EVP

The EVP functions provide a high level interface to OpenSSL cryptographic functions.

They provide the following features:

• A single consistent interface regardless of the underlying algorithm or mode
• Support for an extensive range of algorithms
• Encryption/Decryption using both symmetric and asymmetric algorithms
• Sign/Verify
• Key derivation
• Secure Hash functions
• Message Authentication Codes
• Support for external crypto engines

Working with EVP_PKEYs

EVP_PKEY objects are used to store a public key and (optionally) a private key, along with an associated algorithm and parameters. They are also capable of storing symmetric MAC keys.

The following EVP_PKEY types are supported:

• EVP_PKEY_EC: Elliptic Curve keys (for ECDSA and ECDH) - Supports sign/verify operations, and Key derivation
• EVP_PKEY_RSA: RSA - Supports sign/verify and encrypt/decrypt
• EVP_PKEY_DH: Diffie Hellman - for key derivation
• EVP_PKEY_DSA: DSA keys for sign/verify
• EVP_PKEY_HMAC: An HMAC key for generating a Message Authentication Code
• EVP_PKEY_CMAC: A CMAC key for generating a Message Authentication Code

Refer to the EVP_PKEY_new manual page for information on creating an EVP_PKEY object, and the EVP_PKEY_set1_RSA page for information on how to initialise an EVP_PKEY.

Working with Algorithms and Modes

Need content here