2020-04-15 01:06:12 +08:00
|
|
|
=pod
|
|
|
|
|
|
|
|
|
|
=head1 NAME
|
|
|
|
|
|
|
|
|
|
EVP_PKEY-X25519, EVP_PKEY-X448, EVP_PKEY-ED25519, EVP_PKEY-ED448,
|
|
|
|
|
EVP_KEYMGMT-X25519, EVP_KEYMGMT-X448, EVP_KEYMGMT-ED25519, EVP_KEYMGMT-ED448
|
|
|
|
|
- EVP_PKEY X25519, X448, ED25519 and ED448 keytype and algorithm support
|
|
|
|
|
|
|
|
|
|
=head1 DESCRIPTION
|
|
|
|
|
|
|
|
|
|
The B<X25519>, B<X448>, B<ED25519> and B<ED448> keytypes are
|
2020-04-20 15:22:41 +08:00
|
|
|
implemented in OpenSSL's default and FIPS providers. These implementations
|
|
|
|
|
support the associated key, containing the public key I<pub> and the
|
|
|
|
|
private key I<priv>.
|
|
|
|
|
|
2022-08-26 09:54:35 +08:00
|
|
|
=head2 Keygen Parameters
|
2020-05-26 11:53:07 +08:00
|
|
|
|
2022-08-26 09:54:35 +08:00
|
|
|
=over 4
|
|
|
|
|
|
|
|
|
|
=item "dhkem-ikm" (B<OSSL_PKEY_PARAM_DHKEM_IKM>) <octet string>
|
|
|
|
|
|
|
|
|
|
DHKEM requires the generation of a keypair using an input key material (seed).
|
|
|
|
|
Use this to specify the key material used for generation of the private key.
|
|
|
|
|
This value should not be reused for other purposes.
|
|
|
|
|
It should have a length of at least 32 for X25519, and 56 for X448.
|
|
|
|
|
|
|
|
|
|
This is only supported by X25519 and X448.
|
|
|
|
|
|
|
|
|
|
=back
|
|
|
|
|
|
|
|
|
|
Use EVP_PKEY_CTX_set_params() after calling EVP_PKEY_keygen_init().
|
2020-04-15 01:06:12 +08:00
|
|
|
|
|
|
|
|
=head2 Common X25519, X448, ED25519 and ED448 parameters
|
|
|
|
|
|
2020-04-20 15:22:41 +08:00
|
|
|
In addition to the common parameters that all keytypes should support (see
|
|
|
|
|
L<provider-keymgmt(7)/Common parameters>), the implementation of these keytypes
|
|
|
|
|
support the following.
|
2020-04-15 01:06:12 +08:00
|
|
|
|
|
|
|
|
=over 4
|
|
|
|
|
|
2020-05-21 23:16:41 +08:00
|
|
|
=item "group" (B<OSSL_PKEY_PARAM_GROUP_NAME>) <UTF8 string>
|
|
|
|
|
|
|
|
|
|
This is only supported by X25519 and X448. The group name must be "x25519" or
|
2020-06-30 03:13:07 +08:00
|
|
|
"x448" respectively for those algorithms. This is only present for consistency
|
2020-05-21 23:16:41 +08:00
|
|
|
with other key exchange algorithms and is typically not needed.
|
|
|
|
|
|
2020-04-15 01:06:12 +08:00
|
|
|
=item "pub" (B<OSSL_PKEY_PARAM_PUB_KEY>) <octet string>
|
|
|
|
|
|
|
|
|
|
The public key value.
|
|
|
|
|
|
|
|
|
|
=item "priv" (B<OSSL_PKEY_PARAM_PRIV_KEY>) <octet string>
|
|
|
|
|
|
|
|
|
|
The private key value.
|
|
|
|
|
|
2020-10-09 21:19:42 +08:00
|
|
|
=item "encoded-pub-key" (B<OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY>) <octet string>
|
2020-05-20 23:20:27 +08:00
|
|
|
|
2020-10-09 21:19:42 +08:00
|
|
|
Used for getting and setting the encoding of a public key for the B<X25519> and
|
|
|
|
|
B<X448> key types. Public keys are expected be encoded in a format as defined by
|
|
|
|
|
RFC7748.
|
2020-05-20 23:20:27 +08:00
|
|
|
|
2020-04-15 01:06:12 +08:00
|
|
|
=back
|
|
|
|
|
|
2020-04-20 15:29:47 +08:00
|
|
|
=head2 ED25519 and ED448 parameters
|
|
|
|
|
|
|
|
|
|
=over 4
|
|
|
|
|
|
2021-05-06 19:28:13 +08:00
|
|
|
=item "mandatory-digest" (B<OSSL_PKEY_PARAM_MANDATORY_DIGEST>) <UTF8 string>
|
2020-04-20 15:29:47 +08:00
|
|
|
|
|
|
|
|
The empty string, signifying that no digest may be specified.
|
|
|
|
|
|
|
|
|
|
=back
|
|
|
|
|
|
2020-04-15 01:06:12 +08:00
|
|
|
=head1 CONFORMING TO
|
|
|
|
|
|
|
|
|
|
=over 4
|
|
|
|
|
|
|
|
|
|
=item RFC 8032
|
|
|
|
|
|
2020-05-26 11:53:07 +08:00
|
|
|
=item RFC 8410
|
|
|
|
|
|
2020-04-15 01:06:12 +08:00
|
|
|
=back
|
|
|
|
|
|
|
|
|
|
=head1 EXAMPLES
|
|
|
|
|
|
|
|
|
|
An B<EVP_PKEY> context can be obtained by calling:
|
|
|
|
|
|
|
|
|
|
EVP_PKEY_CTX *pctx =
|
|
|
|
|
EVP_PKEY_CTX_new_from_name(NULL, "X25519", NULL);
|
|
|
|
|
|
|
|
|
|
EVP_PKEY_CTX *pctx =
|
|
|
|
|
EVP_PKEY_CTX_new_from_name(NULL, "X448", NULL);
|
|
|
|
|
|
|
|
|
|
EVP_PKEY_CTX *pctx =
|
|
|
|
|
EVP_PKEY_CTX_new_from_name(NULL, "ED25519", NULL);
|
|
|
|
|
|
|
|
|
|
EVP_PKEY_CTX *pctx =
|
|
|
|
|
EVP_PKEY_CTX_new_from_name(NULL, "ED448", NULL);
|
|
|
|
|
|
2021-03-20 20:49:08 +08:00
|
|
|
An B<X25519> key can be generated like this:
|
2020-04-15 01:06:12 +08:00
|
|
|
|
2021-05-11 21:55:13 +08:00
|
|
|
pkey = EVP_PKEY_Q_keygen(NULL, NULL, "X25519");
|
2020-04-15 01:06:12 +08:00
|
|
|
|
2021-03-20 20:49:08 +08:00
|
|
|
An B<X448>, B<ED25519>, or B<ED448> key can be generated likewise.
|
2020-04-15 01:06:12 +08:00
|
|
|
|
|
|
|
|
=head1 SEE ALSO
|
|
|
|
|
|
|
|
|
|
L<EVP_KEYMGMT(3)>, L<EVP_PKEY(3)>, L<provider-keymgmt(7)>,
|
|
|
|
|
L<EVP_KEYEXCH-X25519(7)>, L<EVP_KEYEXCH-X448(7)>,
|
|
|
|
|
L<EVP_SIGNATURE-ED25519(7)>, L<EVP_SIGNATURE-ED448(7)>
|
|
|
|
|
|
|
|
|
|
=head1 COPYRIGHT
|
|
|
|
|
|
2021-05-20 21:22:33 +08:00
|
|
|
Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
|
2020-04-15 01:06:12 +08:00
|
|
|
|
|
|
|
|
Licensed under the Apache License 2.0 (the "License"). You may not use
|
|
|
|
|
this file except in compliance with the License. You can obtain a copy
|
|
|
|
|
in the file LICENSE in the source distribution or at
|
|
|
|
|
L<https://www.openssl.org/source/license.html>.
|
|
|
|
|
|
|
|
|
|
=cut
|
