mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2024-12-21 06:09:35 +08:00
Code Issues Packages Projects Releases Wiki Activity
5ac8fb584a
openssl/doc/man7/EVP_PKEY-X25519.pod
Matt Caswell 5ac8fb584a Rename EVP_PKEY_set1_tls_encodedpoint to EVP_PKEY_set1_encoded_public_key 
We do the same thing for the "get1" version. In reality this has broader
use than just TLS (it can also be used in CMS), and "encodedpoint" only
makes sense when you are talking about EC based algorithms.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13105)
2020-10-20 16:39:41 +01:00

123 lines
3.2 KiB
Plaintext
Raw Blame History

=pod
=head1 NAME
EVP_PKEY-X25519, EVP_PKEY-X448, EVP_PKEY-ED25519, EVP_PKEY-ED448,
EVP_KEYMGMT-X25519, EVP_KEYMGMT-X448, EVP_KEYMGMT-ED25519, EVP_KEYMGMT-ED448
- EVP_PKEY X25519, X448, ED25519 and ED448 keytype and algorithm support
=head1 DESCRIPTION
The B<X25519>, B<X448>, B<ED25519> and B<ED448> keytypes are
implemented in OpenSSL's default and FIPS providers. These implementations
support the associated key, containing the public key I<pub> and the
private key I<priv>.
In the FIPS provider they are non-approved algorithms and do not have the
"fips=yes" property set.
No additional parameters can be set during key generation.
=head2 Common X25519, X448, ED25519 and ED448 parameters
In addition to the common parameters that all keytypes should support (see
L<provider-keymgmt(7)/Common parameters>), the implementation of these keytypes
support the following.
=over 4
=item "group" (B<OSSL_PKEY_PARAM_GROUP_NAME>) <UTF8 string>
This is only supported by X25519 and X448. The group name must be "x25519" or
"x448" respectively for those algorithms. This is only present for consistency
with other key exchange algorithms and is typically not needed.
=item "pub" (B<OSSL_PKEY_PARAM_PUB_KEY>) <octet string>
The public key value.
=item "priv" (B<OSSL_PKEY_PARAM_PRIV_KEY>) <octet string>
The private key value.
=item "encoded-pub-key" (B<OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY>) <octet string>
Used for getting and setting the encoding of a public key for the B<X25519> and
B<X448> key types. Public keys are expected be encoded in a format as defined by
RFC7748.
=back
=head2 ED25519 and ED448 parameters
=over 4
=item "mandatory-digest" (B<OSSL_PKEY_PARAM_MANDATORY_DIGEST>) <utf8 string>
The empty string, signifying that no digest may be specified.
=back
=head1 CONFORMING TO
=over 4
=item RFC 8032
=item RFC 8410
=back
=head1 EXAMPLES
An B<EVP_PKEY> context can be obtained by calling:
EVP_PKEY_CTX *pctx =
EVP_PKEY_CTX_new_from_name(NULL, "X25519", NULL);
EVP_PKEY_CTX *pctx =
EVP_PKEY_CTX_new_from_name(NULL, "X448", NULL);
EVP_PKEY_CTX *pctx =
EVP_PKEY_CTX_new_from_name(NULL, "ED25519", NULL);
EVP_PKEY_CTX *pctx =
EVP_PKEY_CTX_new_from_name(NULL, "ED448", NULL);
An B<ED25519> key can be generated like this:
EVP_PKEY *pkey = NULL;
EVP_PKEY_CTX *pctx =
EVP_PKEY_CTX_new_from_name(NULL, "ED25519", NULL);
EVP_PKEY_keygen_init(pctx);
EVP_PKEY_gen(pctx, &pkey);
EVP_PKEY_CTX_free(pctx);
An B<X25519> key can be generated in a similar way:
EVP_PKEY *pkey = NULL;
EVP_PKEY_CTX *pctx =
EVP_PKEY_CTX_new_from_name(NULL, "X25519", NULL);
EVP_PKEY_keygen_init(pctx);
EVP_PKEY_gen(pctx, &pkey);
EVP_PKEY_CTX_free(pctx);
=head1 SEE ALSO
L<EVP_KEYMGMT(3)>, L<EVP_PKEY(3)>, L<provider-keymgmt(7)>,
L<EVP_KEYEXCH-X25519(7)>, L<EVP_KEYEXCH-X448(7)>,
L<EVP_SIGNATURE-ED25519(7)>, L<EVP_SIGNATURE-ED448(7)>
=head1 COPYRIGHT
Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.
=cut
Reference in New Issue View Git Blame Copy Permalink