1EVP_PKEY-X25519(7ossl)              OpenSSL             EVP_PKEY-X25519(7ossl)
2
3
4

NAME

6       EVP_PKEY-X25519, EVP_PKEY-X448, EVP_PKEY-ED25519, EVP_PKEY-ED448,
7       EVP_KEYMGMT-X25519, EVP_KEYMGMT-X448, EVP_KEYMGMT-ED25519,
8       EVP_KEYMGMT-ED448 - EVP_PKEY X25519, X448, ED25519 and ED448 keytype
9       and algorithm support
10

DESCRIPTION

12       The X25519, X448, ED25519 and ED448 keytypes are implemented in
13       OpenSSL's default and FIPS providers.  These implementations support
14       the associated key, containing the public key pub and the private key
15       priv.
16
17       No additional parameters can be set during key generation.
18
19   Common X25519, X448, ED25519 and ED448 parameters
20       In addition to the common parameters that all keytypes should support
21       (see "Common parameters" in provider-keymgmt(7)), the implementation of
22       these keytypes support the following.
23
24       "group" (OSSL_PKEY_PARAM_GROUP_NAME) <UTF8 string>
25           This is only supported by X25519 and X448. The group name must be
26           "x25519" or "x448" respectively for those algorithms. This is only
27           present for consistency with other key exchange algorithms and is
28           typically not needed.
29
30       "pub" (OSSL_PKEY_PARAM_PUB_KEY) <octet string>
31           The public key value.
32
33       "priv" (OSSL_PKEY_PARAM_PRIV_KEY) <octet string>
34           The private key value.
35
36       "encoded-pub-key" (OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY) <octet string>
37           Used for getting and setting the encoding of a public key for the
38           X25519 and X448 key types. Public keys are expected be encoded in a
39           format as defined by RFC7748.
40
41   ED25519 and ED448 parameters
42       "mandatory-digest" (OSSL_PKEY_PARAM_MANDATORY_DIGEST) <UTF8 string>
43           The empty string, signifying that no digest may be specified.
44

CONFORMING TO

46       RFC 8032
47       RFC 8410
48

EXAMPLES

50       An EVP_PKEY context can be obtained by calling:
51
52           EVP_PKEY_CTX *pctx =
53               EVP_PKEY_CTX_new_from_name(NULL, "X25519", NULL);
54
55           EVP_PKEY_CTX *pctx =
56               EVP_PKEY_CTX_new_from_name(NULL, "X448", NULL);
57
58           EVP_PKEY_CTX *pctx =
59               EVP_PKEY_CTX_new_from_name(NULL, "ED25519", NULL);
60
61           EVP_PKEY_CTX *pctx =
62               EVP_PKEY_CTX_new_from_name(NULL, "ED448", NULL);
63
64       An X25519 key can be generated like this:
65
66           pkey = EVP_PKEY_Q_keygen(NULL, NULL, "X25519");
67
68       An X448, ED25519, or ED448 key can be generated likewise.
69

SEE ALSO

71       EVP_KEYMGMT(3), EVP_PKEY(3), provider-keymgmt(7),
72       EVP_KEYEXCH-X25519(7), EVP_KEYEXCH-X448(7), EVP_SIGNATURE-ED25519(7),
73       EVP_SIGNATURE-ED448(7)
74
76       Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
77
78       Licensed under the Apache License 2.0 (the "License").  You may not use
79       this file except in compliance with the License.  You can obtain a copy
80       in the file LICENSE in the source distribution or at
81       <https://www.openssl.org/source/license.html>.
82
83
84
853.0.5                             2022-07-05            EVP_PKEY-X25519(7ossl)
Impressum