OpenSSL

Cryptography and SSL/TLS Toolkit

EVP_PKEY_cmp

NAME

EVP_PKEY_missing_parameters, EVP_PKEY_copy_parameters, EVP_PKEY_parameters_eq, EVP_PKEY_cmp_parameters, EVP_PKEY_eq, EVP_PKEY_cmp - public key parameter and comparison functions

SYNOPSIS

 #include <openssl/evp.h>

 int EVP_PKEY_missing_parameters(const EVP_PKEY *pkey);
 int EVP_PKEY_copy_parameters(EVP_PKEY *to, const EVP_PKEY *from);

 int EVP_PKEY_parameters_eq(const EVP_PKEY *a, const EVP_PKEY *b);
 int EVP_PKEY_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b);
 int EVP_PKEY_eq(const EVP_PKEY *a, const EVP_PKEY *b);
 int EVP_PKEY_cmp(const EVP_PKEY *a, const EVP_PKEY *b);

DESCRIPTION

The function EVP_PKEY_missing_parameters() returns 1 if the public key parameters of pkey are missing and 0 if they are present or the algorithm doesn't use parameters.

The function EVP_PKEY_copy_parameters() copies the parameters from key from to key to. An error is returned if the parameters are missing in from or present in both from and to and mismatch. If the parameters in from and to are both present and match this function has no effect.

The function EVP_PKEY_parameters_eq() checks the parameters of keys a and b for equality.

The function EVP_PKEY_eq() checks the public key components and parameters (if present) of keys a and b for equality.

NOTES

The main purpose of the functions EVP_PKEY_missing_parameters() and EVP_PKEY_copy_parameters() is to handle public keys in certificates where the parameters are sometimes omitted from a public key if they are inherited from the CA that signed it.

Since OpenSSL private keys contain public key components too the function EVP_PKEY_eq() can also be used to determine if a private key matches a public key.

RETURN VALUES

The function EVP_PKEY_missing_parameters() returns 1 if the public key parameters of pkey are missing and 0 if they are present or the algorithm doesn't use parameters.

These functions EVP_PKEY_copy_parameters() returns 1 for success and 0 for failure.

The function EVP_PKEY_parameters_eq() and EVP_PKEY_eq() return 1 if their inputs match, 0 if they don't match, -1 if the key types are different and -2 if the operation is not supported.

SEE ALSO

EVP_PKEY_CTX_new(3), EVP_PKEY_keygen(3)

HISTORY

The function EVP_PKEY_cmp was deprecated and renamed to EVP_PKEY_eq and EVP_PKEY_cmp_parameters was deprecated and renamed to EVP_PKEY_parameters_eq (without changing semantics) in OpenSSL 3.0. This was done to avoid confusion on their return values with other _cmp() functions that return 0 in case their arguments are equal.

Copyright 2006-2020 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at https://www.openssl.org/source/license.html.