EVP_PKEY-FFC.7 - OpenGrok cross reference for /freebsd/secure/lib/libcrypto/man/man7/EVP

Lines Matching +full:first +full:- +full:generation
1 .\" -*- mode: troff; coding: utf-8 -*-
57 .IX Title "EVP_PKEY-FFC 7ossl"
58 .TH EVP_PKEY-FFC 7ossl 2025-07-01 3.5.1 OpenSSL
64 EVP_PKEY\-FFC \- EVP_PKEY DSA and DH/DHX shared FFC parameters.
69 Diffie-Hellman key establishment algorithms specified in SP800\-56A can also be
78 For \fBDSA\fR (and \fBDH\fR that is not a named group) the FIPS186\-4 standard
79 specifies that the values used for FFC parameter generation are also required
89 must be used for FIPS186\-4.
93 "Common parameters" in \fBprovider\-keymgmt\fR\|(7)), the \fBDSA\fR, \fBDH\fR and \fBDHX\fR keytype
105 A DSA or Diffie-Hellman prime "p" value.
108 A DSA or Diffie-Hellman generator "g" value.
113 A DSA or Diffie-Hellman prime "q" value.
116 An optional domain parameter \fIseed\fR value used during generation and validation
118 For validation this needs to set the \fIseed\fR that was produced during generation.
121 Sets the index to use for canonical generation and verification of the generator
125 is not set or is \-1 then unverifiable generation of the generator \fIg\fR will be
129 An optional domain parameter \fIcounter\fR value that is output during generation
133 For unverifiable generation of the generator \fIg\fR this value is output during
134 generation of \fIg\fR. Its value is the first integer larger than one that
138 An optional informational cofactor parameter that should equal to (p \- 1) / q.
139 .IP """validate-pq"" (\fBOSSL_PKEY_PARAM_FFC_VALIDATE_PQ\fR) <unsigned integer>" 4
140 .IX Item """validate-pq"" (OSSL_PKEY_PARAM_FFC_VALIDATE_PQ) <unsigned integer>"
142 .IP """validate-g"" (\fBOSSL_PKEY_PARAM_FFC_VALIDATE_G\fR) <unsigned integer>" 4
143 .IX Item """validate-g"" (OSSL_PKEY_PARAM_FFC_VALIDATE_G) <unsigned integer>"
145 These boolean values are used during FIPS186\-4 or FIPS186\-2 key validation checks
147 \&\fIvalidate-pq\fR and \fIvalidate-g\fR are both set to 1 to check that p,q and g are
150 .IP """validate-legacy"" (\fBOSSL_PKEY_PARAM_FFC_VALIDATE_LEGACY\fR) <unsigned integer>" 4
151 .IX Item """validate-legacy"" (OSSL_PKEY_PARAM_FFC_VALIDATE_LEGACY) <unsigned integer>"
154 value of 0 selects FIPS186\-4 validation. Setting this value to 1 selects
155 FIPS186\-2 validation.
156 .SS "FFC key generation parameters"
157 .IX Subsection "FFC key generation parameters"
158 The following key generation types are available for DSA and DHX algorithms:
161 Sets the type of parameter generation. The shared valid values are:
172 parameters set for parameter generation.
187 Sets the Digest algorithm to be used as part of the Key Generation Function
188 associated with the given Key Generation \fIctx\fR.
193 Digest algorithm for the Key Generation Function associated with the given key
194 generation \fIctx\fR. This may also be set for key validation.
197 For "fips186_4" or "fips186_2" generation this sets the \fIseed\fR data to use
212 The following sections of SP800\-56Ar3:
213 .IP "5.5.1.1 FFC Domain Parameter Selection/Generation" 4
214 .IX Item "5.5.1.1 FFC Domain Parameter Selection/Generation"
216 The following sections of FIPS186\-4:
217 .IP "A.1.1.2 Generation of Probable Primes p and q Using an Approved Hash Function." 4
218 .IX Item "A.1.1.2 Generation of Probable Primes p and q Using an Approved Hash Function."
220 .IP "A.2.3 Generation of canonical generator g." 4
221 .IX Item "A.2.3 Generation of canonical generator g."
222 .IP "A.2.1 Unverifiable Generation of the Generator g." 4
223 .IX Item "A.2.1 Unverifiable Generation of the Generator g."
227 \&\fBEVP_PKEY\-DSA\fR\|(7),
228 \&\fBEVP_PKEY\-DH\fR\|(7),
229 \&\fBEVP_SIGNATURE\-DSA\fR\|(7),
230 \&\fBEVP_KEYEXCH\-DH\fR\|(7)
233 \&\fBprovider\-keymgmt\fR\|(7),
234 \&\fBOSSL_PROVIDER\-default\fR\|(7),
235 \&\fBOSSL_PROVIDER\-FIPS\fR\|(7),
238 Copyright 2020\-2021 The OpenSSL Project Authors. All Rights Reserved.