1=pod 2 3=head1 NAME 4 5X25519, 6X448 7- EVP_PKEY X25519 and X448 support 8 9=head1 DESCRIPTION 10 11The B<X25519> and B<X448> EVP_PKEY implementation supports key generation and 12key derivation using B<X25519> and B<X448>. It has associated private and public 13key formats compatible with RFC 8410. 14 15No additional parameters can be set during key generation. 16 17The peer public key must be set using EVP_PKEY_derive_set_peer() when 18performing key derivation. 19 20=head1 NOTES 21 22A context for the B<X25519> algorithm can be obtained by calling: 23 24 EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_X25519, NULL); 25 26For the B<X448> algorithm a context can be obtained by calling: 27 28 EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_X448, NULL); 29 30X25519 or X448 private keys can be set directly using 31L<EVP_PKEY_new_raw_private_key(3)> or loaded from a PKCS#8 private key file 32using L<PEM_read_bio_PrivateKey(3)> (or similar function). Completely new keys 33can also be generated (see the example below). Setting a private key also sets 34the associated public key. 35 36X25519 or X448 public keys can be set directly using 37L<EVP_PKEY_new_raw_public_key(3)> or loaded from a SubjectPublicKeyInfo 38structure in a PEM file using L<PEM_read_bio_PUBKEY(3)> (or similar function). 39 40=head1 EXAMPLES 41 42This example generates an B<X25519> private key and writes it to standard 43output in PEM format: 44 45 #include <openssl/evp.h> 46 #include <openssl/pem.h> 47 ... 48 EVP_PKEY *pkey = NULL; 49 EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_X25519, NULL); 50 EVP_PKEY_keygen_init(pctx); 51 EVP_PKEY_keygen(pctx, &pkey); 52 EVP_PKEY_CTX_free(pctx); 53 PEM_write_PrivateKey(stdout, pkey, NULL, NULL, 0, NULL, NULL); 54 55The key derivation example in L<EVP_PKEY_derive(3)> can be used with 56B<X25519> and B<X448>. 57 58=head1 SEE ALSO 59 60L<EVP_PKEY_CTX_new(3)>, 61L<EVP_PKEY_keygen(3)>, 62L<EVP_PKEY_derive(3)>, 63L<EVP_PKEY_derive_set_peer(3)> 64 65=head1 COPYRIGHT 66 67Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved. 68 69Licensed under the Apache License 2.0 (the "License"). You may not use 70this file except in compliance with the License. You can obtain a copy 71in the file LICENSE in the source distribution or at 72L<https://www.openssl.org/source/license.html>. 73 74=cut 75