Lines Matching full:s0
316 hidden entirely by defining \fB\s-1OPENSSL_API_COMPAT\s0\fR with a suitable version value,
340 For \fIcmd\fR = \fB\s-1EVP_PKEY_CTRL_SET_MAC_KEY\s0\fR, \fIp1\fR is the length of the \s-1MAC\s0 ke…
341 and \fIp2\fR is the \s-1MAC\s0 key. This is used by Poly1305, SipHash, \s-1HMAC\s0 and \s-1CMAC.\s0
360 in a signature. It can be used in the \s-1RSA, DSA\s0 and \s-1ECDSA\s0 algorithms.
363 in a signature. It can be used in the \s-1RSA, DSA\s0 and \s-1ECDSA\s0 algorithms.
377 key generation. For example for \s-1EC\s0 keys this will set the curve name and for
378 \&\s-1DH\s0 keys it will set the name of the finite field group.
383 terminating \s-1NUL\s0 byte.
384 .SS "\s-1RSA\s0 parameters"
386 \&\fBEVP_PKEY_CTX_set_rsa_padding()\fR sets the \s-1RSA\s0 padding mode for \fIctx\fR.
387 The \fIpad\fR parameter can take the value \fB\s-1RSA_PKCS1_PADDING\s0\fR for PKCS#1
388 padding, \fB\s-1RSA_NO_PADDING\s0\fR for
389 no padding, \fB\s-1RSA_PKCS1_OAEP_PADDING\s0\fR for \s-1OAEP\s0 padding (encrypt and
390 decrypt only), \fB\s-1RSA_X931_PADDING\s0\fR for X9.31 padding (signature operations
391 only), \fB\s-1RSA_PKCS1_PSS_PADDING\s0\fR (sign and verify only) and
392 \&\fB\s-1RSA_PKCS1_WITH_TLS_PADDING\s0\fR for \s-1TLS RSA\s0 ClientKeyExchange message padding
395 Two \s-1RSA\s0 padding modes behave differently if \fBEVP_PKEY_CTX_set_signature_md()\fR
399 verifying. If this control is not used with \s-1RSA\s0 and PKCS#1 padding then the
401 padding for \s-1RSA\s0 the algorithm identifier byte is added or checked and removed
405 \&\fBEVP_PKEY_CTX_get_rsa_padding()\fR gets the \s-1RSA\s0 padding mode for \fIctx\fR.
407 \&\fBEVP_PKEY_CTX_set_rsa_pss_saltlen()\fR sets the \s-1RSA PSS\s0 salt length to \fIsaltlen\fR.
408 As its name implies it is only supported for \s-1PSS\s0 padding. If this function is
411 .IP "\fB\s-1RSA_PSS_SALTLEN_DIGEST\s0\fR" 4
414 .IP "\fB\s-1RSA_PSS_SALTLEN_MAX\s0\fR" 4
417 .IP "\fB\s-1RSA_PSS_SALTLEN_AUTO\s0\fR" 4
420 \&\fB\s-1PSS\s0\fR block structure when verifying. When signing, it has the same
421 meaning as \fB\s-1RSA_PSS_SALTLEN_MAX\s0\fR.
423 \&\fBEVP_PKEY_CTX_get_rsa_pss_saltlen()\fR gets the \s-1RSA PSS\s0 salt length for \fIctx\fR.
424 The padding mode must already have been set to \fB\s-1RSA_PKCS1_PSS_PADDING\s0\fR.
426 \&\fBEVP_PKEY_CTX_set_rsa_keygen_bits()\fR sets the \s-1RSA\s0 key length for
427 \&\s-1RSA\s0 key generation to \fIbits\fR. If not specified 2048 bits is used.
429 \&\fBEVP_PKEY_CTX_set1_rsa_keygen_pubexp()\fR sets the public exponent value for \s-1RSA\s0 key
432 must be freed independently of the \s-1EVP_PKEY_CTX\s0 (ie, it is internally copied).
440 \&\s-1RSA\s0 key generation to \fIprimes\fR. If not specified 2 is used.
442 \&\fBEVP_PKEY_CTX_set_rsa_mgf1_md_name()\fR sets the \s-1MGF1\s0 digest for \s-1RSA\s0
443 padding schemes to the digest named \fImdname\fR. If the \s-1RSA\s0 algorithm
446 digest is used. The padding mode must have been set to \fB\s-1RSA_PKCS1_OAEP_PADDING\s0\fR
447 or \fB\s-1RSA_PKCS1_PSS_PADDING\s0\fR.
454 \&\fBEVP_PKEY_CTX_get_rsa_mgf1_md_name()\fR gets the name of the \s-1MGF1\s0
456 The padding mode must have been set to \fB\s-1RSA_PKCS1_OAEP_PADDING\s0\fR or
457 \&\fB\s-1RSA_PKCS1_PSS_PADDING\s0\fR.
461 \&\s-1EVP_MD\s0 object instead. Note that only known, built-in \s-1EVP_MD\s0 objects will be
462 returned. The \s-1EVP_MD\s0 object may be \s-1NULL\s0 if the digest is not one of these (such
466 used in \s-1RSA OAEP\s0 to the digest named \fImdname\fR. If the \s-1RSA\s0 algorithm
469 \&\fB\s-1RSA_PKCS1_OAEP_PADDING\s0\fR.
477 algorithm name used in \s-1RSA OAEP\s0 and stores it in the buffer \fIname\fR which is of
479 \&\fB\s-1RSA_PKCS1_OAEP_PADDING\s0\fR. The buffer should be sufficiently large for any
484 \&\s-1EVP_MD\s0 object instead. Note that only known, built-in \s-1EVP_MD\s0 objects will be
485 returned. The \s-1EVP_MD\s0 object may be \s-1NULL\s0 if the digest is not one of these (such
488 \&\fBEVP_PKEY_CTX_set0_rsa_oaep_label()\fR sets the \s-1RSA OAEP\s0 label to binary data
489 \&\fIlabel\fR and its length in bytes to \fIlen\fR. If \fIlabel\fR is \s-1NULL\s0 or \fIlen\fR is 0,
492 The padding mode must have been set to \fB\s-1RSA_PKCS1_OAEP_PADDING\s0\fR.
494 \&\fBEVP_PKEY_CTX_get0_rsa_oaep_label()\fR gets the \s-1RSA OAEP\s0 label to
496 must have been set to \fB\s-1RSA_PKCS1_OAEP_PADDING\s0\fR. The resulting pointer is owned
499 \&\fB\s-1RSA_PKCS1_WITH_TLS_PADDING\s0\fR is used when decrypting an \s-1RSA\s0 encrypted \s-1TLS\s0
500 pre-master secret in a \s-1TLS\s0 ClientKeyExchange message. It is the same as
501 \&\s-1RSA_PKCS1_PADDING\s0 except that it additionally verifies that the result is the
505 still appear to succeed but a random \s-1TLS\s0 premaster secret will be returned
508 \&\s-1OSSL_ASYM_CIPHER_PARAM_TLS_CLIENT_VERSION\s0 and
509 \&\s-1OSSL_ASYM_CIPHER_PARAM_TLS_NEGOTIATED_VERSION,\s0 both of which are expected to be
511 the \s-1TLS\s0 protocol version that was first requested by the client (e.g. 0x0303 for
515 \&\s-1OSSL_ASYM_CIPHER_PARAM_TLS_NEGOTIATED_VERSION\s0 should be set to the actual
517 .SS "\s-1DSA\s0 parameters"
519 \&\fBEVP_PKEY_CTX_set_dsa_paramgen_bits()\fR sets the number of bits used for \s-1DSA\s0
523 parameter \fIq\fR for \s-1DSA\s0 parameter generation to \fIqbits\fR. If not specified, 224
527 \&\fBEVP_PKEY_CTX_set_dsa_paramgen_md()\fR sets the digest function used for \s-1DSA\s0
528 parameter generation to \fImd\fR. If not specified, one of \s-1SHA\-1, SHA\-224,\s0 or
529 \&\s-1SHA\-256\s0 is selected to match the bit length of \fIq\fR above.
531 \&\fBEVP_PKEY_CTX_set_dsa_paramgen_md_props()\fR sets the digest function used for \s-1DSA\s0
534 If not specified, \fImd_name\fR will be set to one of \s-1SHA\-1, SHA\-224,\s0 or
535 \&\s-1SHA\-256\s0 depending on the bit length of \fIq\fR above. \fImd_properties\fR is a
549 \&\fBEVP_PKEY_CTX_set_dsa_paramgen_type()\fR sets the generation type to use \s-1FIPS186\-4\s0
550 generation if \fIname\fR is \*(L"fips186_4\*(R", or \s-1FIPS186\-2\s0 generation if \fIname\fR is
552 default value for the \s-1FIPS\s0 provider is \*(L"fips186_4\*(R".
553 .SS "\s-1DH\s0 parameters"
555 \&\fBEVP_PKEY_CTX_set_dh_paramgen_prime_len()\fR sets the length of the \s-1DH\s0 prime
556 parameter \fIp\fR for \s-1DH\s0 parameter generation. If this function is not called then
559 \&\fBEVP_PKEY_CTX_set_dh_paramgen_subprime_len()\fR sets the length of the \s-1DH\s0
560 optional subprime parameter \fIq\fR for \s-1DH\s0 parameter generation. The default is
561 256 if the prime is at least 2048 bits long or 160 otherwise. The \s-1DH\s0 paramgen
564 \&\fBEVP_PKEY_CTX_set_dh_paramgen_generator()\fR sets \s-1DH\s0 generator to \fIgen\fR for \s-1DH\s0
567 \&\fBEVP_PKEY_CTX_set_dh_paramgen_type()\fR sets the key type for \s-1DH\s0 parameter
569 .IP "\fB\s-1DH_PARAMGEN_TYPE_GROUP\s0\fR" 4
573 .IP "\fB\s-1DH_PARAMGEN_TYPE_FIPS_186_4\s0\fR" 4
575 \&\s-1FIPS186\-4 FFC\s0 parameter generator.
576 .IP "\fB\s-1DH_PARAMGEN_TYPE_FIPS_186_2\s0\fR" 4
578 \&\s-1FIPS186\-2 FFC\s0 parameter generator (X9.42 \s-1DH\s0).
579 .IP "\fB\s-1DH_PARAMGEN_TYPE_GENERATOR\s0\fR" 4
583 The default in the default provider is \fB\s-1DH_PARAMGEN_TYPE_GENERATOR\s0\fR for the
584 \&\*(L"\s-1DH\*(R"\s0 keytype, and \fB\s-1DH_PARAMGEN_TYPE_FIPS_186_2\s0\fR for the \*(L"\s-1DHX\*(…
585 \&\s-1FIPS\s0 provider the default value is \fB\s-1DH_PARAMGEN_TYPE_GROUP\s0\fR for the \*(L"\s-1DH…
586 keytype and <\fB\s-1DH_PARAMGEN_TYPE_FIPS_186_4\s0\fR for the \*(L"\s-1DHX\*(R"\s0 keytype.
599 \&\fBEVP_PKEY_CTX_set_dh_pad()\fR sets the \s-1DH\s0 padding mode.
600 If \fIpad\fR is 1 the shared secret is padded with zeros up to the size of the \s-1DH\s0
604 \&\fBEVP_PKEY_CTX_set_dh_nid()\fR sets the \s-1DH\s0 parameters to values corresponding to
605 \&\fInid\fR as defined in \s-1RFC7919\s0 or \s-1RFC3526.\s0 The \fInid\fR parameter must be
613 \&\s-1DH\s0 parameters to the values defined in \s-1RFC5114.\s0 The \fIrfc5114\fR parameter must
614 be 1, 2 or 3 corresponding to \s-1RFC5114\s0 sections 2.1, 2.2 and 2.3. or 0 to clear
616 \&\fIctx\fR must have a key type of \fB\s-1EVP_PKEY_DHX\s0\fR.
618 .SS "\s-1DH\s0 key derivation function parameters"
621 a private key type of \fB\s-1EVP_PKEY_DHX\s0\fR. When using key derivation, the output of
622 \&\fBEVP_PKEY_derive()\fR is the output of the \s-1KDF\s0 instead of the \s-1DH\s0 shared secret.
623 The \s-1KDF\s0 output is typically used as a Key Encryption Key (\s-1KEK\s0) that in turn
624 encrypts a Content Encryption Key (\s-1CEK\s0).
627 for \s-1DH\s0 key derivation. Possible values are \fB\s-1EVP_PKEY_DH_KDF_NONE\s0\fR and
628 \&\fB\s-1EVP_PKEY_DH_KDF_X9_42\s0\fR which uses the key derivation specified in \s-1RFC2631\s0
633 used for \s-1DH\s0 key derivation. Possible values are \fB\s-1EVP_PKEY_DH_KDF_NONE\s0\fR and
634 \&\fB\s-1EVP_PKEY_DH_KDF_X9_42\s0\fR.
637 identifier to \fIoid\fR for \s-1DH\s0 key derivation. This \s-1OID\s0 should identify the
643 used for \s-1DH\s0 key derivation. The resulting pointer is owned by the library and
647 \&\fImd\fR for \s-1DH\s0 key derivation. Note that \s-1RFC2631\s0 specifies that this digest should
648 be \s-1SHA1\s0 but OpenSSL tolerates other digests.
651 \&\fIctx\fR used for \s-1DH\s0 key derivation.
654 to \fIlen\fR for \s-1DH\s0 key derivation.
657 for \fIctx\fR used for \s-1DH\s0 key derivation.
660 length to \fIlen\fR for \s-1DH\s0 key derivation. This parameter is optional and
661 corresponds to the partyAInfo field in \s-1RFC2631\s0 terms. The specification
669 .SS "\s-1EC\s0 parameters"
675 \&\fBEVP_PKEY_CTX_set_group_name()\fR, but is specific to \s-1EC\s0 and uses a \fInid\fR rather
678 For \s-1EC\s0 parameter generation, one of \fBEVP_PKEY_CTX_set_group_name()\fR
682 generating an \s-1EC\s0 key.
687 \&\fBEVP_PKEY_CTX_set_ec_param_enc()\fR sets the \s-1EC\s0 parameter encoding to \fIparam_enc\fR
688 when generating \s-1EC\s0 parameters or an \s-1EC\s0 key. The encoding can be
689 \&\fB\s-1OPENSSL_EC_EXPLICIT_CURVE\s0\fR for explicit parameters (the default in versions
690 of OpenSSL before 1.1.0) or \fB\s-1OPENSSL_EC_NAMED_CURVE\s0\fR to use named curve form.
692 \&\fB\s-1OPENSSL_EC_NAMED_CURVE\s0\fR value was added in OpenSSL 1.1.0; previous
694 .SS "\s-1ECDH\s0 parameters"
697 for \s-1ECDH\s0 key derivation. Possible values are 1 to enable cofactor
702 for \s-1ECDH\s0 key derivation. Possible values are 1 when cofactor key derivation is
704 .SS "\s-1ECDH\s0 key derivation function parameters"
707 \&\fIkdf\fR for \s-1ECDH\s0 key derivation. Possible values are \fB\s-1EVP_PKEY_ECDH_KDF_NONE\s0\fR
708 and \fB\s-1EVP_PKEY_ECDH_KDF_X9_63\s0\fR which uses the key derivation specified in X9.63.
713 \&\fIctx\fR used for \s-1ECDH\s0 key derivation. Possible values are
714 \&\fB\s-1EVP_PKEY_ECDH_KDF_NONE\s0\fR and \fB\s-1EVP_PKEY_ECDH_KDF_X9_63\s0\fR.
717 to \fImd\fR for \s-1ECDH\s0 key derivation. Note that X9.63 specifies that this digest
718 should be \s-1SHA1\s0 but OpenSSL tolerates other digests.
721 for \fIctx\fR used for \s-1ECDH\s0 key derivation.
724 length to \fIlen\fR for \s-1ECDH\s0 key derivation.
727 length for \fIctx\fR used for \s-1ECDH\s0 key derivation.
729 \&\fBEVP_PKEY_CTX_set0_ecdh_kdf_ukm()\fR sets the user key material to \fIukm\fR for \s-1ECDH\s0
741 algorithms such as \s-1SM2.\s0 The \fBEVP_PKEY_CTX_set1_id()\fR sets an \s-1ID\s0 pointed by \fIid\…
744 \&\fBEVP_PKEY_CTX_get1_id_len()\fR returns the length of the \s-1ID\s0 set via a previous call
747 returns the previously set \s-1ID\s0 value to caller in \fIid\fR. The caller should
750 \&\fBEVP_PKEY_CTX_set_kem_op()\fR sets the \s-1KEM\s0 operation to run. This can be set after
752 kem operation. \s-1RSA\s0 is the only key type that supports encapsulation currently,
753 and as there is no default operation for the \s-1RSA\s0 type, this function must be
797 in the file \s-1LICENSE\s0 in the source distribution or at