EVP_PKEY_is_a, EVP_PKEY_can_sign - key type and capabilities functions
#include <openssl/evp.h>
int EVP_PKEY_is_a(const EVP_PKEY *pkey, const char *name);
int EVP_PKEY_can_sign(const EVP_PKEY *pkey);EVP_PKEY_is_a() checks if the key type of pkey is name.
EVP_PKEY_can_sign() checks if the functionality for the key type of pkey supports signing. No other check is done, such as whether pkey contains a private key.
EVP_PKEY_is_a() returns 1 if pkey has the key type name, otherwise 0.
EVP_PKEY_can_sign() returns 1 if the pkey key type functionality supports signing, otherwise 0.
The loaded providers and what key types they support will ultimately determine what name is possible to use with EVP_PKEY_is_a(). We do know that the default provider supports RSA, DH, DSA and EC keys, so we can use this as an crude example:
#include <openssl/evp.h>
...
/* |pkey| is an EVP_PKEY* */
if (EVP_PKEY_is_a(pkey, "RSA")) {
BIGNUM *modulus = NULL;
if (EVP_PKEY_get_bn_param(pkey, "n", &modulus))
/* do whatever with the modulus */
BN_free(modulus);
} #include <openssl/evp.h>
...
/* |pkey| is an EVP_PKEY* */
if (!EVP_PKEY_can_sign(pkey)) {
fprintf(stderr, "Not a signing key!");
exit(1);
}
/* Sign something... */Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at https://www.openssl.org/source/license.html.