xref: /openbsd-src/lib/libcrypto/man/EVP_PKEY_cmp.3 (revision 957fef74ea2defb01661cfed78145e2e0965fa27) 
1.\" $OpenBSD: EVP_PKEY_cmp.3,v 1.15 2024/12/06 12:51:13 schwarze Exp $
2.\" full merge up to: OpenSSL 05ea606a May 20 20:52:46 2016 -0400
3.\" selective merge up to: OpenSSL 99d63d46 Oct 26 13:56:48 2016 -0400
4.\"
5.\" This file is a derived work.
6.\" The changes are covered by the following Copyright and license:
7.\"
8.\" Copyright (c) 2021 Ingo Schwarze <schwarze@openbsd.org>
9.\"
10.\" Permission to use, copy, modify, and distribute this software for any
11.\" purpose with or without fee is hereby granted, provided that the above
12.\" copyright notice and this permission notice appear in all copies.
13.\"
14.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
15.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
16.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
17.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
18.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
19.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
20.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
21.\"
22.\" The original file was written by Dr. Stephen Henson <steve@openssl.org>.
23.\" Copyright (c) 2006, 2013, 2014, 2016 The OpenSSL Project.
24.\" All rights reserved.
25.\"
26.\" Redistribution and use in source and binary forms, with or without
27.\" modification, are permitted provided that the following conditions
28.\" are met:
29.\"
30.\" 1. Redistributions of source code must retain the above copyright
31.\"    notice, this list of conditions and the following disclaimer.
32.\"
33.\" 2. Redistributions in binary form must reproduce the above copyright
34.\"    notice, this list of conditions and the following disclaimer in
35.\"    the documentation and/or other materials provided with the
36.\"    distribution.
37.\"
38.\" 3. All advertising materials mentioning features or use of this
39.\"    software must display the following acknowledgment:
40.\"    "This product includes software developed by the OpenSSL Project
41.\"    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
42.\"
43.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
44.\"    endorse or promote products derived from this software without
45.\"    prior written permission. For written permission, please contact
46.\"    openssl-core@openssl.org.
47.\"
48.\" 5. Products derived from this software may not be called "OpenSSL"
49.\"    nor may "OpenSSL" appear in their names without prior written
50.\"    permission of the OpenSSL Project.
51.\"
52.\" 6. Redistributions of any form whatsoever must retain the following
53.\"    acknowledgment:
54.\"    "This product includes software developed by the OpenSSL Project
55.\"    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
56.\"
57.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
58.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
59.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
60.\" PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
61.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
62.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
63.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
64.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
65.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
66.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
67.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
68.\" OF THE POSSIBILITY OF SUCH DAMAGE.
69.\"
70.Dd $Mdocdate: December 6 2024 $
71.Dt EVP_PKEY_CMP 3
72.Os
73.Sh NAME
74.Nm EVP_PKEY_missing_parameters ,
75.Nm EVP_PKEY_copy_parameters ,
76.Nm EVP_PKEY_cmp_parameters ,
77.Nm EVP_PKEY_cmp
78.\" .Nm EVP_PKEY_save_parameters is intentionally undocumented
79.\" because nothing uses it according to codesearch.debian.net
80.\" and it only affects X509_PUBKEY_set(3) for DSA,
81.\" resulting in incomplete output without the public key parameters.
82.Nd public key parameter and comparison functions
83.Sh SYNOPSIS
84.In openssl/evp.h
85.Ft int
86.Fo EVP_PKEY_missing_parameters
87.Fa "const EVP_PKEY *pkey"
88.Fc
89.Ft int
90.Fo EVP_PKEY_copy_parameters
91.Fa "EVP_PKEY *destination"
92.Fa "const EVP_PKEY *source"
93.Fc
94.Ft int
95.Fo EVP_PKEY_cmp_parameters
96.Fa "const EVP_PKEY *a"
97.Fa "const EVP_PKEY *b"
98.Fc
99.Ft int
100.Fo EVP_PKEY_cmp
101.Fa "const EVP_PKEY *a"
102.Fa "const EVP_PKEY *b"
103.Fc
104.Sh DESCRIPTION
105.Fn EVP_PKEY_missing_parameters
106checks whether any public key parameters are missing from
107.Fa pkey .
108.Pp
109.Fn EVP_PKEY_copy_parameters
110copies all public key parameters from the
111.Fa source
112to the
113.Fa destination .
114If the algorithm does not use parameters, no action occurs.
115.Pp
116.Fn EVP_PKEY_cmp_parameters
117compares the public key parameters of
118.Fa a
119and
120.Fa b .
121This is only supported for algorithms that use parameters.
122.Pp
123.Fn EVP_PKEY_cmp
124compares the public key components of
125.Fa a
126and
127.Fa b .
128If the algorithm uses public key parameters,
129it also compares the parameters.
130.Pp
131The main purpose of the functions
132.Fn EVP_PKEY_missing_parameters
133and
134.Fn EVP_PKEY_copy_parameters
135is to handle public keys in certificates where the parameters are
136sometimes omitted from a public key if they are inherited from the CA
137that signed it.
138.Pp
139Since OpenSSL private keys contain public key components too, the
140function
141.Fn EVP_PKEY_cmp
142can also be used to determine if a private key matches a public key.
143.Sh RETURN VALUES
144.Fn EVP_PKEY_missing_parameters
145returns 1 if the public key parameters of
146.Fa pkey
147are missing or incomplete or 0 if they are present and complete
148or if the algorithm doesn't use parameters.
149.Pp
150.Fn EVP_PKEY_copy_parameters
151returns 1 for success or 0 for failure.
152In particular, it fails if the key types mismatch or if the public
153key parameters in the
154.Fa source
155are missing or incomplete.
156.Pp
157.Fn EVP_PKEY_cmp_parameters
158and
159.Fn EVP_PKEY_cmp
160return 1 if the keys match, 0 if they don't match, -1 if the key types
161are different and -2 if the operation is not supported.
162.Sh SEE ALSO
163.Xr EVP_PKEY_CTX_new 3 ,
164.Xr EVP_PKEY_keygen 3 ,
165.Xr EVP_PKEY_new 3 ,
166.Xr X509_get_pubkey_parameters 3
167.Sh HISTORY
168.Fn EVP_PKEY_missing_parameters
169and
170.Fn EVP_PKEY_copy_parameters
171first appeared in SSLeay 0.8.0.
172.Fn EVP_PKEY_cmp_parameters
173first appeared in SSLeay 0.9.0.
174These functions have been available since
175.Ox 2.4 .
176.Pp
177.Fn EVP_PKEY_cmp
178first appeared in OpenSSL 0.9.8 and has been available since
179.Ox 4.5 .
180