openssl/doc/man3/EVP_PKEY_derive.pod

=pod

=head1 NAME

EVP_PKEY_derive_init, EVP_PKEY_derive_set_peer, EVP_PKEY_derive - derive public key algorithm shared secret

=head1 SYNOPSIS

 #include <openssl/evp.h>

 int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx);
 int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer);
 int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);

=head1 DESCRIPTION

The EVP_PKEY_derive_init() function initializes a public key algorithm
context using key B<pkey> for shared secret derivation.

The EVP_PKEY_derive_set_peer() function sets the peer key: this will normally
be a public key.

The EVP_PKEY_derive() derives a shared secret using B<ctx>.
If B<key> is B<NULL> then the maximum size of the output buffer is written to
the B<keylen> parameter. If B<key> is not B<NULL> then before the call the
B<keylen> parameter should contain the length of the B<key> buffer, if the call
is successful the shared secret is written to B<key> and the amount of data
written to B<keylen>.

=head1 NOTES

After the call to EVP_PKEY_derive_init() algorithm specific control
operations can be performed to set any appropriate parameters for the
operation.

The function EVP_PKEY_derive() can be called more than once on the same
context if several operations are performed using the same parameters.

=head1 RETURN VALUES

EVP_PKEY_derive_init() and EVP_PKEY_derive() return 1 for success and 0
or a negative value for failure. In particular a return value of -2
indicates the operation is not supported by the public key algorithm.

=head1 EXAMPLE

Derive shared secret (for example DH or EC keys):

 #include <openssl/evp.h>
 #include <openssl/rsa.h>

 EVP_PKEY_CTX *ctx;
 ENGINE *eng;
 unsigned char *skey;
 size_t skeylen;
 EVP_PKEY *pkey, *peerkey;
 /* NB: assumes pkey, eng, peerkey have been already set up */

 ctx = EVP_PKEY_CTX_new(pkey, eng);
 if (!ctx)
     /* Error occurred */
 if (EVP_PKEY_derive_init(ctx) <= 0)
     /* Error */
 if (EVP_PKEY_derive_set_peer(ctx, peerkey) <= 0)
     /* Error */

 /* Determine buffer length */
 if (EVP_PKEY_derive(ctx, NULL, &skeylen) <= 0)
     /* Error */

 skey = OPENSSL_malloc(skeylen);

 if (!skey)
     /* malloc failure */

 if (EVP_PKEY_derive(ctx, skey, &skeylen) <= 0)
     /* Error */

 /* Shared secret is skey bytes written to buffer skey */

=head1 SEE ALSO

L<EVP_PKEY_CTX_new(3)>,
L<EVP_PKEY_encrypt(3)>,
L<EVP_PKEY_decrypt(3)>,
L<EVP_PKEY_sign(3)>,
L<EVP_PKEY_verify(3)>,
L<EVP_PKEY_verify_recover(3)>,

=head1 HISTORY

These functions were added in OpenSSL 1.0.0.

=head1 COPYRIGHT

Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License").  You may not use
this file except in compliance with the License.  You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.

=cut
EVP_PKEY_derive() docs. 2006-07-08 12:47:52 +00:00			`=pod`

			`=head1 NAME`

More doc nits Update script to look for period or POD markup in NAME section, and fix them. Reviewed-by: Andy Polyakov <appro@openssl.org> 2016-06-06 04:43:05 +00:00			`EVP_PKEY_derive_init, EVP_PKEY_derive_set_peer, EVP_PKEY_derive - derive public key algorithm shared secret`
EVP_PKEY_derive() docs. 2006-07-08 12:47:52 +00:00
			`=head1 SYNOPSIS`

			`#include <openssl/evp.h>`

			`int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx);`
			`int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX ctx, EVP_PKEY peer);`
			`int EVP_PKEY_derive(EVP_PKEY_CTX ctx, unsigned char key, size_t *keylen);`

			`=head1 DESCRIPTION`

			`The EVP_PKEY_derive_init() function initializes a public key algorithm`
			`context using key B<pkey> for shared secret derivation.`

			`The EVP_PKEY_derive_set_peer() function sets the peer key: this will normally`
			`be a public key.`

			`The EVP_PKEY_derive() derives a shared secret using B<ctx>.`
			`If B<key> is B<NULL> then the maximum size of the output buffer is written to`
			`the B<keylen> parameter. If B<key> is not B<NULL> then before the call the`
			`B<keylen> parameter should contain the length of the B<key> buffer, if the call`
			`is successful the shared secret is written to B<key> and the amount of data`
			`written to B<keylen>.`

			`=head1 NOTES`

			`After the call to EVP_PKEY_derive_init() algorithm specific control`
			`operations can be performed to set any appropriate parameters for the`
			`operation.`

			`The function EVP_PKEY_derive() can be called more than once on the same`
			`context if several operations are performed using the same parameters.`

			`=head1 RETURN VALUES`

			`EVP_PKEY_derive_init() and EVP_PKEY_derive() return 1 for success and 0`
			`or a negative value for failure. In particular a return value of -2`
			`indicates the operation is not supported by the public key algorithm.`

			`=head1 EXAMPLE`

			`Derive shared secret (for example DH or EC keys):`

			`#include <openssl/evp.h>`
			`#include <openssl/rsa.h>`

			`EVP_PKEY_CTX *ctx;`
doc: Bad prototypes of EVP_PKEY_CTX_new() CLA: trivial Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4861) 2018-01-18 00:23:37 +00:00			`ENGINE *eng;`
EVP_PKEY_derive() docs. 2006-07-08 12:47:52 +00:00			`unsigned char *skey;`
			`size_t skeylen;`
			`EVP_PKEY pkey, peerkey;`
doc: Bad prototypes of EVP_PKEY_CTX_new() CLA: trivial Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4861) 2018-01-18 00:23:37 +00:00			`/* NB: assumes pkey, eng, peerkey have been already set up */`
EVP_PKEY_derive() docs. 2006-07-08 12:47:52 +00:00
doc: Bad prototypes of EVP_PKEY_CTX_new() CLA: trivial Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/4861) 2018-01-18 00:23:37 +00:00			`ctx = EVP_PKEY_CTX_new(pkey, eng);`
EVP_PKEY_derive() docs. 2006-07-08 12:47:52 +00:00			`if (!ctx)`
doc/man3: use the documented coding style in the example code Adjust brace placement, whitespace after keywords, indentation and empty lines after variable declarations according to https://www.openssl.org/policies/codingstyle.html. Indent literal sections by exactly one space. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1956) 2016-11-18 23:10:05 +00:00			`/* Error occurred */`
EVP_PKEY_derive() docs. 2006-07-08 12:47:52 +00:00			`if (EVP_PKEY_derive_init(ctx) <= 0)`
doc/man3: use the documented coding style in the example code Adjust brace placement, whitespace after keywords, indentation and empty lines after variable declarations according to https://www.openssl.org/policies/codingstyle.html. Indent literal sections by exactly one space. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1956) 2016-11-18 23:10:05 +00:00			`/* Error */`
EVP_PKEY_derive() docs. 2006-07-08 12:47:52 +00:00			`if (EVP_PKEY_derive_set_peer(ctx, peerkey) <= 0)`
doc/man3: use the documented coding style in the example code Adjust brace placement, whitespace after keywords, indentation and empty lines after variable declarations according to https://www.openssl.org/policies/codingstyle.html. Indent literal sections by exactly one space. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1956) 2016-11-18 23:10:05 +00:00			`/* Error */`
EVP_PKEY_derive() docs. 2006-07-08 12:47:52 +00:00
			`/* Determine buffer length */`
			`if (EVP_PKEY_derive(ctx, NULL, &skeylen) <= 0)`
doc/man3: use the documented coding style in the example code Adjust brace placement, whitespace after keywords, indentation and empty lines after variable declarations according to https://www.openssl.org/policies/codingstyle.html. Indent literal sections by exactly one space. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1956) 2016-11-18 23:10:05 +00:00			`/* Error */`
EVP_PKEY_derive() docs. 2006-07-08 12:47:52 +00:00
			`skey = OPENSSL_malloc(skeylen);`

			`if (!skey)`
doc/man3: use the documented coding style in the example code Adjust brace placement, whitespace after keywords, indentation and empty lines after variable declarations according to https://www.openssl.org/policies/codingstyle.html. Indent literal sections by exactly one space. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1956) 2016-11-18 23:10:05 +00:00			`/* malloc failure */`
Fix nits in pod files. Add doc-nit-check to help find future issues. Make podchecker be almost clean. Remove trailing whitespace. Tab expansion Reviewed-by: Richard Levitte <levitte@openssl.org> 2016-05-20 12:11:46 +00:00
EVP_PKEY_derive() docs. 2006-07-08 12:47:52 +00:00			`if (EVP_PKEY_derive(ctx, skey, &skeylen) <= 0)`
doc/man3: use the documented coding style in the example code Adjust brace placement, whitespace after keywords, indentation and empty lines after variable declarations according to https://www.openssl.org/policies/codingstyle.html. Indent literal sections by exactly one space. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1956) 2016-11-18 23:10:05 +00:00			`/* Error */`
EVP_PKEY_derive() docs. 2006-07-08 12:47:52 +00:00
			`/* Shared secret is skey bytes written to buffer skey */`

			`=head1 SEE ALSO`

Fix L<> content in manpages L<foo\|foo> is sub-optimal If the xref is the same as the title, which is what we do, then you only need L<foo>. This fixes all 1457 occurrences in 349 files. Approximately. (And pod used to need both.) Reviewed-by: Richard Levitte <levitte@openssl.org> 2015-08-17 19:21:33 +00:00			`L<EVP_PKEY_CTX_new(3)>,`
			`L<EVP_PKEY_encrypt(3)>,`
			`L<EVP_PKEY_decrypt(3)>,`
			`L<EVP_PKEY_sign(3)>,`
			`L<EVP_PKEY_verify(3)>,`
			`L<EVP_PKEY_verify_recover(3)>,`
EVP_PKEY_derive() docs. 2006-07-08 12:47:52 +00:00
			`=head1 HISTORY`

man: harmonize the various formulations in the HISTORY sections While stereotyped repetitions are frowned upon in literature, they serve a useful purpose in manual pages, because it is easier for the user to find certain information if it is always presented in the same way. For that reason, this commit harmonizes the varying formulations in the HISTORY section about which functions, flags, etc. were added in which OpenSSL version. It also attempts to make the pod files more grep friendly by avoiding to insert line breaks between the symbol names and the corresponding version number in which they were introduced (wherever possible). Some punctuation and typographical errors were fixed on the way. Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7854) 2018-12-09 00:02:36 +00:00			`These functions were added in OpenSSL 1.0.0.`
EVP_PKEY_derive() docs. 2006-07-08 12:47:52 +00:00
Add copyright to manpages Reviewed-by: Richard Levitte <levitte@openssl.org> 2016-05-18 15:44:05 +00:00			`=head1 COPYRIGHT`

Copyright update of more files that have changed this year Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/5110) 2018-01-19 09:49:22 +00:00			`Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved.`
Add copyright to manpages Reviewed-by: Richard Levitte <levitte@openssl.org> 2016-05-18 15:44:05 +00:00
Following the license change, modify the boilerplates in doc/man3/ [skip ci] Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7829) 2018-12-06 13:04:44 +00:00			`Licensed under the Apache License 2.0 (the "License"). You may not use`
Add copyright to manpages Reviewed-by: Richard Levitte <levitte@openssl.org> 2016-05-18 15:44:05 +00:00			`this file except in compliance with the License. You can obtain a copy`
			`in the file LICENSE in the source distribution or at`
			`L<https://www.openssl.org/source/license.html>.`

			`=cut`