21  /* Generation, a more complex constructor */
34  /* Key loading by object reference, also a constructor */
60  /* Key object duplication, a constructor */
85 All these "functions" have a corresponding function type definition
86 named B<OSSL_FUNC_{name}_fn>, and a helper function to retrieve the
87 function pointer from a L<OSSL_DISPATCH(3)> element named
134 A key object is a collection of data for an asymmetric key, and is
137 The exact contents of a key object are defined by the provider, and it
140 for example, a key object that has been created using the KEYMGMT
145 With some of the KEYMGMT functions, it's possible to select a specific
146 subset of data to handle, governed by the bits in a I<selection>
153 Indicating that the private key data in a key object should be
158 Indicating that the public key data in a key object should be
163 Indicating that the domain parameters in a key object should be
168 Indicating that other parameters in a key object should be
173 a last resort bit bucket selector.
189 This is a combination of B<OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS> and
197 Indicating that both the whole key pair in a key object should be
200 This is a combination of B<OSSL_KEYMGMT_SELECT_PRIVATE_KEY> and
205 Indicating that everything in a key object should be considered.
210 each function where you can specify a selector.
216 since a match of one half implies a match of the other half.
220 OSSL_FUNC_keymgmt_new() should create a provider side key object.  The
229 OSSL_FUNC_keymgmt_gen() and OSSL_FUNC_keymgmt_gen_cleanup() work together as a
235 The I<params>, if not NULL, should be set on the context in a manner similar to
239 I<genctx>.  The I<template> is assumed to be a key object constructed
241 chooses can be used as a template for the key object to be generated.
242 Typically, the generation of a DSA or DH key would get the domain
248 OSSL_FUNC_keymgmt_gen_gettable_params() should return a constant array of
255 OSSL_FUNC_keymgmt_gen_settable_params() should return a constant array of
267 OSSL_FUNC_keymgmt_load() creates a provider side key object based on a
268 I<reference> object with a size of I<reference_sz> bytes, that only the
283 OSSL_FUNC_keymgmt_gettable_params() should return a constant array of
293 OSSL_FUNC_keymgmt_settable_params() should return a constant array of
314 to still be a valid subset. For algorithms where some selection is
328 The interpretation of how much checking is performed in a full check versus a
330 between a full check and a quick check. For algorithms where some selection is
350 should return a constant array of descriptor
360 should return a constant array of descriptor
370 I<selection> or the whole key data I<keydata_from> and create a new
390 The value should be the maximum size that a caller should allocate to
391 safely store a signature (called I<sig> in L<provider-signature(7)>),
393 L<provider-asym_cipher(7)>, a derived secret (I<secret> in
411 If there is a mandatory digest for performing a signature operation with
424 If there is a default digest for performing a signature operation with
456 approved (e.g. The key has a security strength of less than 112 bits). Setting
475 OSSL_FUNC_keymgmt_new() and OSSL_FUNC_keymgmt_dup() should return a valid
487 OSSL_FUNC_keymgmt_query_operation_name() should return a pointer to a string matching
495 always return a constant L<OSSL_PARAM(3)> array.
524 this file except in compliance with the License.  You can obtain a copy

Last Index update Thu Sep 26 00:07:22 UTC 2024

Dedicated to & Maintained by Room-11