1*b0d17251Schristos=pod 2*b0d17251Schristos 3*b0d17251Schristos=head1 NAME 4*b0d17251Schristos 5*b0d17251SchristosEVP_PKEY-X25519, EVP_PKEY-X448, EVP_PKEY-ED25519, EVP_PKEY-ED448, 6*b0d17251SchristosEVP_KEYMGMT-X25519, EVP_KEYMGMT-X448, EVP_KEYMGMT-ED25519, EVP_KEYMGMT-ED448 7*b0d17251Schristos- EVP_PKEY X25519, X448, ED25519 and ED448 keytype and algorithm support 8*b0d17251Schristos 9*b0d17251Schristos=head1 DESCRIPTION 10*b0d17251Schristos 11*b0d17251SchristosThe B<X25519>, B<X448>, B<ED25519> and B<ED448> keytypes are 12*b0d17251Schristosimplemented in OpenSSL's default and FIPS providers. These implementations 13*b0d17251Schristossupport the associated key, containing the public key I<pub> and the 14*b0d17251Schristosprivate key I<priv>. 15*b0d17251Schristos 16*b0d17251SchristosNo additional parameters can be set during key generation. 17*b0d17251Schristos 18*b0d17251Schristos 19*b0d17251Schristos=head2 Common X25519, X448, ED25519 and ED448 parameters 20*b0d17251Schristos 21*b0d17251SchristosIn addition to the common parameters that all keytypes should support (see 22*b0d17251SchristosL<provider-keymgmt(7)/Common parameters>), the implementation of these keytypes 23*b0d17251Schristossupport the following. 24*b0d17251Schristos 25*b0d17251Schristos=over 4 26*b0d17251Schristos 27*b0d17251Schristos=item "group" (B<OSSL_PKEY_PARAM_GROUP_NAME>) <UTF8 string> 28*b0d17251Schristos 29*b0d17251SchristosThis is only supported by X25519 and X448. The group name must be "x25519" or 30*b0d17251Schristos"x448" respectively for those algorithms. This is only present for consistency 31*b0d17251Schristoswith other key exchange algorithms and is typically not needed. 32*b0d17251Schristos 33*b0d17251Schristos=item "pub" (B<OSSL_PKEY_PARAM_PUB_KEY>) <octet string> 34*b0d17251Schristos 35*b0d17251SchristosThe public key value. 36*b0d17251Schristos 37*b0d17251Schristos=item "priv" (B<OSSL_PKEY_PARAM_PRIV_KEY>) <octet string> 38*b0d17251Schristos 39*b0d17251SchristosThe private key value. 40*b0d17251Schristos 41*b0d17251Schristos=item "encoded-pub-key" (B<OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY>) <octet string> 42*b0d17251Schristos 43*b0d17251SchristosUsed for getting and setting the encoding of a public key for the B<X25519> and 44*b0d17251SchristosB<X448> key types. Public keys are expected be encoded in a format as defined by 45*b0d17251SchristosRFC7748. 46*b0d17251Schristos 47*b0d17251Schristos=back 48*b0d17251Schristos 49*b0d17251Schristos=head2 ED25519 and ED448 parameters 50*b0d17251Schristos 51*b0d17251Schristos=over 4 52*b0d17251Schristos 53*b0d17251Schristos=item "mandatory-digest" (B<OSSL_PKEY_PARAM_MANDATORY_DIGEST>) <UTF8 string> 54*b0d17251Schristos 55*b0d17251SchristosThe empty string, signifying that no digest may be specified. 56*b0d17251Schristos 57*b0d17251Schristos=back 58*b0d17251Schristos 59*b0d17251Schristos=head1 CONFORMING TO 60*b0d17251Schristos 61*b0d17251Schristos=over 4 62*b0d17251Schristos 63*b0d17251Schristos=item RFC 8032 64*b0d17251Schristos 65*b0d17251Schristos=item RFC 8410 66*b0d17251Schristos 67*b0d17251Schristos=back 68*b0d17251Schristos 69*b0d17251Schristos=head1 EXAMPLES 70*b0d17251Schristos 71*b0d17251SchristosAn B<EVP_PKEY> context can be obtained by calling: 72*b0d17251Schristos 73*b0d17251Schristos EVP_PKEY_CTX *pctx = 74*b0d17251Schristos EVP_PKEY_CTX_new_from_name(NULL, "X25519", NULL); 75*b0d17251Schristos 76*b0d17251Schristos EVP_PKEY_CTX *pctx = 77*b0d17251Schristos EVP_PKEY_CTX_new_from_name(NULL, "X448", NULL); 78*b0d17251Schristos 79*b0d17251Schristos EVP_PKEY_CTX *pctx = 80*b0d17251Schristos EVP_PKEY_CTX_new_from_name(NULL, "ED25519", NULL); 81*b0d17251Schristos 82*b0d17251Schristos EVP_PKEY_CTX *pctx = 83*b0d17251Schristos EVP_PKEY_CTX_new_from_name(NULL, "ED448", NULL); 84*b0d17251Schristos 85*b0d17251SchristosAn B<X25519> key can be generated like this: 86*b0d17251Schristos 87*b0d17251Schristos pkey = EVP_PKEY_Q_keygen(NULL, NULL, "X25519"); 88*b0d17251Schristos 89*b0d17251SchristosAn B<X448>, B<ED25519>, or B<ED448> key can be generated likewise. 90*b0d17251Schristos 91*b0d17251Schristos=head1 SEE ALSO 92*b0d17251Schristos 93*b0d17251SchristosL<EVP_KEYMGMT(3)>, L<EVP_PKEY(3)>, L<provider-keymgmt(7)>, 94*b0d17251SchristosL<EVP_KEYEXCH-X25519(7)>, L<EVP_KEYEXCH-X448(7)>, 95*b0d17251SchristosL<EVP_SIGNATURE-ED25519(7)>, L<EVP_SIGNATURE-ED448(7)> 96*b0d17251Schristos 97*b0d17251Schristos=head1 COPYRIGHT 98*b0d17251Schristos 99*b0d17251SchristosCopyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved. 100*b0d17251Schristos 101*b0d17251SchristosLicensed under the Apache License 2.0 (the "License"). You may not use 102*b0d17251Schristosthis file except in compliance with the License. You can obtain a copy 103*b0d17251Schristosin the file LICENSE in the source distribution or at 104*b0d17251SchristosL<https://www.openssl.org/source/license.html>. 105*b0d17251Schristos 106*b0d17251Schristos=cut 107