in most cases, allowing either term to be used +interchangeably. There are algorithms where the I<key type> and the +I<algorithm> of the operations that use the keys are not the same, +such as EC keys being used for ECDSA and ECDH operations. + +=back + =head1 RETURN VALUES EVP_PKEY_CTX_new(), EVP_PKEY_CTX_new_id(), EVP_PKEY_CTX_dup() returns either |