Fix error in example.

Fixes #18828

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl

Fix error in example.

Fixes #18828

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Hugo Landau <hlandau@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18829)

show more ...

Fix the defective check of EVP_PKEY_get_params

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/

Fix the defective check of EVP_PKEY_get_params

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/18367)

show more ...

Update copyright year

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Release: yes

doc: Add hint to use EVP_PKEY_get_bn_param to retrieve big integers

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17423)

Clarify the int param getter documentation

OSSL_PARAMs that are of type OSSL_PARAM_INTEGER or
OSSL_PARAM_UNSIGNED_INTEGER can be obtained using any of the functions
EVP_PKEY_get_int_

Clarify the int param getter documentation

OSSL_PARAMs that are of type OSSL_PARAM_INTEGER or
OSSL_PARAM_UNSIGNED_INTEGER can be obtained using any of the functions
EVP_PKEY_get_int_param(), EVP_PKEY_get_size_t_param() or
EVP_PKEY_get_bn_param(). The former two will fail if the parameter is too
large to fit into the C variable. We clarify this in the documentation.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17445)

show more ...

Fix typos

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17392)

doc: EVP_PKEY_get_utf8/octet_string_param() clarify NULL buffer behavior

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/16843)

EVP_PKEY_gettable_params.pod: Update argument names

CLA: trivial

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: T

EVP_PKEY_gettable_params.pod: Update argument names

CLA: trivial

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16494)

show more ...

EVP_PKEY_get_utf8_string_param(): ensure the string is NUL terminated

A check is added to fail this function if the string buffer isn't
large enough to accomodate a terminating NUL byte.

EVP_PKEY_get_utf8_string_param(): ensure the string is NUL terminated

A check is added to fail this function if the string buffer isn't
large enough to accomodate a terminating NUL byte.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16334)

show more ...

Correct documentation errors in regards to UTF8 params

This fixes numerous bugs in documentation in regards to UTF8
params and their sizes. The returned size should always be without the

Correct documentation errors in regards to UTF8 params

This fixes numerous bugs in documentation in regards to UTF8
params and their sizes. The returned size should always be without the
terminating NUL byte. On the other hand on the requestor side
the size of the buffer should include the NUL byte if it expects it
being included in the returned string.

Also make this clear in the EVP_PKEY_get_group_name() documentation
which uses utf8 string params under the hood.

Fixes #16287

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16296)

show more ...

Update copyright year

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14235)

EVP: Adapt EVP_PKEY_{set1,get1}_encoded_public_key()

These functions are modified to use EVP_PKEY_set_octet_string_param()
and EVP_PKEY_get_octet_string_param() instead of evp_keymgmt_se

EVP: Adapt EVP_PKEY_{set1,get1}_encoded_public_key()

These functions are modified to use EVP_PKEY_set_octet_string_param()
and EVP_PKEY_get_octet_string_param() instead of evp_keymgmt_set_params()
and evp_keymgmt_get_params().
To accomplish this fully, EVP_PKEY_get_octet_string_param() is changed
slightly to populate |*out_sz| with the return size, even if getting
the params resulted in an error.

We also modify EVP_PKEY_get_utf8_string_param() to match
EVP_PKEY_get_octet_string_param()

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14056)

show more ...

EVP: Adapt the other EVP_PKEY_set_xxx_param() functions

They were calling evp_keymgmt_set_params() directly. Those calls are
changed to go through EVP_PKEY_set_params().

We tak

EVP: Adapt the other EVP_PKEY_set_xxx_param() functions

They were calling evp_keymgmt_set_params() directly. Those calls are
changed to go through EVP_PKEY_set_params().

We take the opportunity to constify these functions. They have to
unconstify internally for the compiler to stop complaining when
placing those pointers in an OSSL_PARAM element, but that's still
better than forcing the callers to do that cast.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14056)

show more ...

EVP: constify the EVP_PKEY_get_*_param() argument |pkey|

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.co

EVP: constify the EVP_PKEY_get_*_param() argument |pkey|

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13436)

show more ...

Make EVP_PKEY_CTX_[get|set]_ec_paramgen_curve_name more generic

We rename these function to EVP_PKEY_CTX_get_group_name and
EVP_PKEY_CTX_set_group_name so that they can be used for other

Make EVP_PKEY_CTX_[get|set]_ec_paramgen_curve_name more generic

We rename these function to EVP_PKEY_CTX_get_group_name and
EVP_PKEY_CTX_set_group_name so that they can be used for other algorithms
other than EC.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11914)

show more ...

Add EVP_PKEY_gettable_params support for accessing EVP_PKEY key data fields

Currently only RSA, EC and ECX are supported (DH and DSA need to be added to the keygen
PR's seperately becaus

Add EVP_PKEY_gettable_params support for accessing EVP_PKEY key data fields

Currently only RSA, EC and ECX are supported (DH and DSA need to be added to the keygen
PR's seperately because the fields supported have changed significantly).

The API's require the keys to be provider based.

Made the keymanagement export and get_params functions share the same code by supplying
support functions that work for both a OSSL_PARAM_BLD as well as a OSSL_PARAM[].
This approach means that complex code is not required to build an
empty OSSL_PARAM[] with the correct sized fields before then doing a second
pass to populate the array.

The RSA factor arrays have been changed to use unique key names to simplify the interface
needed by the user.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11365)

show more ...