1EVP_PKEY_SIZE(3)                    OpenSSL                   EVP_PKEY_SIZE(3)
2
3
4

NAME

6       EVP_PKEY_size, EVP_PKEY_bits, EVP_PKEY_security_bits - EVP_PKEY
7       information functions
8

SYNOPSIS

10        #include <openssl/evp.h>
11
12        int EVP_PKEY_size(const EVP_PKEY *pkey);
13        int EVP_PKEY_bits(const EVP_PKEY *pkey);
14        int EVP_PKEY_security_bits(const EVP_PKEY *pkey);
15

DESCRIPTION

17       EVP_PKEY_size() returns the maximum suitable size for the output
18       buffers for almost all operations that can be done with pkey.  The
19       primary documented use is with EVP_SignFinal(3) and EVP_SealInit(3),
20       but it isn't limited there.  The returned size is also large enough for
21       the output buffer of EVP_PKEY_sign(3), EVP_PKEY_encrypt(3),
22       EVP_PKEY_decrypt(3), EVP_PKEY_derive(3).
23
24       It must be stressed that, unless the documentation for the operation
25       that's being performed says otherwise, the size returned by
26       EVP_PKEY_size() is only preliminary and not exact, so the final
27       contents of the target buffer may be smaller.  It is therefore crucial
28       to take note of the size given back by the function that performs the
29       operation, such as EVP_PKEY_sign(3) (the siglen argument will receive
30       that length), to avoid bugs.
31
32       EVP_PKEY_bits() returns the cryptographic length of the cryptosystem to
33       which the key in pkey belongs, in bits.  Note that the definition of
34       cryptographic length is specific to the key cryptosystem.
35
36       EVP_PKEY_security_bits() returns the number of security bits of the
37       given pkey, bits of security is defined in NIST SP800-57.
38

RETURN VALUES

40       EVP_PKEY_size(), EVP_PKEY_bits() and EVP_PKEY_security_bits() return a
41       positive number, or 0 if this size isn't available.
42

NOTES

44       Most functions that have an output buffer and are mentioned with
45       EVP_PKEY_size() have a functionality where you can pass NULL for the
46       buffer and still pass a pointer to an integer and get the exact size
47       that this function call delivers in the context that it's called in.
48       This allows those functions to be called twice, once to find out the
49       exact buffer size, then allocate the buffer in between, and call that
50       function again actually output the data.  For those functions, it isn't
51       strictly necessary to call EVP_PKEY_size() to find out the buffer size,
52       but may be useful in cases where it's desirable to know the upper limit
53       in advance.
54
55       It should also be especially noted that EVP_PKEY_size() shouldn't be
56       used to get the output size for EVP_DigestSignFinal(), according to
57       "NOTES" in EVP_DigestSignFinal(3).
58

SEE ALSO

60       EVP_SignFinal(3), EVP_SealInit(3), EVP_PKEY_sign(3),
61       EVP_PKEY_encrypt(3), EVP_PKEY_decrypt(3), EVP_PKEY_derive(3)
62

COPYRIGHT

64       Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
65
66       Licensed under the Apache License 2.0 (the "License").  You may not use
67       this file except in compliance with the License.  You can obtain a copy
68       in the file LICENSE in the source distribution or at
69       <https://www.openssl.org/source/license.html>.
70
71
72
731.1.1g                            2020-04-23                  EVP_PKEY_SIZE(3)