xref: /openssl/doc/man7/EVP_PKEY-X25519.pod (revision 474294cb) 
1=pod
2
3=head1 NAME
4
5EVP_PKEY-X25519, EVP_PKEY-X448, EVP_PKEY-ED25519, EVP_PKEY-ED448,
6EVP_KEYMGMT-X25519, EVP_KEYMGMT-X448, EVP_KEYMGMT-ED25519, EVP_KEYMGMT-ED448
7- EVP_PKEY X25519, X448, ED25519 and ED448 keytype and algorithm support
8
9=head1 DESCRIPTION
10
11The B<X25519>, B<X448>, B<ED25519> and B<ED448> keytypes are
12implemented in OpenSSL's default and FIPS providers.  These implementations
13support the associated key, containing the public key I<pub> and the
14private key I<priv>.
15
16No additional parameters can be set during key generation.
17
18
19=head2 Common X25519, X448, ED25519 and ED448 parameters
20
21In addition to the common parameters that all keytypes should support (see
22L<provider-keymgmt(7)/Common parameters>), the implementation of these keytypes
23support the following.
24
25=over 4
26
27=item "group" (B<OSSL_PKEY_PARAM_GROUP_NAME>) <UTF8 string>
28
29This is only supported by X25519 and X448. The group name must be "x25519" or
30"x448" respectively for those algorithms. This is only present for consistency
31with other key exchange algorithms and is typically not needed.
32
33=item "pub" (B<OSSL_PKEY_PARAM_PUB_KEY>) <octet string>
34
35The public key value.
36
37=item "priv" (B<OSSL_PKEY_PARAM_PRIV_KEY>) <octet string>
38
39The private key value.
40
41=item "encoded-pub-key" (B<OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY>) <octet string>
42
43Used for getting and setting the encoding of a public key for the B<X25519> and
44B<X448> key types. Public keys are expected be encoded in a format as defined by
45RFC7748.
46
47=back
48
49=head2 ED25519 and ED448 parameters
50
51=over 4
52
53=item "mandatory-digest" (B<OSSL_PKEY_PARAM_MANDATORY_DIGEST>) <UTF8 string>
54
55The empty string, signifying that no digest may be specified.
56
57=back
58
59=head1 CONFORMING TO
60
61=over 4
62
63=item RFC 8032
64
65=item RFC 8410
66
67=back
68
69=head1 EXAMPLES
70
71An B<EVP_PKEY> context can be obtained by calling:
72
73    EVP_PKEY_CTX *pctx =
74        EVP_PKEY_CTX_new_from_name(NULL, "X25519", NULL);
75
76    EVP_PKEY_CTX *pctx =
77        EVP_PKEY_CTX_new_from_name(NULL, "X448", NULL);
78
79    EVP_PKEY_CTX *pctx =
80        EVP_PKEY_CTX_new_from_name(NULL, "ED25519", NULL);
81
82    EVP_PKEY_CTX *pctx =
83        EVP_PKEY_CTX_new_from_name(NULL, "ED448", NULL);
84
85An B<X25519> key can be generated like this:
86
87    pkey = EVP_PKEY_Q_keygen(NULL, NULL, "X25519");
88
89An B<X448>, B<ED25519>, or B<ED448> key can be generated likewise.
90
91=head1 SEE ALSO
92
93L<EVP_KEYMGMT(3)>, L<EVP_PKEY(3)>, L<provider-keymgmt(7)>,
94L<EVP_KEYEXCH-X25519(7)>, L<EVP_KEYEXCH-X448(7)>,
95L<EVP_SIGNATURE-ED25519(7)>, L<EVP_SIGNATURE-ED448(7)>
96
97=head1 COPYRIGHT
98
99Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
100
101Licensed under the Apache License 2.0 (the "License").  You may not use
102this file except in compliance with the License.  You can obtain a copy
103in the file LICENSE in the source distribution or at
104L<https://www.openssl.org/source/license.html>.
105
106=cut
107