mirror of
https://github.com/openssl/openssl.git
synced 2024-12-21 06:09:35 +08:00
1a7328c882
This adds handling of the parameter "mandatory-digest" and responds with an empty string, meaning that no digest may be used. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11576)
101 lines
2.3 KiB
Plaintext
101 lines
2.3 KiB
Plaintext
=pod
|
|
|
|
=head1 NAME
|
|
|
|
EVP_PKEY-X25519, EVP_PKEY-X448, EVP_PKEY-ED25519, EVP_PKEY-ED448,
|
|
EVP_KEYMGMT-X25519, EVP_KEYMGMT-X448, EVP_KEYMGMT-ED25519, EVP_KEYMGMT-ED448
|
|
- EVP_PKEY X25519, X448, ED25519 and ED448 keytype and algorithm support
|
|
|
|
=head1 DESCRIPTION
|
|
|
|
The B<X25519>, B<X448>, B<ED25519> and B<ED448> keytypes are
|
|
implemented in OpenSSL's default provider.
|
|
|
|
=head2 Common X25519, X448, ED25519 and ED448 parameters
|
|
|
|
The following Import/Export types are available for the built-in X25519, X448,
|
|
ED25519 and X448 algorithms:
|
|
|
|
=over 4
|
|
|
|
=item "pub" (B<OSSL_PKEY_PARAM_PUB_KEY>) <octet string>
|
|
|
|
The public key value.
|
|
|
|
=item "priv" (B<OSSL_PKEY_PARAM_PRIV_KEY>) <octet string>
|
|
|
|
The private key value.
|
|
|
|
=back
|
|
|
|
=head2 ED25519 and ED448 parameters
|
|
|
|
=over 4
|
|
|
|
=item "mandatory-digest" (B<OSSL_PKEY_PARAM_MANDATORY_DIGEST>) <utf8 string>
|
|
|
|
The empty string, signifying that no digest may be specified.
|
|
|
|
=back
|
|
|
|
=head1 CONFORMING TO
|
|
|
|
=over 4
|
|
|
|
=item RFC 8032
|
|
|
|
=back
|
|
|
|
=head1 EXAMPLES
|
|
|
|
An B<EVP_PKEY> context can be obtained by calling:
|
|
|
|
EVP_PKEY_CTX *pctx =
|
|
EVP_PKEY_CTX_new_from_name(NULL, "X25519", NULL);
|
|
|
|
EVP_PKEY_CTX *pctx =
|
|
EVP_PKEY_CTX_new_from_name(NULL, "X448", NULL);
|
|
|
|
EVP_PKEY_CTX *pctx =
|
|
EVP_PKEY_CTX_new_from_name(NULL, "ED25519", NULL);
|
|
|
|
EVP_PKEY_CTX *pctx =
|
|
EVP_PKEY_CTX_new_from_name(NULL, "ED448", NULL);
|
|
|
|
An B<ED25519> key can be generated like this:
|
|
|
|
EVP_PKEY *pkey = NULL;
|
|
EVP_PKEY_CTX *pctx =
|
|
EVP_PKEY_CTX_new_from_name(NULL, "ED25519", NULL);
|
|
|
|
EVP_PKEY_keygen_init(pctx);
|
|
EVP_PKEY_gen(pctx, &pkey);
|
|
EVP_PKEY_CTX_free(pctx);
|
|
|
|
An B<X25519> key can be generated in a similar way:
|
|
|
|
EVP_PKEY *pkey = NULL;
|
|
EVP_PKEY_CTX *pctx =
|
|
EVP_PKEY_CTX_new_from_name(NULL, "X25519", NULL);
|
|
|
|
EVP_PKEY_keygen_init(pctx);
|
|
EVP_PKEY_gen(pctx, &pkey);
|
|
EVP_PKEY_CTX_free(pctx);
|
|
|
|
=head1 SEE ALSO
|
|
|
|
L<EVP_KEYMGMT(3)>, L<EVP_PKEY(3)>, L<provider-keymgmt(7)>,
|
|
L<EVP_KEYEXCH-X25519(7)>, L<EVP_KEYEXCH-X448(7)>,
|
|
L<EVP_SIGNATURE-ED25519(7)>, L<EVP_SIGNATURE-ED448(7)>
|
|
|
|
=head1 COPYRIGHT
|
|
|
|
Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
|
|
|
|
Licensed under the Apache License 2.0 (the "License"). You may not use
|
|
this file except in compliance with the License. You can obtain a copy
|
|
in the file LICENSE in the source distribution or at
|
|
L<https://www.openssl.org/source/license.html>.
|
|
|
|
=cut
|