EVP_PKEY-EC.pod - OpenGrok cross reference for /freebsd/crypto/openssl/doc/man7/EVP

Lines Matching +full:keys +full:- +full:per +full:- +full:group
5 EVP_PKEY-EC,
6 EVP_KEYMGMT-EC
7 - EVP_PKEY EC keytype and algorithm support
16 curve name "group". For curves with no curve name, explicit parameters can be
17 used that specify "field-type", "p", "a", "b", "generator" and "order".
23 built-in EC algorithm:
27 =item "group" (B<OSSL_PKEY_PARAM_GROUP_NAME>) <UTF8 string>
31 =item "field-type" (B<OSSL_PKEY_PARAM_EC_FIELD_TYPE>) <UTF8 string>
33 The value should be either "prime-field" or "characteristic-two-field",
39 represents the irreducible polynomial - each bit represents a term in the
67 I<order> - 1.
71 =item  "decoded-from-explicit" (B<OSSL_PKEY_PARAM_EC_DECODED_FROM_EXPLICIT_PARAMS>) <integer>
76 =item "use-cofactor-flag" (B<OSSL_PKEY_PARAM_USE_COFACTOR_ECDH>) <integer>
82 See also L<EVP_KEYEXCH-ECDH(7)> for the related
84 per-operation basis.
88 Set the format used for serializing the EC group parameters.
91 =item "point-format" (B<OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT>) <UTF8 string>
97 =item "group-check" (B<OSSL_PKEY_PARAM_EC_GROUP_CHECK_TYPE>) <UTF8 string>
99 Sets or Gets the type of group check done when EVP_PKEY_param_check() is called.
100 Valid values are "default", "named" and "named-nist".
102 "named-nist" is similar but also checks that the named curve is a nist curve.
104 but is equivalent to "named-nist" for the OpenSSL FIPS provider.
106 =item "include-public" (B<OSSL_PKEY_PARAM_EC_INCLUDE_PUBLIC>) <integer>
131 =item "encoded-pub-key" (B<OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY>) <octet string>
145 =item "default-digest" (B<OSSL_PKEY_PARAM_DEFAULT_DIGEST>) <UTF8 string>
150 =item "dhkem-ikm" (B<OSSL_PKEY_PARAM_DHKEM_IKM>) <octet string>
155 for the curves "P-256", "P-384" and "P-521" and should have a length of at least
160 The following Gettable types are also available for the built-in EC algorithm:
164 =item "basis-type" (B<OSSL_PKEY_PARAM_EC_CHAR2_TYPE>) <UTF8 string>
195 =item "key-check" (B<OSSL_PKEY_PARAM_FIPS_KEY_CHECK>) <integer>
197 See L<provider-keymgmt(7)/Common Information Parameters> for further information.
206 =item "fips-indicator" (B<OSSL_PKEY_PARAM_FIPS_APPROVED_INDICATOR>) <integer>
208 See L<provider-keymgmt(7)/Common Information Parameters> for further information.
214 For EC keys, L<EVP_PKEY_param_check(3)> behaves in the following way:
219 conform to SP800-56Ar3 I<Assurances of Domain-Parameter Validity>.
221 For EC keys, L<EVP_PKEY_param_check_quick(3)> is equivalent to
224 For EC keys, L<EVP_PKEY_public_check(3)> and L<EVP_PKEY_public_check_quick(3)>
225 conform to SP800-56Ar3 I<ECC Full Public-Key Validation> and
226 I<ECC Partial Public-Key Validation> respectively.
228 For EC Keys, L<EVP_PKEY_private_check(3)> and L<EVP_PKEY_pairwise_check(3)>
229 conform to SP800-56Ar3 I<Private key validity> and
230 I<Owner Assurance of Pair-wise Consistency> respectively.
239 An B<EVP_PKEY> ECDSA or ECDH key can be generated with a "P-256" named group by
242     pkey = EVP_EC_gen("P-256");
254                                                  "P-256", 0);
265 An B<EVP_PKEY> EC CDH (Cofactor Diffie-Hellman) key can be generated with a
266 "K-571" named group by calling:
277                                                  "K-571", 0);
279      * This curve has a cofactor that is not 1 - so setting CDH mode changes
280      * the behaviour. For many curves the cofactor is 1 - so setting this has
299 L<provider-keymgmt(7)>,
300 L<EVP_SIGNATURE-ECDSA(7)>,
301 L<EVP_KEYEXCH-ECDH(7)>
305 Copyright 2020-2024 The OpenSSL Project Authors. All Rights Reserved.