diff options
author | Richard Levitte <levitte@openssl.org> | 2019-09-25 08:56:14 +0200 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2019-10-01 22:51:00 +0200 |
commit | c96399e296d9c280115d2ed9c129399c61b8edfc (patch) | |
tree | ee16bbca01f961d999a8555bba334b36ab85fd9e /doc | |
parent | bbecf04e7861b6ab9ca1bd5ee5100bd49a347b4a (diff) | |
download | openssl-c96399e296d9c280115d2ed9c129399c61b8edfc.tar.gz |
Adapt EVP_CIPHER_{param_to_asn1,asn1_to_param} for use with provider.
So far, these two funtions have depended on legacy EVP_CIPHER
implementations to be able to do their work. This change adapts them
to work with provided implementations as well, in one of two possible
ways:
1. If the implementation's set_asn1_parameters or get_asn1_parameters
function pointers are non-NULL, this is a legacy implementation,
and that function is called.
2. Otherwise, if the cipher doesn't have EVP_CIPH_FLAG_CUSTOM_ASN1
set, the default AlgorithmIdentifier parameter code in libcrypto
is executed.
3. Otherwise, if the cipher is a provided implementation, the ASN1
type structure is converted to a DER blob which is then passed to
the implementation as a parameter (param_to_asn1) or the DER blob
is retrieved from the implementation as a parameter and converted
locally to a ASN1_TYPE (asn1_to_param).
With this, the old flag EVP_CIPH_FLAG_DEFAULT_ASN1 has become
irrelevant and is simply ignored.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/10008)
Diffstat (limited to 'doc')
-rw-r--r-- | doc/man7/provider-cipher.pod | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/doc/man7/provider-cipher.pod b/doc/man7/provider-cipher.pod index c8377d6835..d5766f47a5 100644 --- a/doc/man7/provider-cipher.pod +++ b/doc/man7/provider-cipher.pod @@ -321,6 +321,13 @@ Gets a implementation specific randomly generated key for the associated cipher ctx. This is currently only supported by 3DES (which sets the key to odd parity). +=item "alg_id_param" (B<OSSL_CIPHER_PARAM_ALG_ID>) (octet string) + +Used to pass the DER encoded AlgorithmIdentifier parameter to or from +the cipher implementation. Functions like L<EVP_CIPHER_param_to_asn1(3)> +and L<EVP_CIPHER_asn1_to_param(3)> use this parameter for any implementation +that has the flag B<EVP_CIPH_FLAG_CUSTOM_ASN1> set. + =back =head1 RETURN VALUES |