1*b077aed3SPierre Pronchery=pod 2*b077aed3SPierre Pronchery 3*b077aed3SPierre Pronchery=head1 NAME 4*b077aed3SPierre Pronchery 5*b077aed3SPierre ProncheryEVP_PKEY-X25519, EVP_PKEY-X448, EVP_PKEY-ED25519, EVP_PKEY-ED448, 6*b077aed3SPierre ProncheryEVP_KEYMGMT-X25519, EVP_KEYMGMT-X448, EVP_KEYMGMT-ED25519, EVP_KEYMGMT-ED448 7*b077aed3SPierre Pronchery- EVP_PKEY X25519, X448, ED25519 and ED448 keytype and algorithm support 8*b077aed3SPierre Pronchery 9*b077aed3SPierre Pronchery=head1 DESCRIPTION 10*b077aed3SPierre Pronchery 11*b077aed3SPierre ProncheryThe B<X25519>, B<X448>, B<ED25519> and B<ED448> keytypes are 12*b077aed3SPierre Proncheryimplemented in OpenSSL's default and FIPS providers. These implementations 13*b077aed3SPierre Proncherysupport the associated key, containing the public key I<pub> and the 14*b077aed3SPierre Proncheryprivate key I<priv>. 15*b077aed3SPierre Pronchery 16*b077aed3SPierre ProncheryNo additional parameters can be set during key generation. 17*b077aed3SPierre Pronchery 18*b077aed3SPierre Pronchery 19*b077aed3SPierre Pronchery=head2 Common X25519, X448, ED25519 and ED448 parameters 20*b077aed3SPierre Pronchery 21*b077aed3SPierre ProncheryIn addition to the common parameters that all keytypes should support (see 22*b077aed3SPierre ProncheryL<provider-keymgmt(7)/Common parameters>), the implementation of these keytypes 23*b077aed3SPierre Proncherysupport the following. 24*b077aed3SPierre Pronchery 25*b077aed3SPierre Pronchery=over 4 26*b077aed3SPierre Pronchery 27*b077aed3SPierre Pronchery=item "group" (B<OSSL_PKEY_PARAM_GROUP_NAME>) <UTF8 string> 28*b077aed3SPierre Pronchery 29*b077aed3SPierre ProncheryThis is only supported by X25519 and X448. The group name must be "x25519" or 30*b077aed3SPierre Pronchery"x448" respectively for those algorithms. This is only present for consistency 31*b077aed3SPierre Proncherywith other key exchange algorithms and is typically not needed. 32*b077aed3SPierre Pronchery 33*b077aed3SPierre Pronchery=item "pub" (B<OSSL_PKEY_PARAM_PUB_KEY>) <octet string> 34*b077aed3SPierre Pronchery 35*b077aed3SPierre ProncheryThe public key value. 36*b077aed3SPierre Pronchery 37*b077aed3SPierre Pronchery=item "priv" (B<OSSL_PKEY_PARAM_PRIV_KEY>) <octet string> 38*b077aed3SPierre Pronchery 39*b077aed3SPierre ProncheryThe private key value. 40*b077aed3SPierre Pronchery 41*b077aed3SPierre Pronchery=item "encoded-pub-key" (B<OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY>) <octet string> 42*b077aed3SPierre Pronchery 43*b077aed3SPierre ProncheryUsed for getting and setting the encoding of a public key for the B<X25519> and 44*b077aed3SPierre ProncheryB<X448> key types. Public keys are expected be encoded in a format as defined by 45*b077aed3SPierre ProncheryRFC7748. 46*b077aed3SPierre Pronchery 47*b077aed3SPierre Pronchery=back 48*b077aed3SPierre Pronchery 49*b077aed3SPierre Pronchery=head2 ED25519 and ED448 parameters 50*b077aed3SPierre Pronchery 51*b077aed3SPierre Pronchery=over 4 52*b077aed3SPierre Pronchery 53*b077aed3SPierre Pronchery=item "mandatory-digest" (B<OSSL_PKEY_PARAM_MANDATORY_DIGEST>) <UTF8 string> 54*b077aed3SPierre Pronchery 55*b077aed3SPierre ProncheryThe empty string, signifying that no digest may be specified. 56*b077aed3SPierre Pronchery 57*b077aed3SPierre Pronchery=back 58*b077aed3SPierre Pronchery 59*b077aed3SPierre Pronchery=head1 CONFORMING TO 60*b077aed3SPierre Pronchery 61*b077aed3SPierre Pronchery=over 4 62*b077aed3SPierre Pronchery 63*b077aed3SPierre Pronchery=item RFC 8032 64*b077aed3SPierre Pronchery 65*b077aed3SPierre Pronchery=item RFC 8410 66*b077aed3SPierre Pronchery 67*b077aed3SPierre Pronchery=back 68*b077aed3SPierre Pronchery 69*b077aed3SPierre Pronchery=head1 EXAMPLES 70*b077aed3SPierre Pronchery 71*b077aed3SPierre ProncheryAn B<EVP_PKEY> context can be obtained by calling: 72*b077aed3SPierre Pronchery 73*b077aed3SPierre Pronchery EVP_PKEY_CTX *pctx = 74*b077aed3SPierre Pronchery EVP_PKEY_CTX_new_from_name(NULL, "X25519", NULL); 75*b077aed3SPierre Pronchery 76*b077aed3SPierre Pronchery EVP_PKEY_CTX *pctx = 77*b077aed3SPierre Pronchery EVP_PKEY_CTX_new_from_name(NULL, "X448", NULL); 78*b077aed3SPierre Pronchery 79*b077aed3SPierre Pronchery EVP_PKEY_CTX *pctx = 80*b077aed3SPierre Pronchery EVP_PKEY_CTX_new_from_name(NULL, "ED25519", NULL); 81*b077aed3SPierre Pronchery 82*b077aed3SPierre Pronchery EVP_PKEY_CTX *pctx = 83*b077aed3SPierre Pronchery EVP_PKEY_CTX_new_from_name(NULL, "ED448", NULL); 84*b077aed3SPierre Pronchery 85*b077aed3SPierre ProncheryAn B<X25519> key can be generated like this: 86*b077aed3SPierre Pronchery 87*b077aed3SPierre Pronchery pkey = EVP_PKEY_Q_keygen(NULL, NULL, "X25519"); 88*b077aed3SPierre Pronchery 89*b077aed3SPierre ProncheryAn B<X448>, B<ED25519>, or B<ED448> key can be generated likewise. 90*b077aed3SPierre Pronchery 91*b077aed3SPierre Pronchery=head1 SEE ALSO 92*b077aed3SPierre Pronchery 93*b077aed3SPierre ProncheryL<EVP_KEYMGMT(3)>, L<EVP_PKEY(3)>, L<provider-keymgmt(7)>, 94*b077aed3SPierre ProncheryL<EVP_KEYEXCH-X25519(7)>, L<EVP_KEYEXCH-X448(7)>, 95*b077aed3SPierre ProncheryL<EVP_SIGNATURE-ED25519(7)>, L<EVP_SIGNATURE-ED448(7)> 96*b077aed3SPierre Pronchery 97*b077aed3SPierre Pronchery=head1 COPYRIGHT 98*b077aed3SPierre Pronchery 99*b077aed3SPierre ProncheryCopyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved. 100*b077aed3SPierre Pronchery 101*b077aed3SPierre ProncheryLicensed under the Apache License 2.0 (the "License"). You may not use 102*b077aed3SPierre Proncherythis file except in compliance with the License. You can obtain a copy 103*b077aed3SPierre Proncheryin the file LICENSE in the source distribution or at 104*b077aed3SPierre ProncheryL<https://www.openssl.org/source/license.html>. 105*b077aed3SPierre Pronchery 106*b077aed3SPierre Pronchery=cut 107