]>
Commit | Line | Data |
---|---|---|
33df1cfd RL |
1 | =pod |
2 | ||
3 | =head1 NAME | |
4 | ||
5 | EVP_PKEY-X25519, EVP_PKEY-X448, EVP_PKEY-ED25519, EVP_PKEY-ED448, | |
6 | EVP_KEYMGMT-X25519, EVP_KEYMGMT-X448, EVP_KEYMGMT-ED25519, EVP_KEYMGMT-ED448 | |
7 | - EVP_PKEY X25519, X448, ED25519 and ED448 keytype and algorithm support | |
8 | ||
9 | =head1 DESCRIPTION | |
10 | ||
11 | The B<X25519>, B<X448>, B<ED25519> and B<ED448> keytypes are | |
8c30dfee P |
12 | implemented in OpenSSL's default and FIPS providers. These implementations |
13 | support the associated key, containing the public key I<pub> and the | |
14 | private key I<priv>. | |
15 | ||
16 | In the FIPS provider they are non-approved algorithms and do not have the | |
17 | "fips=yes" property set. | |
b8086652 SL |
18 | No additional parameters can be set during key generation. |
19 | ||
33df1cfd RL |
20 | |
21 | =head2 Common X25519, X448, ED25519 and ED448 parameters | |
22 | ||
8c30dfee P |
23 | In addition to the common parameters that all keytypes should support (see |
24 | L<provider-keymgmt(7)/Common parameters>), the implementation of these keytypes | |
25 | support the following. | |
33df1cfd RL |
26 | |
27 | =over 4 | |
28 | ||
90929138 MC |
29 | =item "group" (B<OSSL_PKEY_PARAM_GROUP_NAME>) <UTF8 string> |
30 | ||
31 | This is only supported by X25519 and X448. The group name must be "x25519" or | |
8c1cbc72 | 32 | "x448" respectively for those algorithms. This is only present for consistency |
90929138 MC |
33 | with other key exchange algorithms and is typically not needed. |
34 | ||
33df1cfd RL |
35 | =item "pub" (B<OSSL_PKEY_PARAM_PUB_KEY>) <octet string> |
36 | ||
37 | The public key value. | |
38 | ||
39 | =item "priv" (B<OSSL_PKEY_PARAM_PRIV_KEY>) <octet string> | |
40 | ||
41 | The private key value. | |
42 | ||
5ac8fb58 | 43 | =item "encoded-pub-key" (B<OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY>) <octet string> |
6a9bd929 | 44 | |
5ac8fb58 MC |
45 | Used for getting and setting the encoding of a public key for the B<X25519> and |
46 | B<X448> key types. Public keys are expected be encoded in a format as defined by | |
47 | RFC7748. | |
6a9bd929 | 48 | |
33df1cfd RL |
49 | =back |
50 | ||
1a7328c8 RL |
51 | =head2 ED25519 and ED448 parameters |
52 | ||
53 | =over 4 | |
54 | ||
c9f18e59 | 55 | =item "mandatory-digest" (B<OSSL_PKEY_PARAM_MANDATORY_DIGEST>) <UTF8 string> |
1a7328c8 RL |
56 | |
57 | The empty string, signifying that no digest may be specified. | |
58 | ||
59 | =back | |
60 | ||
33df1cfd RL |
61 | =head1 CONFORMING TO |
62 | ||
63 | =over 4 | |
64 | ||
65 | =item RFC 8032 | |
66 | ||
b8086652 SL |
67 | =item RFC 8410 |
68 | ||
33df1cfd RL |
69 | =back |
70 | ||
71 | =head1 EXAMPLES | |
72 | ||
73 | An B<EVP_PKEY> context can be obtained by calling: | |
74 | ||
75 | EVP_PKEY_CTX *pctx = | |
76 | EVP_PKEY_CTX_new_from_name(NULL, "X25519", NULL); | |
77 | ||
78 | EVP_PKEY_CTX *pctx = | |
79 | EVP_PKEY_CTX_new_from_name(NULL, "X448", NULL); | |
80 | ||
81 | EVP_PKEY_CTX *pctx = | |
82 | EVP_PKEY_CTX_new_from_name(NULL, "ED25519", NULL); | |
83 | ||
84 | EVP_PKEY_CTX *pctx = | |
85 | EVP_PKEY_CTX_new_from_name(NULL, "ED448", NULL); | |
86 | ||
f9253152 | 87 | An B<X25519> key can be generated like this: |
33df1cfd | 88 | |
f9253152 | 89 | pkey = EVP_Q_keygen(NULL, NULL, "X25519"); |
33df1cfd | 90 | |
f9253152 | 91 | An B<X448>, B<ED25519>, or B<ED448> key can be generated likewise. |
33df1cfd RL |
92 | |
93 | =head1 SEE ALSO | |
94 | ||
95 | L<EVP_KEYMGMT(3)>, L<EVP_PKEY(3)>, L<provider-keymgmt(7)>, | |
96 | L<EVP_KEYEXCH-X25519(7)>, L<EVP_KEYEXCH-X448(7)>, | |
97 | L<EVP_SIGNATURE-ED25519(7)>, L<EVP_SIGNATURE-ED448(7)> | |
98 | ||
99 | =head1 COPYRIGHT | |
100 | ||
101 | Copyright 2020 The OpenSSL Project Authors. All Rights Reserved. | |
102 | ||
103 | Licensed under the Apache License 2.0 (the "License"). You may not use | |
104 | this file except in compliance with the License. You can obtain a copy | |
105 | in the file LICENSE in the source distribution or at | |
106 | L<https://www.openssl.org/source/license.html>. | |
107 | ||
108 | =cut |