1e71b7053SJung-uk Kim=pod 2e71b7053SJung-uk Kim 3e71b7053SJung-uk Kim=head1 NAME 4e71b7053SJung-uk Kim 5*b077aed3SPierre ProncheryEVP_PKEY_Q_keygen, 6*b077aed3SPierre ProncheryEVP_PKEY_keygen_init, EVP_PKEY_paramgen_init, EVP_PKEY_generate, 7*b077aed3SPierre ProncheryEVP_PKEY_CTX_set_cb, EVP_PKEY_CTX_get_cb, 8e71b7053SJung-uk KimEVP_PKEY_CTX_get_keygen_info, EVP_PKEY_CTX_set_app_data, 9e71b7053SJung-uk KimEVP_PKEY_CTX_get_app_data, 10*b077aed3SPierre ProncheryEVP_PKEY_gen_cb, 11*b077aed3SPierre ProncheryEVP_PKEY_paramgen, EVP_PKEY_keygen 12e71b7053SJung-uk Kim- key and parameter generation and check functions 13e71b7053SJung-uk Kim 14e71b7053SJung-uk Kim=head1 SYNOPSIS 15e71b7053SJung-uk Kim 16e71b7053SJung-uk Kim #include <openssl/evp.h> 17e71b7053SJung-uk Kim 18*b077aed3SPierre Pronchery EVP_PKEY *EVP_PKEY_Q_keygen(OSSL_LIB_CTX *libctx, const char *propq, 19*b077aed3SPierre Pronchery const char *type, ...); 20*b077aed3SPierre Pronchery 21e71b7053SJung-uk Kim int EVP_PKEY_keygen_init(EVP_PKEY_CTX *ctx); 22e71b7053SJung-uk Kim int EVP_PKEY_paramgen_init(EVP_PKEY_CTX *ctx); 23*b077aed3SPierre Pronchery int EVP_PKEY_generate(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey); 24e71b7053SJung-uk Kim int EVP_PKEY_paramgen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey); 25*b077aed3SPierre Pronchery int EVP_PKEY_keygen(EVP_PKEY_CTX *ctx, EVP_PKEY **ppkey); 26e71b7053SJung-uk Kim 27e71b7053SJung-uk Kim typedef int EVP_PKEY_gen_cb(EVP_PKEY_CTX *ctx); 28e71b7053SJung-uk Kim 29e71b7053SJung-uk Kim void EVP_PKEY_CTX_set_cb(EVP_PKEY_CTX *ctx, EVP_PKEY_gen_cb *cb); 30e71b7053SJung-uk Kim EVP_PKEY_gen_cb *EVP_PKEY_CTX_get_cb(EVP_PKEY_CTX *ctx); 31e71b7053SJung-uk Kim 32e71b7053SJung-uk Kim int EVP_PKEY_CTX_get_keygen_info(EVP_PKEY_CTX *ctx, int idx); 33e71b7053SJung-uk Kim 34e71b7053SJung-uk Kim void EVP_PKEY_CTX_set_app_data(EVP_PKEY_CTX *ctx, void *data); 35e71b7053SJung-uk Kim void *EVP_PKEY_CTX_get_app_data(EVP_PKEY_CTX *ctx); 36e71b7053SJung-uk Kim 37e71b7053SJung-uk Kim=head1 DESCRIPTION 38e71b7053SJung-uk Kim 39*b077aed3SPierre ProncheryGenerating keys is sometimes straight forward, just generate the key's 40*b077aed3SPierre Proncherynumbers and be done with it. However, there are certain key types that need 41*b077aed3SPierre Proncherykey parameters, often called domain parameters but not necessarily limited 42*b077aed3SPierre Proncheryto that, that also need to be generated. In addition to this, the caller 43*b077aed3SPierre Proncherymay want to set user provided generation parameters that further affect key 44*b077aed3SPierre Proncheryparameter or key generation, such as the desired key size. 45e71b7053SJung-uk Kim 46*b077aed3SPierre ProncheryTo flexibly allow all that's just been described, key parameter and key 47*b077aed3SPierre Proncherygeneration is divided into an initialization of a key algorithm context, 48*b077aed3SPierre Proncheryfunctions to set user provided parameters, and finally the key parameter or 49*b077aed3SPierre Proncherykey generation function itself. 50e71b7053SJung-uk Kim 51*b077aed3SPierre ProncheryThe key algorithm context must be created using L<EVP_PKEY_CTX_new(3)> or 52*b077aed3SPierre Proncheryvariants thereof, see that manual for details. 53*b077aed3SPierre Pronchery 54*b077aed3SPierre ProncheryEVP_PKEY_keygen_init() initializes a public key algorithm context I<ctx> 55*b077aed3SPierre Proncheryfor a key generation operation. 56*b077aed3SPierre Pronchery 57*b077aed3SPierre ProncheryEVP_PKEY_paramgen_init() is similar to EVP_PKEY_keygen_init() except key 58*b077aed3SPierre Proncheryparameters are generated. 59*b077aed3SPierre Pronchery 60*b077aed3SPierre ProncheryAfter initialization, generation parameters may be provided with 61*b077aed3SPierre ProncheryL<EVP_PKEY_CTX_ctrl(3)> or L<EVP_PKEY_CTX_set_params(3)>, or any other 62*b077aed3SPierre Proncheryfunction described in those manuals. 63*b077aed3SPierre Pronchery 64*b077aed3SPierre ProncheryEVP_PKEY_generate() performs the generation operation, the resulting key 65*b077aed3SPierre Proncheryparameters or key are written to I<*ppkey>. If I<*ppkey> is NULL when this 66*b077aed3SPierre Proncheryfunction is called, it will be allocated, and should be freed by the caller 67*b077aed3SPierre Proncherywhen no longer useful, using L<EVP_PKEY_free(3)>. 68*b077aed3SPierre Pronchery 69*b077aed3SPierre ProncheryEVP_PKEY_paramgen() and EVP_PKEY_keygen() do exactly the same thing as 70*b077aed3SPierre ProncheryEVP_PKEY_generate(), after checking that the corresponding EVP_PKEY_paramgen_init() 71*b077aed3SPierre Proncheryor EVP_PKEY_keygen_init() was used to initialize I<ctx>. 72*b077aed3SPierre ProncheryThese are older functions that are kept for backward compatibility. 73*b077aed3SPierre ProncheryIt is safe to use EVP_PKEY_generate() instead. 74e71b7053SJung-uk Kim 75e71b7053SJung-uk KimThe function EVP_PKEY_set_cb() sets the key or parameter generation callback 76*b077aed3SPierre Proncheryto I<cb>. The function EVP_PKEY_CTX_get_cb() returns the key or parameter 77e71b7053SJung-uk Kimgeneration callback. 78e71b7053SJung-uk Kim 79e71b7053SJung-uk KimThe function EVP_PKEY_CTX_get_keygen_info() returns parameters associated 80*b077aed3SPierre Proncherywith the generation operation. If I<idx> is -1 the total number of 81e71b7053SJung-uk Kimparameters available is returned. Any non negative value returns the value of 8258f35182SJung-uk Kimthat parameter. EVP_PKEY_CTX_gen_keygen_info() with a nonnegative value for 83*b077aed3SPierre ProncheryI<idx> should only be called within the generation callback. 84e71b7053SJung-uk Kim 85e71b7053SJung-uk KimIf the callback returns 0 then the key generation operation is aborted and an 86e71b7053SJung-uk Kimerror occurs. This might occur during a time consuming operation where 87e71b7053SJung-uk Kima user clicks on a "cancel" button. 88e71b7053SJung-uk Kim 89e71b7053SJung-uk KimThe functions EVP_PKEY_CTX_set_app_data() and EVP_PKEY_CTX_get_app_data() set 90e71b7053SJung-uk Kimand retrieve an opaque pointer. This can be used to set some application 91e71b7053SJung-uk Kimdefined value which can be retrieved in the callback: for example a handle 92e71b7053SJung-uk Kimwhich is used to update a "progress dialog". 93e71b7053SJung-uk Kim 94*b077aed3SPierre ProncheryEVP_PKEY_Q_keygen() abstracts from the explicit use of B<EVP_PKEY_CTX> while 95*b077aed3SPierre Proncheryproviding a 'quick' but limited way of generating a new asymmetric key pair. 96*b077aed3SPierre ProncheryIt provides shorthands for simple and common cases of key generation. 97*b077aed3SPierre ProncheryAs usual, the library context I<libctx> and property query I<propq> 98*b077aed3SPierre Proncherycan be given for fetching algorithms from providers. 99*b077aed3SPierre ProncheryIf I<type> is C<RSA>, 100*b077aed3SPierre Proncherya B<size_t> parameter must be given to specify the size of the RSA key. 101*b077aed3SPierre ProncheryIf I<type> is C<EC>, 102*b077aed3SPierre Proncherya string parameter must be given to specify the name of the EC curve. 103*b077aed3SPierre ProncheryIf I<type> is C<X25519>, C<X448>, C<ED25519>, C<ED448>, or C<SM2> 104*b077aed3SPierre Proncheryno further parameter is needed. 105e71b7053SJung-uk Kim 106*b077aed3SPierre Pronchery=head1 RETURN VALUES 107e71b7053SJung-uk Kim 108*b077aed3SPierre ProncheryEVP_PKEY_keygen_init(), EVP_PKEY_paramgen_init(), EVP_PKEY_keygen() and 109*b077aed3SPierre ProncheryEVP_PKEY_paramgen() return 1 for success and 0 or a negative value for failure. 110*b077aed3SPierre ProncheryIn particular a return value of -2 indicates the operation is not supported by 111*b077aed3SPierre Proncherythe public key algorithm. 112*b077aed3SPierre Pronchery 113*b077aed3SPierre ProncheryEVP_PKEY_Q_keygen() returns an B<EVP_PKEY>, or NULL on failure. 114e71b7053SJung-uk Kim 115e71b7053SJung-uk Kim=head1 NOTES 116e71b7053SJung-uk Kim 117e71b7053SJung-uk KimAfter the call to EVP_PKEY_keygen_init() or EVP_PKEY_paramgen_init() algorithm 118e71b7053SJung-uk Kimspecific control operations can be performed to set any appropriate parameters 119e71b7053SJung-uk Kimfor the operation. 120e71b7053SJung-uk Kim 121e71b7053SJung-uk KimThe functions EVP_PKEY_keygen() and EVP_PKEY_paramgen() can be called more than 122e71b7053SJung-uk Kimonce on the same context if several operations are performed using the same 123e71b7053SJung-uk Kimparameters. 124e71b7053SJung-uk Kim 125e71b7053SJung-uk KimThe meaning of the parameters passed to the callback will depend on the 126e71b7053SJung-uk Kimalgorithm and the specific implementation of the algorithm. Some might not 127e71b7053SJung-uk Kimgive any useful information at all during key or parameter generation. Others 128e71b7053SJung-uk Kimmight not even call the callback. 129e71b7053SJung-uk Kim 130e71b7053SJung-uk KimThe operation performed by key or parameter generation depends on the algorithm 131e71b7053SJung-uk Kimused. In some cases (e.g. EC with a supplied named curve) the "generation" 132e71b7053SJung-uk Kimoption merely sets the appropriate fields in an EVP_PKEY structure. 133e71b7053SJung-uk Kim 134e71b7053SJung-uk KimIn OpenSSL an EVP_PKEY structure containing a private key also contains the 135e71b7053SJung-uk Kimpublic key components and parameters (if any). An OpenSSL private key is 136e71b7053SJung-uk Kimequivalent to what some libraries call a "key pair". A private key can be used 137e71b7053SJung-uk Kimin functions which require the use of a public key or parameters. 138e71b7053SJung-uk Kim 139e71b7053SJung-uk Kim=head1 EXAMPLES 140e71b7053SJung-uk Kim 141e71b7053SJung-uk KimGenerate a 2048 bit RSA key: 142e71b7053SJung-uk Kim 143e71b7053SJung-uk Kim #include <openssl/evp.h> 144e71b7053SJung-uk Kim #include <openssl/rsa.h> 145e71b7053SJung-uk Kim 146e71b7053SJung-uk Kim EVP_PKEY_CTX *ctx; 147e71b7053SJung-uk Kim EVP_PKEY *pkey = NULL; 148e71b7053SJung-uk Kim 149e71b7053SJung-uk Kim ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL); 150e71b7053SJung-uk Kim if (!ctx) 151e71b7053SJung-uk Kim /* Error occurred */ 152e71b7053SJung-uk Kim if (EVP_PKEY_keygen_init(ctx) <= 0) 153e71b7053SJung-uk Kim /* Error */ 154e71b7053SJung-uk Kim if (EVP_PKEY_CTX_set_rsa_keygen_bits(ctx, 2048) <= 0) 155e71b7053SJung-uk Kim /* Error */ 156e71b7053SJung-uk Kim 157e71b7053SJung-uk Kim /* Generate key */ 158e71b7053SJung-uk Kim if (EVP_PKEY_keygen(ctx, &pkey) <= 0) 159e71b7053SJung-uk Kim /* Error */ 160e71b7053SJung-uk Kim 161e71b7053SJung-uk KimGenerate a key from a set of parameters: 162e71b7053SJung-uk Kim 163e71b7053SJung-uk Kim #include <openssl/evp.h> 164e71b7053SJung-uk Kim #include <openssl/rsa.h> 165e71b7053SJung-uk Kim 166e71b7053SJung-uk Kim EVP_PKEY_CTX *ctx; 167e71b7053SJung-uk Kim ENGINE *eng; 168e71b7053SJung-uk Kim EVP_PKEY *pkey = NULL, *param; 169e71b7053SJung-uk Kim 170e71b7053SJung-uk Kim /* Assumed param, eng are set up already */ 171e71b7053SJung-uk Kim ctx = EVP_PKEY_CTX_new(param, eng); 172e71b7053SJung-uk Kim if (!ctx) 173e71b7053SJung-uk Kim /* Error occurred */ 174e71b7053SJung-uk Kim if (EVP_PKEY_keygen_init(ctx) <= 0) 175e71b7053SJung-uk Kim /* Error */ 176e71b7053SJung-uk Kim 177e71b7053SJung-uk Kim /* Generate key */ 178e71b7053SJung-uk Kim if (EVP_PKEY_keygen(ctx, &pkey) <= 0) 179e71b7053SJung-uk Kim /* Error */ 180e71b7053SJung-uk Kim 181e71b7053SJung-uk KimExample of generation callback for OpenSSL public key implementations: 182e71b7053SJung-uk Kim 183e71b7053SJung-uk Kim /* Application data is a BIO to output status to */ 184e71b7053SJung-uk Kim 185e71b7053SJung-uk Kim EVP_PKEY_CTX_set_app_data(ctx, status_bio); 186e71b7053SJung-uk Kim 187e71b7053SJung-uk Kim static int genpkey_cb(EVP_PKEY_CTX *ctx) 188e71b7053SJung-uk Kim { 189e71b7053SJung-uk Kim char c = '*'; 190e71b7053SJung-uk Kim BIO *b = EVP_PKEY_CTX_get_app_data(ctx); 191e71b7053SJung-uk Kim int p = EVP_PKEY_CTX_get_keygen_info(ctx, 0); 192e71b7053SJung-uk Kim 193e71b7053SJung-uk Kim if (p == 0) 194e71b7053SJung-uk Kim c = '.'; 195e71b7053SJung-uk Kim if (p == 1) 196e71b7053SJung-uk Kim c = '+'; 197e71b7053SJung-uk Kim if (p == 2) 198e71b7053SJung-uk Kim c = '*'; 199e71b7053SJung-uk Kim if (p == 3) 200e71b7053SJung-uk Kim c = '\n'; 201e71b7053SJung-uk Kim BIO_write(b, &c, 1); 202e71b7053SJung-uk Kim (void)BIO_flush(b); 203e71b7053SJung-uk Kim return 1; 204e71b7053SJung-uk Kim } 205e71b7053SJung-uk Kim 206e71b7053SJung-uk Kim=head1 SEE ALSO 207e71b7053SJung-uk Kim 208*b077aed3SPierre ProncheryL<EVP_RSA_gen(3)>, L<EVP_EC_gen(3)>, 209e71b7053SJung-uk KimL<EVP_PKEY_CTX_new(3)>, 210e71b7053SJung-uk KimL<EVP_PKEY_encrypt(3)>, 211e71b7053SJung-uk KimL<EVP_PKEY_decrypt(3)>, 212e71b7053SJung-uk KimL<EVP_PKEY_sign(3)>, 213e71b7053SJung-uk KimL<EVP_PKEY_verify(3)>, 214e71b7053SJung-uk KimL<EVP_PKEY_verify_recover(3)>, 215e71b7053SJung-uk KimL<EVP_PKEY_derive(3)> 216e71b7053SJung-uk Kim 217e71b7053SJung-uk Kim=head1 HISTORY 218e71b7053SJung-uk Kim 219*b077aed3SPierre ProncheryEVP_PKEY_keygen_init(), int EVP_PKEY_paramgen_init(), EVP_PKEY_keygen(), 220*b077aed3SPierre ProncheryEVP_PKEY_paramgen(), EVP_PKEY_gen_cb(), EVP_PKEY_CTX_set_cb(), 221*b077aed3SPierre ProncheryEVP_PKEY_CTX_get_cb(), EVP_PKEY_CTX_get_keygen_info(), 222*b077aed3SPierre ProncheryEVP_PKEY_CTX_set_app_data() and EVP_PKEY_CTX_get_app_data() were added in 223*b077aed3SPierre ProncheryOpenSSL 1.0.0. 224e71b7053SJung-uk Kim 225*b077aed3SPierre ProncheryEVP_PKEY_Q_keygen() and EVP_PKEY_generate() were added in OpenSSL 3.0. 226e71b7053SJung-uk Kim 227e71b7053SJung-uk Kim=head1 COPYRIGHT 228e71b7053SJung-uk Kim 229*b077aed3SPierre ProncheryCopyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved. 230e71b7053SJung-uk Kim 231*b077aed3SPierre ProncheryLicensed under the Apache License 2.0 (the "License"). You may not use 232e71b7053SJung-uk Kimthis file except in compliance with the License. You can obtain a copy 233e71b7053SJung-uk Kimin the file LICENSE in the source distribution or at 234e71b7053SJung-uk KimL<https://www.openssl.org/source/license.html>. 235e71b7053SJung-uk Kim 236e71b7053SJung-uk Kim=cut 237