openssl/doc/man7/EVP_KEYEXCH-ECDH.pod

=pod

=head1 NAME

EVP_KEYEXCH-ECDH - ECDH Key Exchange algorithm support

=head1 DESCRIPTION

Key exchange support for the B<ECDH> key type.

=head2 ECDH Key Exchange parameters

=over 4

=item "ecdh-cofactor-mode" (B<OSSL_EXCHANGE_PARAM_EC_ECDH_COFACTOR_MODE>) <integer>

Sets or gets the ECDH mode of operation for the associated key exchange ctx.

In the context of an Elliptic Curve Diffie-Hellman key exchange, this parameter
can be used to select between the plain Diffie-Hellman (DH) or Cofactor
Diffie-Hellman (CDH) variants of the key exchange algorithm.

When setting, the value should be 1, 0 or -1, respectively forcing cofactor mode
on, off, or resetting it to the default for the private key associated with the
given key exchange ctx.

When getting, the value should be either 1 or 0, respectively signaling if the
cofactor mode is on or off.

See also L<provider-keymgmt(7)> for the related
B<OSSL_PKEY_PARAM_USE_COFACTOR_ECDH> parameter that can be set on a
per-key basis.

=item "kdf-type" (B<OSSL_EXCHANGE_PARAM_KDF_TYPE>) <UTF8 string>

=item "kdf-digest" (B<OSSL_EXCHANGE_PARAM_KDF_DIGEST>) <UTF8 string>

=item "kdf-digest-props" (B<OSSL_EXCHANGE_PARAM_KDF_DIGEST_PROPS>) <UTF8 string>

=item "kdf-outlen" (B<OSSL_EXCHANGE_PARAM_KDF_OUTLEN>) <unsigned integer>

=item "kdf-ukm" (B<OSSL_EXCHANGE_PARAM_KDF_UKM>) <octet string>

=back

The OpenSSL FIPS provider also supports the following parameters:

=over 4

=item "fips-indicator" (B<OSSL_EXCHANGE_PARAM_FIPS_APPROVED_INDICATOR>) <integer>

=item "key-check" (B<OSSL_EXCHANGE_PARAM_FIPS_KEY_CHECK>) <integer>

=item "digest-check" (B<OSSL_EXCHANGE_PARAM_FIPS_DIGEST_CHECK>) <integer>

See L<provider-keyexch(7)/Common Key Exchange parameters>.

=item "ecdh-cofactor-check" (B<OSSL_EXCHANGE_PARAM_FIPS_ECDH_COFACTOR_CHECK>) <integer>

If required this parameter should before OSSL_FUNC_keyexch_derive().
The default value of 1 causes an error during the OSSL_FUNC_keyexch_derive if
the EC curve has a cofactor that is not 1, and the cofactor is not used.
Setting this to 0 will ignore the error and set the approved
"fips-indicator" to 0.
This option breaks FIPS compliance if it causes the approved "fips-indicator"
to return 0.

=back

=head1 EXAMPLES

Examples of key agreement can be found in demos/keyexch.

Keys for the host and peer must be generated as shown in
L<EVP_PKEY-EC(7)/Examples> using the same curve name.

The code to generate a shared secret for the normal case is identical to
L<EVP_KEYEXCH-DH(7)/Examples>.

To derive a shared secret on the host using the host's key and the peer's public
key but also using X963KDF with a user key material:

    /* It is assumed that the host_key, peer_pub_key and ukm are set up */
    void derive_secret(EVP_PKEY *host_key, EVP_PKEY *peer_key,
                       unsigned char *ukm, size_t ukm_len)
    {
        unsigned char secret[64];
        size_t out_len = sizeof(secret);
        size_t secret_len = out_len;
        unsigned int pad = 1;
        OSSL_PARAM params[6];
        EVP_PKEY_CTX *dctx = EVP_PKEY_CTX_new_from_pkey(NULL, host_key, NULL);

        EVP_PKEY_derive_init(dctx);

        params[0] = OSSL_PARAM_construct_uint(OSSL_EXCHANGE_PARAM_PAD, &pad);
        params[1] = OSSL_PARAM_construct_utf8_string(OSSL_EXCHANGE_PARAM_KDF_TYPE,
                                                     "X963KDF", 0);
        params[2] = OSSL_PARAM_construct_utf8_string(OSSL_EXCHANGE_PARAM_KDF_DIGEST,
                                                     "SHA1", 0);
        params[3] = OSSL_PARAM_construct_size_t(OSSL_EXCHANGE_PARAM_KDF_OUTLEN,
                                                &out_len);
        params[4] = OSSL_PARAM_construct_octet_string(OSSL_EXCHANGE_PARAM_KDF_UKM,
                                                      ukm, ukm_len);
        params[5] = OSSL_PARAM_construct_end();
        EVP_PKEY_CTX_set_params(dctx, params);

        EVP_PKEY_derive_set_peer(dctx, peer_pub_key);
        EVP_PKEY_derive(dctx, secret, &secret_len);
        ...
        OPENSSL_clear_free(secret, secret_len);
        EVP_PKEY_CTX_free(dctx);
    }

=head1 SEE ALSO

L<EVP_PKEY-EC(7)>
L<EVP_PKEY(3)>,
L<provider-keyexch(7)>,
L<provider-keymgmt(7)>,
L<OSSL_PROVIDER-default(7)>,
L<OSSL_PROVIDER-FIPS(7)>,

=head1 COPYRIGHT

Copyright 2020-2024 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License").  You may not use
this file except in compliance with the License.  You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.

=cut
Update core_names.h fields and document most fields. Renamed some values in core_names i.e Some DH specific names were changed to use DH instead of FFC. Added some strings values related to RSA keys. Moved set_params related docs out of EVP_PKEY_CTX_ctrl.pod into its own file. Updated Keyexchange and signature code and docs. Moved some common DSA/DH docs into a shared EVP_PKEY-FFC.pod. Moved Ed25519.pod into EVP_SIGNATURE-ED25519.pod and reworked it. Added some usage examples. As a result of the usage examples the following change was also made: ec allows OSSL_PKEY_PARAM_USE_COFACTOR_ECDH as a settable gen parameter. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11610) 2020-05-26 11:53:07 +08:00			`=pod`

			`=head1 NAME`

			`EVP_KEYEXCH-ECDH - ECDH Key Exchange algorithm support`

			`=head1 DESCRIPTION`

			`Key exchange support for the B<ECDH> key type.`

			`=head2 ECDH Key Exchange parameters`

			`=over 4`

			`=item "ecdh-cofactor-mode" (B<OSSL_EXCHANGE_PARAM_EC_ECDH_COFACTOR_MODE>) <integer>`

			`Sets or gets the ECDH mode of operation for the associated key exchange ctx.`

			`In the context of an Elliptic Curve Diffie-Hellman key exchange, this parameter`
			`can be used to select between the plain Diffie-Hellman (DH) or Cofactor`
			`Diffie-Hellman (CDH) variants of the key exchange algorithm.`

			`When setting, the value should be 1, 0 or -1, respectively forcing cofactor mode`
			`on, off, or resetting it to the default for the private key associated with the`
			`given key exchange ctx.`

			`When getting, the value should be either 1 or 0, respectively signaling if the`
			`cofactor mode is on or off.`

			`See also L<provider-keymgmt(7)> for the related`
			`B<OSSL_PKEY_PARAM_USE_COFACTOR_ECDH> parameter that can be set on a`
			`per-key basis.`

Unify parameter types in documentation Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15178) 2021-05-06 19:28:13 +08:00			`=item "kdf-type" (B<OSSL_EXCHANGE_PARAM_KDF_TYPE>) <UTF8 string>`
Update core_names.h fields and document most fields. Renamed some values in core_names i.e Some DH specific names were changed to use DH instead of FFC. Added some strings values related to RSA keys. Moved set_params related docs out of EVP_PKEY_CTX_ctrl.pod into its own file. Updated Keyexchange and signature code and docs. Moved some common DSA/DH docs into a shared EVP_PKEY-FFC.pod. Moved Ed25519.pod into EVP_SIGNATURE-ED25519.pod and reworked it. Added some usage examples. As a result of the usage examples the following change was also made: ec allows OSSL_PKEY_PARAM_USE_COFACTOR_ECDH as a settable gen parameter. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11610) 2020-05-26 11:53:07 +08:00
Unify parameter types in documentation Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15178) 2021-05-06 19:28:13 +08:00			`=item "kdf-digest" (B<OSSL_EXCHANGE_PARAM_KDF_DIGEST>) <UTF8 string>`
Update core_names.h fields and document most fields. Renamed some values in core_names i.e Some DH specific names were changed to use DH instead of FFC. Added some strings values related to RSA keys. Moved set_params related docs out of EVP_PKEY_CTX_ctrl.pod into its own file. Updated Keyexchange and signature code and docs. Moved some common DSA/DH docs into a shared EVP_PKEY-FFC.pod. Moved Ed25519.pod into EVP_SIGNATURE-ED25519.pod and reworked it. Added some usage examples. As a result of the usage examples the following change was also made: ec allows OSSL_PKEY_PARAM_USE_COFACTOR_ECDH as a settable gen parameter. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11610) 2020-05-26 11:53:07 +08:00
Unify parameter types in documentation Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15178) 2021-05-06 19:28:13 +08:00			`=item "kdf-digest-props" (B<OSSL_EXCHANGE_PARAM_KDF_DIGEST_PROPS>) <UTF8 string>`
Update core_names.h fields and document most fields. Renamed some values in core_names i.e Some DH specific names were changed to use DH instead of FFC. Added some strings values related to RSA keys. Moved set_params related docs out of EVP_PKEY_CTX_ctrl.pod into its own file. Updated Keyexchange and signature code and docs. Moved some common DSA/DH docs into a shared EVP_PKEY-FFC.pod. Moved Ed25519.pod into EVP_SIGNATURE-ED25519.pod and reworked it. Added some usage examples. As a result of the usage examples the following change was also made: ec allows OSSL_PKEY_PARAM_USE_COFACTOR_ECDH as a settable gen parameter. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11610) 2020-05-26 11:53:07 +08:00
Unify parameter types in documentation Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15178) 2021-05-06 19:28:13 +08:00			`=item "kdf-outlen" (B<OSSL_EXCHANGE_PARAM_KDF_OUTLEN>) <unsigned integer>`
Update core_names.h fields and document most fields. Renamed some values in core_names i.e Some DH specific names were changed to use DH instead of FFC. Added some strings values related to RSA keys. Moved set_params related docs out of EVP_PKEY_CTX_ctrl.pod into its own file. Updated Keyexchange and signature code and docs. Moved some common DSA/DH docs into a shared EVP_PKEY-FFC.pod. Moved Ed25519.pod into EVP_SIGNATURE-ED25519.pod and reworked it. Added some usage examples. As a result of the usage examples the following change was also made: ec allows OSSL_PKEY_PARAM_USE_COFACTOR_ECDH as a settable gen parameter. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11610) 2020-05-26 11:53:07 +08:00
Unify parameter types in documentation Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15178) 2021-05-06 19:28:13 +08:00			`=item "kdf-ukm" (B<OSSL_EXCHANGE_PARAM_KDF_UKM>) <octet string>`
Update core_names.h fields and document most fields. Renamed some values in core_names i.e Some DH specific names were changed to use DH instead of FFC. Added some strings values related to RSA keys. Moved set_params related docs out of EVP_PKEY_CTX_ctrl.pod into its own file. Updated Keyexchange and signature code and docs. Moved some common DSA/DH docs into a shared EVP_PKEY-FFC.pod. Moved Ed25519.pod into EVP_SIGNATURE-ED25519.pod and reworked it. Added some usage examples. As a result of the usage examples the following change was also made: ec allows OSSL_PKEY_PARAM_USE_COFACTOR_ECDH as a settable gen parameter. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11610) 2020-05-26 11:53:07 +08:00
Cleanups for FIPS indicator documentation Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25195) 2024-08-15 14:20:26 +08:00			`=back`

			`The OpenSSL FIPS provider also supports the following parameters:`

			`=over 4`

Fix parameter types int -> integer changes Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Yang <kaishen.yy@antfin.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24881) 2024-07-15 09:06:45 +08:00			`=item "fips-indicator" (B<OSSL_EXCHANGE_PARAM_FIPS_APPROVED_INDICATOR>) <integer>`
Change all existing FIPS configurable checks to use FIPS indicators. This changes the logic to always do the security checks and then decide what to do based on if this passes or not. Failure of a check causes either a failure OR the FIPS indicator callback to be triggered. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24623) 2024-07-01 09:36:58 +08:00
Fix parameter types int -> integer changes Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Yang <kaishen.yy@antfin.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24881) 2024-07-15 09:06:45 +08:00			`=item "key-check" (B<OSSL_EXCHANGE_PARAM_FIPS_KEY_CHECK>) <integer>`
Change all existing FIPS configurable checks to use FIPS indicators. This changes the logic to always do the security checks and then decide what to do based on if this passes or not. Failure of a check causes either a failure OR the FIPS indicator callback to be triggered. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24623) 2024-07-01 09:36:58 +08:00
Fix parameter types int -> integer changes Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Yang <kaishen.yy@antfin.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24881) 2024-07-15 09:06:45 +08:00			`=item "digest-check" (B<OSSL_EXCHANGE_PARAM_FIPS_DIGEST_CHECK>) <integer>`
Change all existing FIPS configurable checks to use FIPS indicators. This changes the logic to always do the security checks and then decide what to do based on if this passes or not. Failure of a check causes either a failure OR the FIPS indicator callback to be triggered. Reviewed-by: Neil Horman <nhorman@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/24623) 2024-07-01 09:36:58 +08:00
Fix documentation of parameters for DH and ECDH KEX Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com> (Merged from https://github.com/openssl/openssl/pull/17859) 2022-03-10 20:13:40 +08:00			`See L<provider-keyexch(7)/Common Key Exchange parameters>.`
Update core_names.h fields and document most fields. Renamed some values in core_names i.e Some DH specific names were changed to use DH instead of FFC. Added some strings values related to RSA keys. Moved set_params related docs out of EVP_PKEY_CTX_ctrl.pod into its own file. Updated Keyexchange and signature code and docs. Moved some common DSA/DH docs into a shared EVP_PKEY-FFC.pod. Moved Ed25519.pod into EVP_SIGNATURE-ED25519.pod and reworked it. Added some usage examples. As a result of the usage examples the following change was also made: ec allows OSSL_PKEY_PARAM_USE_COFACTOR_ECDH as a settable gen parameter. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11610) 2020-05-26 11:53:07 +08:00
Add FIPS Indicator for ECDH cofactor. FIPS KAS requires use of ECC CDH. The EC 'B' and 'K' curves have a cofactor that is not 1, and this MUST be multiplied by the private key when deriving the shared secret. Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25139) 2024-08-08 14:56:22 +08:00			`=item "ecdh-cofactor-check" (B<OSSL_EXCHANGE_PARAM_FIPS_ECDH_COFACTOR_CHECK>) <integer>`

			`If required this parameter should before OSSL_FUNC_keyexch_derive().`
			`The default value of 1 causes an error during the OSSL_FUNC_keyexch_derive if`
			`the EC curve has a cofactor that is not 1, and the cofactor is not used.`
Cleanups for FIPS indicator documentation Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25195) 2024-08-15 14:20:26 +08:00			`Setting this to 0 will ignore the error and set the approved`
			`"fips-indicator" to 0.`
			`This option breaks FIPS compliance if it causes the approved "fips-indicator"`
			`to return 0.`
Add FIPS Indicator for ECDH cofactor. FIPS KAS requires use of ECC CDH. The EC 'B' and 'K' curves have a cofactor that is not 1, and this MUST be multiplied by the private key when deriving the shared secret. Reviewed-by: Paul Dale <ppzgs1@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/25139) 2024-08-08 14:56:22 +08:00
Update core_names.h fields and document most fields. Renamed some values in core_names i.e Some DH specific names were changed to use DH instead of FFC. Added some strings values related to RSA keys. Moved set_params related docs out of EVP_PKEY_CTX_ctrl.pod into its own file. Updated Keyexchange and signature code and docs. Moved some common DSA/DH docs into a shared EVP_PKEY-FFC.pod. Moved Ed25519.pod into EVP_SIGNATURE-ED25519.pod and reworked it. Added some usage examples. As a result of the usage examples the following change was also made: ec allows OSSL_PKEY_PARAM_USE_COFACTOR_ECDH as a settable gen parameter. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11610) 2020-05-26 11:53:07 +08:00			`=back`

			`=head1 EXAMPLES`

Add demo for ECDH key exchange Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22916) 2023-12-03 07:09:46 +08:00			`Examples of key agreement can be found in demos/keyexch.`

Update core_names.h fields and document most fields. Renamed some values in core_names i.e Some DH specific names were changed to use DH instead of FFC. Added some strings values related to RSA keys. Moved set_params related docs out of EVP_PKEY_CTX_ctrl.pod into its own file. Updated Keyexchange and signature code and docs. Moved some common DSA/DH docs into a shared EVP_PKEY-FFC.pod. Moved Ed25519.pod into EVP_SIGNATURE-ED25519.pod and reworked it. Added some usage examples. As a result of the usage examples the following change was also made: ec allows OSSL_PKEY_PARAM_USE_COFACTOR_ECDH as a settable gen parameter. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11610) 2020-05-26 11:53:07 +08:00			`Keys for the host and peer must be generated as shown in`
			`L<EVP_PKEY-EC(7)/Examples> using the same curve name.`

			`The code to generate a shared secret for the normal case is identical to`
doc: remove end of line whitespace Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/16641) 2021-09-21 08:59:56 +08:00			`L<EVP_KEYEXCH-DH(7)/Examples>.`
Update core_names.h fields and document most fields. Renamed some values in core_names i.e Some DH specific names were changed to use DH instead of FFC. Added some strings values related to RSA keys. Moved set_params related docs out of EVP_PKEY_CTX_ctrl.pod into its own file. Updated Keyexchange and signature code and docs. Moved some common DSA/DH docs into a shared EVP_PKEY-FFC.pod. Moved Ed25519.pod into EVP_SIGNATURE-ED25519.pod and reworked it. Added some usage examples. As a result of the usage examples the following change was also made: ec allows OSSL_PKEY_PARAM_USE_COFACTOR_ECDH as a settable gen parameter. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11610) 2020-05-26 11:53:07 +08:00
			`To derive a shared secret on the host using the host's key and the peer's public`
			`key but also using X963KDF with a user key material:`

			`/* It is assumed that the host_key, peer_pub_key and ukm are set up */`
			`void derive_secret(EVP_PKEY host_key, EVP_PKEY peer_key,`
			`unsigned char *ukm, size_t ukm_len)`
			`{`
			`unsigned char secret[64];`
			`size_t out_len = sizeof(secret);`
			`size_t secret_len = out_len;`
			`unsigned int pad = 1;`
			`OSSL_PARAM params[6];`
Fix small typo in EVP_KEYEXCH-ECDH.html doc example Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17657) 2022-02-08 06:16:39 +08:00			`EVP_PKEY_CTX *dctx = EVP_PKEY_CTX_new_from_pkey(NULL, host_key, NULL);`
Update core_names.h fields and document most fields. Renamed some values in core_names i.e Some DH specific names were changed to use DH instead of FFC. Added some strings values related to RSA keys. Moved set_params related docs out of EVP_PKEY_CTX_ctrl.pod into its own file. Updated Keyexchange and signature code and docs. Moved some common DSA/DH docs into a shared EVP_PKEY-FFC.pod. Moved Ed25519.pod into EVP_SIGNATURE-ED25519.pod and reworked it. Added some usage examples. As a result of the usage examples the following change was also made: ec allows OSSL_PKEY_PARAM_USE_COFACTOR_ECDH as a settable gen parameter. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11610) 2020-05-26 11:53:07 +08:00
			`EVP_PKEY_derive_init(dctx);`

			`params[0] = OSSL_PARAM_construct_uint(OSSL_EXCHANGE_PARAM_PAD, &pad);`
			`params[1] = OSSL_PARAM_construct_utf8_string(OSSL_EXCHANGE_PARAM_KDF_TYPE,`
			`"X963KDF", 0);`
			`params[2] = OSSL_PARAM_construct_utf8_string(OSSL_EXCHANGE_PARAM_KDF_DIGEST,`
			`"SHA1", 0);`
			`params[3] = OSSL_PARAM_construct_size_t(OSSL_EXCHANGE_PARAM_KDF_OUTLEN,`
			`&out_len);`
			`params[4] = OSSL_PARAM_construct_octet_string(OSSL_EXCHANGE_PARAM_KDF_UKM,`
			`ukm, ukm_len);`
			`params[5] = OSSL_PARAM_construct_end();`
			`EVP_PKEY_CTX_set_params(dctx, params);`

			`EVP_PKEY_derive_set_peer(dctx, peer_pub_key);`
			`EVP_PKEY_derive(dctx, secret, &secret_len);`
			`...`
			`OPENSSL_clear_free(secret, secret_len);`
			`EVP_PKEY_CTX_free(dctx);`
			`}`

			`=head1 SEE ALSO`

			`L<EVP_PKEY-EC(7)>`
			`L<EVP_PKEY(3)>,`
			`L<provider-keyexch(7)>,`
			`L<provider-keymgmt(7)>,`
			`L<OSSL_PROVIDER-default(7)>,`
			`L<OSSL_PROVIDER-FIPS(7)>,`

			`=head1 COPYRIGHT`

Copyright year updates Reviewed-by: Neil Horman <nhorman@openssl.org> Release: yes 2024-09-05 15:35:49 +08:00			`Copyright 2020-2024 The OpenSSL Project Authors. All Rights Reserved.`
Update core_names.h fields and document most fields. Renamed some values in core_names i.e Some DH specific names were changed to use DH instead of FFC. Added some strings values related to RSA keys. Moved set_params related docs out of EVP_PKEY_CTX_ctrl.pod into its own file. Updated Keyexchange and signature code and docs. Moved some common DSA/DH docs into a shared EVP_PKEY-FFC.pod. Moved Ed25519.pod into EVP_SIGNATURE-ED25519.pod and reworked it. Added some usage examples. As a result of the usage examples the following change was also made: ec allows OSSL_PKEY_PARAM_USE_COFACTOR_ECDH as a settable gen parameter. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11610) 2020-05-26 11:53:07 +08:00
			`Licensed under the Apache License 2.0 (the "License"). You may not use`
			`this file except in compliance with the License. You can obtain a copy`
			`in the file LICENSE in the source distribution or at`
			`L<https://www.openssl.org/source/license.html>.`

			`=cut`