NAME

EVP_MD_meth_dup, EVP_MD_meth_new, EVP_MD_meth_free, EVP_MD_meth_set_input_blocksize, EVP_MD_meth_set_result_size, EVP_MD_meth_set_app_datasize, EVP_MD_meth_set_flags, EVP_MD_meth_set_init, EVP_MD_meth_set_update, EVP_MD_meth_set_final, EVP_MD_meth_set_copy, EVP_MD_meth_set_cleanup, EVP_MD_meth_set_ctrl — Routines to build up EVP_MD methods

SYNOPSIS

#include <openssl/evp.h>

EVP_MD *
EVP_MD_meth_new(int md_type, int pkey_type);

void
EVP_MD_meth_free(EVP_MD *md);

EVP_MD *
EVP_MD_meth_dup(const EVP_MD *md);

int
EVP_MD_meth_set_input_blocksize(EVP_MD *md, int blocksize);

int
EVP_MD_meth_set_result_size(EVP_MD *md, int resultsize);

int
EVP_MD_meth_set_app_datasize(EVP_MD *md, int datasize);

int
EVP_MD_meth_set_flags(EVP_MD *md, unsigned long flags);

int
EVP_MD_meth_set_init(EVP_MD *md, int (*init)(EVP_MD_CTX *ctx));

int
EVP_MD_meth_set_update(EVP_MD *md, int (*update)(EVP_MD_CTX *ctx, const void *data, size_t count));

int
EVP_MD_meth_set_final(EVP_MD *md, int (*final)(EVP_MD_CTX *ctx, unsigned char *md));

int
EVP_MD_meth_set_copy(EVP_MD *md, int (*copy)(EVP_MD_CTX *to, const EVP_MD_CTX *from));

int
EVP_MD_meth_set_cleanup(EVP_MD *md, int (*cleanup)(EVP_MD_CTX *ctx));

int
EVP_MD_meth_set_ctrl(EVP_MD *md, int (*control)(EVP_MD_CTX *ctx, int command, int p1, void *p2));

DESCRIPTION

The EVP_MD type is a structure for digest method implementation. It can also have associated public/private key signing and verifying routines.

EVP_MD_meth_new() creates a new EVP_MD structure.

EVP_MD_meth_dup() creates a copy of md.

EVP_MD_meth_free() destroys a EVP_MD structure.

EVP_MD_meth_set_input_blocksize() sets the internal input block size for the method md to blocksize bytes.

EVP_MD_meth_set_result_size() sets the size of the result that the digest method in md is expected to produce to resultsize bytes.

The digest method may have its own private data, which OpenSSL will allocate for it. EVP_MD_meth_set_app_datasize() should be used to set the size for it to datasize.

EVP_MD_meth_set_flags() sets the flags to describe optional behaviours in the particular md. Several flags can be or'd together. The available flags are:

EVP_MD_FLAG_DIGALGID_NULL

When setting up a DigestAlgorithmIdentifier with X509_ALGOR_set_md(3), set the parameter type to V_ASN1_NULL and the parameter value to NULL. This is the default, which means that it takes effect for EVP_MD objects that do not have EVP_MD_FLAG_DIGALGID_ABSENT set. Use this for PKCS#1.

EVP_MD_FLAG_DIGALGID_ABSENT

When setting up a DigestAlgorithmIdentifier with X509_ALGOR_set_md(3), set the parameter type to V_ASN1_UNDEF and the parameter value to NULL. This is used by the EVP_MD objects documented in the manual page EVP_sha3_224(3) and by the objects returned from EVP_sha512(3), EVP_sha512_256(3), EVP_sha512_224(3), EVP_sha384(3), EVP_sha256(3), EVP_sha224(3), EVP_sha1(3), and EVP_sm3(3).

EVP_MD_FLAG_DIGALGID_CUSTOM

This flag is reserved for user-defined EVP_MD objects supporting custom DigestAlgorithmIdentifier handling via EVP_MD_CTX_ctrl(3), but actually, it is ignored by both LibreSSL and OpenSSL and such user-defined behaviour is not supported by the libraries.

EVP_MD_FLAG_FIPS

Mark the digest method as suitable for FIPS mode. This flag is ignored by both LibreSSL and OpenSSL.

EVP_MD_FLAG_ONESHOT

Intended to indicate that the digest method can only handle one block of input, but actually, this flag is ignored by both LibreSSL and OpenSSL.

EVP_MD_meth_set_init() sets the digest init function for md. The digest init function is called by EVP_Digest(3), EVP_DigestInit(3), EVP_DigestInit_ex(3), EVP_SignInit, EVP_SignInit_ex(3), EVP_VerifyInit(3) and EVP_VerifyInit_ex(3).

EVP_MD_meth_set_update() sets the digest update function for md. The digest update function is called by EVP_Digest(3), EVP_DigestUpdate(3) and EVP_SignUpdate(3).

EVP_MD_meth_set_final() sets the digest final function for md. The digest final function is called by EVP_Digest(3), EVP_DigestFinal(3), EVP_DigestFinal_ex(3), EVP_SignFinal(3) and EVP_VerifyFinal(3).

EVP_MD_meth_set_copy() sets the function for md to do extra computations after the method's private data structure has been copied from one EVP_MD_CTX object to another. If all that's needed is to copy the data, there is no need for this copy function. The copy function is passed two EVP_MD_CTX objects, the private data structure is then available with EVP_MD_CTX_md_data(3). This copy function is called by EVP_MD_CTX_copy(3) and EVP_MD_CTX_copy_ex(3).

EVP_MD_meth_set_cleanup() sets the function for md to do extra cleanup before the method's private data structure is cleaned out and freed. The cleanup function is passed an EVP_MD_CTX object, the private data structure is then available with EVP_MD_CTX_md_data(3). This cleanup function is called by EVP_MD_CTX_reset(3) and EVP_MD_CTX_free(3).

EVP_MD_meth_set_ctrl() sets the control function for md. The control function supplied by the application program has to return 1 to indicate success, 0 to indicate failure, or -1 if the command is not supported for this digest method. See EVP_MD_CTX_ctrl(3) for the available command arguments.

RETURN VALUES

EVP_MD_meth_new() and EVP_MD_meth_dup() return a pointer to a newly created EVP_MD, or NULL on failure. All EVP_MD_meth_set_*() functions return 1.

SEE ALSO

EVP_DigestInit(3), EVP_SignInit(3), EVP_VerifyInit(3)

HISTORY

All these functions first appeared in OpenSSL 1.1.0 and have been available since OpenBSD 7.1.