Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
EVP_PKEY-X25519(7)		    OpenSSL		    EVP_PKEY-X25519(7)

NAME
       EVP_PKEY-X25519,	EVP_PKEY-X448, EVP_PKEY-ED25519, EVP_PKEY-ED448,
       EVP_KEYMGMT-X25519, EVP_KEYMGMT-X448, EVP_KEYMGMT-ED25519,
       EVP_KEYMGMT-ED448 - EVP_PKEY X25519, X448, ED25519 and ED448 keytype
       and algorithm support

DESCRIPTION
       The X25519, X448, ED25519 and ED448 keytypes are	implemented in
       OpenSSL's default and FIPS providers.  These implementations support
       the associated key, containing the public key pub and the private key
       priv.

       In the FIPS provider they are non-approved algorithms and do not	have
       the "fips=yes" property set.  No	additional parameters can be set
       during key generation.

   Common X25519, X448,	ED25519	and ED448 parameters
       In addition to the common parameters that all keytypes should support
       (see "Common parameters"	in provider-keymgmt(7)), the implementation of
       these keytypes support the following.

       "group" (OSSL_PKEY_PARAM_GROUP_NAME) <UTF8 string>
	   This	is only	supported by X25519 and	X448. The group	name must be
	   "x25519" or "x448" respectively for those algorithms. This is only
	   present for consistency with	other key exchange algorithms and is
	   typically not needed.

       "pub" (OSSL_PKEY_PARAM_PUB_KEY) <octet string>
	   The public key value.

       "priv" (OSSL_PKEY_PARAM_PRIV_KEY) <octet	string>
	   The private key value.

       "tls-encoded-pt"	(OSSL_PKEY_PARAM_TLS_ENCODED_PT) <octet	string>
	   Used	for getting and	setting	the encoding of	the public key used in
	   a key exchange message for the TLS protocol.

   ED25519 and ED448 parameters
       "mandatory-digest" (OSSL_PKEY_PARAM_MANDATORY_DIGEST) <utf8 string>
	   The empty string, signifying	that no	digest may be specified.

CONFORMING TO
       RFC 8032
       RFC 8410

EXAMPLES
       An EVP_PKEY context can be obtained by calling:

	   EVP_PKEY_CTX	*pctx =
	       EVP_PKEY_CTX_new_from_name(NULL,	"X25519", NULL);

	   EVP_PKEY_CTX	*pctx =
	       EVP_PKEY_CTX_new_from_name(NULL,	"X448",	NULL);

	   EVP_PKEY_CTX	*pctx =
	       EVP_PKEY_CTX_new_from_name(NULL,	"ED25519", NULL);

	   EVP_PKEY_CTX	*pctx =
	       EVP_PKEY_CTX_new_from_name(NULL,	"ED448", NULL);

       An ED25519 key can be generated like this:

	   EVP_PKEY *pkey = NULL;
	   EVP_PKEY_CTX	*pctx =
	       EVP_PKEY_CTX_new_from_name(NULL,	"ED25519", NULL);

	   EVP_PKEY_keygen_init(pctx);
	   EVP_PKEY_gen(pctx, &pkey);
	   EVP_PKEY_CTX_free(pctx);

       An X25519 key can be generated in a similar way:

	   EVP_PKEY *pkey = NULL;
	   EVP_PKEY_CTX	*pctx =
	       EVP_PKEY_CTX_new_from_name(NULL,	"X25519", NULL);

	   EVP_PKEY_keygen_init(pctx);
	   EVP_PKEY_gen(pctx, &pkey);
	   EVP_PKEY_CTX_free(pctx);

SEE ALSO
       EVP_KEYMGMT(3), EVP_PKEY(3), provider-keymgmt(7),
       EVP_KEYEXCH-X25519(7), EVP_KEYEXCH-X448(7), EVP_SIGNATURE-ED25519(7),
       EVP_SIGNATURE-ED448(7)

COPYRIGHT
       Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.

       Licensed	under the Apache License 2.0 (the "License").  You may not use
       this file except	in compliance with the License.	 You can obtain	a copy
       in the file LICENSE in the source distribution or at
       <https://www.openssl.org/source/license.html>.

3.0.0-alpha6			  2020-08-06		    EVP_PKEY-X25519(7)

NAME | DESCRIPTION | CONFORMING TO | EXAMPLES | SEE ALSO | COPYRIGHT

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=EVP_PKEY-X25519&sektion=7&manpath=FreeBSD+12.2-RELEASE+and+Ports>

home | help