openssl/doc/man7/EVP_PKEY-X25519.pod

=pod

=head1 NAME

EVP_PKEY-X25519, EVP_PKEY-X448, EVP_PKEY-ED25519, EVP_PKEY-ED448,
EVP_KEYMGMT-X25519, EVP_KEYMGMT-X448, EVP_KEYMGMT-ED25519, EVP_KEYMGMT-ED448
- EVP_PKEY X25519, X448, ED25519 and ED448 keytype and algorithm support

=head1 DESCRIPTION

The B<X25519>, B<X448>, B<ED25519> and B<ED448> keytypes are
implemented in OpenSSL's default and FIPS providers.  These implementations
support the associated key, containing the public key I<pub> and the
private key I<priv>.

In the FIPS provider they are non-approved algorithms and do not have the
"fips=yes" property set.
No additional parameters can be set during key generation.


=head2 Common X25519, X448, ED25519 and ED448 parameters

In addition to the common parameters that all keytypes should support (see
L<provider-keymgmt(7)/Common parameters>), the implementation of these keytypes
support the following.

=over 4

=item "group" (B<OSSL_PKEY_PARAM_GROUP_NAME>) <UTF8 string>

This is only supported by X25519 and X448. The group name must be "x25519" or
"x448" respectively for those algorithms. This is only present for consistency
with other key exchange algorithms and is typically not needed.

=item "pub" (B<OSSL_PKEY_PARAM_PUB_KEY>) <octet string>

The public key value.

=item "priv" (B<OSSL_PKEY_PARAM_PRIV_KEY>) <octet string>

The private key value.

=item "tls-encoded-pt" (B<OSSL_PKEY_PARAM_TLS_ENCODED_PT>) <octet string>

Used for getting and setting the encoding of the public key used in a key exchange
message for the TLS protocol.

=back

=head2 ED25519 and ED448 parameters

=over 4

=item "mandatory-digest" (B<OSSL_PKEY_PARAM_MANDATORY_DIGEST>) <utf8 string>

The empty string, signifying that no digest may be specified.

=back

=head1 CONFORMING TO

=over 4

=item RFC 8032

=item RFC 8410

=back

=head1 EXAMPLES

An B<EVP_PKEY> context can be obtained by calling:

    EVP_PKEY_CTX *pctx =
        EVP_PKEY_CTX_new_from_name(NULL, "X25519", NULL);

    EVP_PKEY_CTX *pctx =
        EVP_PKEY_CTX_new_from_name(NULL, "X448", NULL);

    EVP_PKEY_CTX *pctx =
        EVP_PKEY_CTX_new_from_name(NULL, "ED25519", NULL);

    EVP_PKEY_CTX *pctx =
        EVP_PKEY_CTX_new_from_name(NULL, "ED448", NULL);

An B<ED25519> key can be generated like this:

    EVP_PKEY *pkey = NULL;
    EVP_PKEY_CTX *pctx =
        EVP_PKEY_CTX_new_from_name(NULL, "ED25519", NULL);

    EVP_PKEY_keygen_init(pctx);
    EVP_PKEY_gen(pctx, &pkey);
    EVP_PKEY_CTX_free(pctx);

An B<X25519> key can be generated in a similar way:

    EVP_PKEY *pkey = NULL;
    EVP_PKEY_CTX *pctx =
        EVP_PKEY_CTX_new_from_name(NULL, "X25519", NULL);

    EVP_PKEY_keygen_init(pctx);
    EVP_PKEY_gen(pctx, &pkey);
    EVP_PKEY_CTX_free(pctx);

=head1 SEE ALSO

L<EVP_KEYMGMT(3)>, L<EVP_PKEY(3)>, L<provider-keymgmt(7)>,
L<EVP_KEYEXCH-X25519(7)>, L<EVP_KEYEXCH-X448(7)>,
L<EVP_SIGNATURE-ED25519(7)>, L<EVP_SIGNATURE-ED448(7)>

=head1 COPYRIGHT

Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License").  You may not use
this file except in compliance with the License.  You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.

=cut
DOC: Refactor provider-keymgmt(7) to give the keytypes their own pages Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11546) 2020-04-15 01:06:12 +08:00			`=pod`

			`=head1 NAME`

			`EVP_PKEY-X25519, EVP_PKEY-X448, EVP_PKEY-ED25519, EVP_PKEY-ED448,`
			`EVP_KEYMGMT-X25519, EVP_KEYMGMT-X448, EVP_KEYMGMT-ED25519, EVP_KEYMGMT-ED448`
			`- EVP_PKEY X25519, X448, ED25519 and ED448 keytype and algorithm support`

			`=head1 DESCRIPTION`

			`The B<X25519>, B<X448>, B<ED25519> and B<ED448> keytypes are`
doc: remove deprecation notes for apps that are staying. The apps that are staying are: dhparam, dsa, dsaparam, ec, ecparam, gendsa and rsa. The rsautl app remains deprecated. The -dsaparam option to dhparam also remains deprecated. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11575) 2020-04-20 15:22:41 +08:00			`implemented in OpenSSL's default and FIPS providers. These implementations`
			`support the associated key, containing the public key I<pub> and the`
			`private key I<priv>.`

			`In the FIPS provider they are non-approved algorithms and do not have the`
			`"fips=yes" property set.`
Update core_names.h fields and document most fields. Renamed some values in core_names i.e Some DH specific names were changed to use DH instead of FFC. Added some strings values related to RSA keys. Moved set_params related docs out of EVP_PKEY_CTX_ctrl.pod into its own file. Updated Keyexchange and signature code and docs. Moved some common DSA/DH docs into a shared EVP_PKEY-FFC.pod. Moved Ed25519.pod into EVP_SIGNATURE-ED25519.pod and reworked it. Added some usage examples. As a result of the usage examples the following change was also made: ec allows OSSL_PKEY_PARAM_USE_COFACTOR_ECDH as a settable gen parameter. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11610) 2020-05-26 11:53:07 +08:00			`No additional parameters can be set during key generation.`

DOC: Refactor provider-keymgmt(7) to give the keytypes their own pages Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11546) 2020-04-15 01:06:12 +08:00
			`=head2 Common X25519, X448, ED25519 and ED448 parameters`

doc: remove deprecation notes for apps that are staying. The apps that are staying are: dhparam, dsa, dsaparam, ec, ecparam, gendsa and rsa. The rsautl app remains deprecated. The -dsaparam option to dhparam also remains deprecated. Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11575) 2020-04-20 15:22:41 +08:00			`In addition to the common parameters that all keytypes should support (see`
			`L<provider-keymgmt(7)/Common parameters>), the implementation of these keytypes`
			`support the following.`
DOC: Refactor provider-keymgmt(7) to give the keytypes their own pages Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11546) 2020-04-15 01:06:12 +08:00
			`=over 4`

Add some missing OSSL_PKEY_PARAM_GROUP_NAME documentation Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11914) 2020-05-21 23:16:41 +08:00			`=item "group" (B<OSSL_PKEY_PARAM_GROUP_NAME>) <UTF8 string>`

			`This is only supported by X25519 and X448. The group name must be "x25519" or`
Fix typos and repeated words CLA: trivial Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/12320) 2020-06-30 03:13:07 +08:00			`"x448" respectively for those algorithms. This is only present for consistency`
Add some missing OSSL_PKEY_PARAM_GROUP_NAME documentation Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11914) 2020-05-21 23:16:41 +08:00			`with other key exchange algorithms and is typically not needed.`

DOC: Refactor provider-keymgmt(7) to give the keytypes their own pages Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11546) 2020-04-15 01:06:12 +08:00			`=item "pub" (B<OSSL_PKEY_PARAM_PUB_KEY>) <octet string>`

			`The public key value.`

			`=item "priv" (B<OSSL_PKEY_PARAM_PRIV_KEY>) <octet string>`

			`The private key value.`

Make EVP_PKEY_[get1\|set1]_tls_encodedpoint work with provided keys EVP_PKEY_[get1\|set1]_tls_encodedpoint() only worked if an ameth was present which isn't the case for provided keys. Support has been added to dh, ec and ecx keys. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11898) 2020-05-20 23:20:27 +08:00			`=item "tls-encoded-pt" (B<OSSL_PKEY_PARAM_TLS_ENCODED_PT>) <octet string>`

			`Used for getting and setting the encoding of the public key used in a key exchange`
			`message for the TLS protocol.`

DOC: Refactor provider-keymgmt(7) to give the keytypes their own pages Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11546) 2020-04-15 01:06:12 +08:00			`=back`

PROV: Ensure that ED25519 & ED448 keys have a mandatory digest This adds handling of the parameter "mandatory-digest" and responds with an empty string, meaning that no digest may be used. Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11576) 2020-04-20 15:29:47 +08:00			`=head2 ED25519 and ED448 parameters`

			`=over 4`

			`=item "mandatory-digest" (B<OSSL_PKEY_PARAM_MANDATORY_DIGEST>) <utf8 string>`

			`The empty string, signifying that no digest may be specified.`

			`=back`

DOC: Refactor provider-keymgmt(7) to give the keytypes their own pages Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11546) 2020-04-15 01:06:12 +08:00			`=head1 CONFORMING TO`

			`=over 4`

			`=item RFC 8032`

Update core_names.h fields and document most fields. Renamed some values in core_names i.e Some DH specific names were changed to use DH instead of FFC. Added some strings values related to RSA keys. Moved set_params related docs out of EVP_PKEY_CTX_ctrl.pod into its own file. Updated Keyexchange and signature code and docs. Moved some common DSA/DH docs into a shared EVP_PKEY-FFC.pod. Moved Ed25519.pod into EVP_SIGNATURE-ED25519.pod and reworked it. Added some usage examples. As a result of the usage examples the following change was also made: ec allows OSSL_PKEY_PARAM_USE_COFACTOR_ECDH as a settable gen parameter. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11610) 2020-05-26 11:53:07 +08:00			`=item RFC 8410`

DOC: Refactor provider-keymgmt(7) to give the keytypes their own pages Reviewed-by: Paul Dale <paul.dale@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11546) 2020-04-15 01:06:12 +08:00			`=back`

			`=head1 EXAMPLES`

			`An B<EVP_PKEY> context can be obtained by calling:`

			`EVP_PKEY_CTX *pctx =`
			`EVP_PKEY_CTX_new_from_name(NULL, "X25519", NULL);`

			`EVP_PKEY_CTX *pctx =`
			`EVP_PKEY_CTX_new_from_name(NULL, "X448", NULL);`

			`EVP_PKEY_CTX *pctx =`
			`EVP_PKEY_CTX_new_from_name(NULL, "ED25519", NULL);`

			`EVP_PKEY_CTX *pctx =`
			`EVP_PKEY_CTX_new_from_name(NULL, "ED448", NULL);`

			`An B<ED25519> key can be generated like this:`

			`EVP_PKEY *pkey = NULL;`
			`EVP_PKEY_CTX *pctx =`
			`EVP_PKEY_CTX_new_from_name(NULL, "ED25519", NULL);`

			`EVP_PKEY_keygen_init(pctx);`
			`EVP_PKEY_gen(pctx, &pkey);`
			`EVP_PKEY_CTX_free(pctx);`

			`An B<X25519> key can be generated in a similar way:`

			`EVP_PKEY *pkey = NULL;`
			`EVP_PKEY_CTX *pctx =`
			`EVP_PKEY_CTX_new_from_name(NULL, "X25519", NULL);`

			`EVP_PKEY_keygen_init(pctx);`
			`EVP_PKEY_gen(pctx, &pkey);`
			`EVP_PKEY_CTX_free(pctx);`

			`=head1 SEE ALSO`

			`L<EVP_KEYMGMT(3)>, L<EVP_PKEY(3)>, L<provider-keymgmt(7)>,`
			`L<EVP_KEYEXCH-X25519(7)>, L<EVP_KEYEXCH-X448(7)>,`
			`L<EVP_SIGNATURE-ED25519(7)>, L<EVP_SIGNATURE-ED448(7)>`

			`=head1 COPYRIGHT`

			`Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.`

			`Licensed under the Apache License 2.0 (the "License"). You may not use`
			`this file except in compliance with the License. You can obtain a copy`
			`in the file LICENSE in the source distribution or at`
			`L<https://www.openssl.org/source/license.html>.`

			`=cut`