1=pod 2 3=head1 NAME 4 5EVP_PKEY_CTX_set_rsa_pss_keygen_md, 6EVP_PKEY_CTX_set_rsa_pss_keygen_md_name, 7EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md, 8EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md_name, 9EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen 10- EVP_PKEY RSA-PSS algorithm support functions 11 12=head1 SYNOPSIS 13 14 #include <openssl/rsa.h> 15 16 int EVP_PKEY_CTX_set_rsa_pss_keygen_md(EVP_PKEY_CTX *pctx, 17 const EVP_MD *md); 18 int EVP_PKEY_CTX_set_rsa_pss_keygen_md_name(EVP_PKEY_CTX *ctx, 19 const char *mdname, 20 const char *mdprops); 21 int EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md(EVP_PKEY_CTX *pctx, 22 const EVP_MD *md); 23 int EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md_name(EVP_PKEY_CTX *pctx, 24 const char *mdname); 25 int EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen(EVP_PKEY_CTX *pctx, 26 int saltlen); 27 28=head1 DESCRIPTION 29 30These are the functions that implement L<RSA-PSS(7)>. 31 32=head2 Signing and Verification 33 34The macro EVP_PKEY_CTX_set_rsa_padding() is supported but an error is 35returned if an attempt is made to set the padding mode to anything other 36than B<PSS>. It is otherwise similar to the B<RSA> version. 37 38The EVP_PKEY_CTX_set_rsa_pss_saltlen() macro is used to set the salt length. 39If the key has usage restrictions then an error is returned if an attempt is 40made to set the salt length below the minimum value. It is otherwise similar 41to the B<RSA> operation except detection of the salt length (using 42RSA_PSS_SALTLEN_AUTO) is not supported for verification if the key has 43usage restrictions. 44 45The L<EVP_PKEY_CTX_set_signature_md(3)> and L<EVP_PKEY_CTX_set_rsa_mgf1_md(3)> 46functions are used to set the digest and MGF1 algorithms respectively. If the 47key has usage restrictions then an error is returned if an attempt is made to 48set the digest to anything other than the restricted value. Otherwise these are 49similar to the B<RSA> versions. 50 51=head2 Key Generation 52 53As with RSA key generation the EVP_PKEY_CTX_set_rsa_keygen_bits() 54and EVP_PKEY_CTX_set_rsa_keygen_pubexp() macros are supported for RSA-PSS: 55they have exactly the same meaning as for the RSA algorithm. 56 57Optional parameter restrictions can be specified when generating a PSS key. 58If any restrictions are set (using the macros described below) then B<all> 59parameters are restricted. For example, setting a minimum salt length also 60restricts the digest and MGF1 algorithms. If any restrictions are in place 61then they are reflected in the corresponding parameters of the public key 62when (for example) a certificate request is signed. 63 64EVP_PKEY_CTX_set_rsa_pss_keygen_md() restricts the digest algorithm the 65generated key can use to I<md>. 66EVP_PKEY_CTX_set_rsa_pss_keygen_md_name() does the same thing, but 67passes the algorithm by name rather than by B<EVP_MD>. 68 69EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md() restricts the MGF1 algorithm the 70generated key can use to I<md>. 71EVP_PKEY_CTX_set_rsa_pss_keygen_mgf1_md_name() does the same thing, but 72passes the algorithm by name rather than by B<EVP_MD>. 73 74EVP_PKEY_CTX_set_rsa_pss_keygen_saltlen() restricts the minimum salt length 75to I<saltlen>. 76 77=head1 NOTES 78 79A context for the B<RSA-PSS> algorithm can be obtained by calling: 80 81 EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA_PSS, NULL); 82 83=head1 RETURN VALUES 84 85All these functions return 1 for success and 0 or a negative value for failure. 86In particular a return value of -2 indicates the operation is not supported by 87the public key algorithm. 88 89=head1 SEE ALSO 90 91L<RSA-PSS(7)>, 92L<EVP_PKEY_CTX_new(3)>, 93L<EVP_PKEY_CTX_ctrl_str(3)>, 94L<EVP_PKEY_derive(3)> 95 96=head1 COPYRIGHT 97 98Copyright 2017-2021 The OpenSSL Project Authors. All Rights Reserved. 99 100Licensed under the Apache License 2.0 (the "License"). You may not use 101this file except in compliance with the License. You can obtain a copy 102in the file LICENSE in the source distribution or at 103L<https://www.openssl.org/source/license.html>. 104 105=cut 106