diff options
author | Shane Lontis <shane.lontis@oracle.com> | 2021-02-17 13:00:34 +1000 |
---|---|---|
committer | Shane Lontis <shane.lontis@oracle.com> | 2021-02-22 13:31:31 +1000 |
commit | 4718326a46ad460fefc5cc240a8599af4b5993c7 (patch) | |
tree | be4beed6f52122d46ebba91baf9fb59ba586f918 /doc | |
parent | 681618cfc18b4f01f2c07e823308d30f6f47504b (diff) |
Add EVP_PKEY_public_check_quick.
Adding the EVP_PKEY_param_check_quick() reminded me that there are also
partial checks for public keys as part of SP800-56A for FFC (DH named safe
prime groups) and ECC. The code was mainly already there and just needed
to be plumbed into the validate methods.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14206)
Diffstat (limited to 'doc')
-rw-r--r-- | doc/man3/EVP_PKEY_check.pod | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/doc/man3/EVP_PKEY_check.pod b/doc/man3/EVP_PKEY_check.pod index b5d33a41e3..4f91f8f9a2 100644 --- a/doc/man3/EVP_PKEY_check.pod +++ b/doc/man3/EVP_PKEY_check.pod @@ -3,7 +3,8 @@ =head1 NAME EVP_PKEY_check, EVP_PKEY_param_check, EVP_PKEY_param_check_quick, -EVP_PKEY_public_check, EVP_PKEY_private_check, EVP_PKEY_pairwise_check +EVP_PKEY_public_check, EVP_PKEY_public_check_quick, EVP_PKEY_private_check, +EVP_PKEY_pairwise_check - key and parameter validation functions =head1 SYNOPSIS @@ -14,6 +15,7 @@ EVP_PKEY_public_check, EVP_PKEY_private_check, EVP_PKEY_pairwise_check int EVP_PKEY_param_check(EVP_PKEY_CTX *ctx); int EVP_PKEY_param_check_quick(EVP_PKEY_CTX *ctx); int EVP_PKEY_public_check(EVP_PKEY_CTX *ctx); + int EVP_PKEY_public_check_quick(EVP_PKEY_CTX *ctx); int EVP_PKEY_private_check(EVP_PKEY_CTX *ctx); int EVP_PKEY_pairwise_check(EVP_PKEY_CTX *ctx); @@ -30,6 +32,12 @@ provided then this function call does the same thing as EVP_PKEY_param_check(). EVP_PKEY_public_check() validates the public component of the key given by B<ctx>. +EVP_PKEY_public_check_quick() validates the public component of the key +given by B<ctx> like EVP_PKEY_public_check() does. However some algorithm +implementations may offer a quicker form of validation that omits some checks in +order to perform a lightweight sanity check of the key. If a quicker form is not +provided then this function call does the same thing as EVP_PKEY_public_check(). + EVP_PKEY_private_check() validates the private component of the key given by B<ctx>. EVP_PKEY_pairwise_check() validates that the public and private components have @@ -60,8 +68,8 @@ L<EVP_PKEY_fromdata(3)>, EVP_PKEY_check(), EVP_PKEY_public_check() and EVP_PKEY_param_check() were added in OpenSSL 1.1.1. -EVP_PKEY_param_check_quick(), EVP_PKEY_private_check() and -EVP_PKEY_pairwise_check() were added in OpenSSL 3.0. +EVP_PKEY_param_check_quick(), EVP_PKEY_public_check_quick(), +EVP_PKEY_private_check() and EVP_PKEY_pairwise_check() were added in OpenSSL 3.0. =head1 COPYRIGHT |