1=pod 2 3=head1 NAME 4 5provider-keyexch - The keyexch library E<lt>-E<gt> provider functions 6 7=head1 SYNOPSIS 8 9=for openssl multiple includes 10 11 #include <openssl/core_dispatch.h> 12 #include <openssl/core_names.h> 13 14 /* 15 * None of these are actual functions, but are displayed like this for 16 * the function signatures for functions that are offered as function 17 * pointers in OSSL_DISPATCH arrays. 18 */ 19 20 /* Context management */ 21 void *OSSL_FUNC_keyexch_newctx(void *provctx); 22 void OSSL_FUNC_keyexch_freectx(void *ctx); 23 void *OSSL_FUNC_keyexch_dupctx(void *ctx); 24 25 /* Shared secret derivation */ 26 int OSSL_FUNC_keyexch_init(void *ctx, void *provkey, 27 const OSSL_PARAM params[]); 28 int OSSL_FUNC_keyexch_set_peer(void *ctx, void *provkey); 29 int OSSL_FUNC_keyexch_derive(void *ctx, unsigned char *secret, size_t *secretlen, 30 size_t outlen); 31 32 /* Key Exchange parameters */ 33 int OSSL_FUNC_keyexch_set_ctx_params(void *ctx, const OSSL_PARAM params[]); 34 const OSSL_PARAM *OSSL_FUNC_keyexch_settable_ctx_params(void *ctx, 35 void *provctx); 36 int OSSL_FUNC_keyexch_get_ctx_params(void *ctx, OSSL_PARAM params[]); 37 const OSSL_PARAM *OSSL_FUNC_keyexch_gettable_ctx_params(void *ctx, 38 void *provctx); 39 40=head1 DESCRIPTION 41 42This documentation is primarily aimed at provider authors. See L<provider(7)> 43for further information. 44 45The key exchange (OSSL_OP_KEYEXCH) operation enables providers to implement key 46exchange algorithms and make them available to applications via 47L<EVP_PKEY_derive(3)> and 48other related functions). 49 50All "functions" mentioned here are passed as function pointers between 51F<libcrypto> and the provider in B<OSSL_DISPATCH> arrays via 52B<OSSL_ALGORITHM> arrays that are returned by the provider's 53provider_query_operation() function 54(see L<provider-base(7)/Provider Functions>). 55 56All these "functions" have a corresponding function type definition 57named B<OSSL_FUNC_{name}_fn>, and a helper function to retrieve the 58function pointer from an B<OSSL_DISPATCH> element named 59B<OSSL_FUNC_{name}>. 60For example, the "function" OSSL_FUNC_keyexch_newctx() has these: 61 62 typedef void *(OSSL_FUNC_keyexch_newctx_fn)(void *provctx); 63 static ossl_inline OSSL_FUNC_keyexch_newctx_fn 64 OSSL_FUNC_keyexch_newctx(const OSSL_DISPATCH *opf); 65 66B<OSSL_DISPATCH> arrays are indexed by numbers that are provided as 67macros in L<openssl-core_dispatch.h(7)>, as follows: 68 69 OSSL_FUNC_keyexch_newctx OSSL_FUNC_KEYEXCH_NEWCTX 70 OSSL_FUNC_keyexch_freectx OSSL_FUNC_KEYEXCH_FREECTX 71 OSSL_FUNC_keyexch_dupctx OSSL_FUNC_KEYEXCH_DUPCTX 72 73 OSSL_FUNC_keyexch_init OSSL_FUNC_KEYEXCH_INIT 74 OSSL_FUNC_keyexch_set_peer OSSL_FUNC_KEYEXCH_SET_PEER 75 OSSL_FUNC_keyexch_derive OSSL_FUNC_KEYEXCH_DERIVE 76 77 OSSL_FUNC_keyexch_set_ctx_params OSSL_FUNC_KEYEXCH_SET_CTX_PARAMS 78 OSSL_FUNC_keyexch_settable_ctx_params OSSL_FUNC_KEYEXCH_SETTABLE_CTX_PARAMS 79 OSSL_FUNC_keyexch_get_ctx_params OSSL_FUNC_KEYEXCH_GET_CTX_PARAMS 80 OSSL_FUNC_keyexch_gettable_ctx_params OSSL_FUNC_KEYEXCH_GETTABLE_CTX_PARAMS 81 82A key exchange algorithm implementation may not implement all of these functions. 83In order to be a consistent set of functions a provider must implement 84OSSL_FUNC_keyexch_newctx, OSSL_FUNC_keyexch_freectx, OSSL_FUNC_keyexch_init and OSSL_FUNC_keyexch_derive. 85All other functions are optional. 86 87A key exchange algorithm must also implement some mechanism for generating, 88loading or importing keys via the key management (OSSL_OP_KEYMGMT) operation. 89See L<provider-keymgmt(7)> for further details. 90 91=head2 Context Management Functions 92 93OSSL_FUNC_keyexch_newctx() should create and return a pointer to a provider side 94structure for holding context information during a key exchange operation. 95A pointer to this context will be passed back in a number of the other key 96exchange operation function calls. 97The parameter I<provctx> is the provider context generated during provider 98initialisation (see L<provider(7)>). 99 100OSSL_FUNC_keyexch_freectx() is passed a pointer to the provider side key exchange 101context in the I<ctx> parameter. 102This function should free any resources associated with that context. 103 104OSSL_FUNC_keyexch_dupctx() should duplicate the provider side key exchange context in 105the I<ctx> parameter and return the duplicate copy. 106 107=head2 Shared Secret Derivation Functions 108 109OSSL_FUNC_keyexch_init() initialises a key exchange operation given a provider side key 110exchange context in the I<ctx> parameter, and a pointer to a provider key object 111in the I<provkey> parameter. 112The I<params>, if not NULL, should be set on the context in a manner similar to 113using OSSL_FUNC_keyexch_set_params(). 114The key object should have been previously 115generated, loaded or imported into the provider using the key management 116(OSSL_OP_KEYMGMT) operation (see provider-keymgmt(7)>. 117 118OSSL_FUNC_keyexch_set_peer() is called to supply the peer's public key (in the 119I<provkey> parameter) to be used when deriving the shared secret. 120It is also passed a previously initialised key exchange context in the I<ctx> 121parameter. 122The key object should have been previously generated, loaded or imported into 123the provider using the key management (OSSL_OP_KEYMGMT) operation (see 124provider-keymgmt(7)>. 125 126OSSL_FUNC_keyexch_derive() performs the actual key exchange itself by deriving a shared 127secret. 128A previously initialised key exchange context is passed in the I<ctx> 129parameter. 130The derived secret should be written to the location I<secret> which should not 131exceed I<outlen> bytes. 132The length of the shared secret should be written to I<*secretlen>. 133If I<secret> is NULL then the maximum length of the shared secret should be 134written to I<*secretlen>. 135 136=head2 Key Exchange Parameters Functions 137 138OSSL_FUNC_keyexch_set_ctx_params() sets key exchange parameters associated with the 139given provider side key exchange context I<ctx> to I<params>, 140see L</Common Key Exchange parameters>. 141Any parameter settings are additional to any that were previously set. 142Passing NULL for I<params> should return true. 143 144OSSL_FUNC_keyexch_get_ctx_params() gets key exchange parameters associated with the 145given provider side key exchange context I<ctx> into I<params>, 146see L</Common Key Exchange parameters>. 147Passing NULL for I<params> should return true. 148 149OSSL_FUNC_keyexch_settable_ctx_params() yields a constant B<OSSL_PARAM> array that 150describes the settable parameters, i.e. parameters that can be used with 151OP_signature_set_ctx_params(). 152If OSSL_FUNC_keyexch_settable_ctx_params() is present, OSSL_FUNC_keyexch_set_ctx_params() must 153also be present, and vice versa. 154Similarly, OSSL_FUNC_keyexch_gettable_ctx_params() yields a constant B<OSSL_PARAM> 155array that describes the gettable parameters, i.e. parameters that can be 156handled by OP_signature_get_ctx_params(). 157If OSSL_FUNC_keyexch_gettable_ctx_params() is present, OSSL_FUNC_keyexch_get_ctx_params() must 158also be present, and vice versa. 159See L<OSSL_PARAM(3)> for the use of B<OSSL_PARAM> as parameter descriptor. 160 161Notice that not all settable parameters are also gettable, and vice versa. 162 163=head2 Common Key Exchange parameters 164 165See L<OSSL_PARAM(3)> for further details on the parameters structure used by 166the OSSL_FUNC_keyexch_set_ctx_params() and OSSL_FUNC_keyexch_get_ctx_params() functions. 167 168Common parameters currently recognised by built-in key exchange algorithms are 169as follows. 170 171=over 4 172 173=item "kdf-type" (B<OSSL_EXCHANGE_PARAM_KDF_TYPE>) <UTF8 string> 174 175Sets or gets the Key Derivation Function type to apply within the associated key 176exchange ctx. 177 178=item "kdf-digest" (B<OSSL_EXCHANGE_PARAM_KDF_DIGEST>) <UTF8 string> 179 180Sets or gets the Digest algorithm to be used as part of the Key Derivation Function 181associated with the given key exchange ctx. 182 183=item "kdf-digest-props" (B<OSSL_EXCHANGE_PARAM_KDF_DIGEST_PROPS>) <UTF8 string> 184 185Sets properties to be used upon look up of the implementation for the selected 186Digest algorithm for the Key Derivation Function associated with the given key 187exchange ctx. 188 189=item "kdf-outlen" (B<OSSL_EXCHANGE_PARAM_KDF_OUTLEN>) <unsigned integer> 190 191Sets or gets the desired size for the output of the chosen Key Derivation Function 192associated with the given key exchange ctx. 193The length of the "kdf-outlen" parameter should not exceed that of a B<size_t>. 194 195=item "kdf-ukm" (B<OSSL_EXCHANGE_PARAM_KDF_UKM>) <octet string> 196 197Sets the User Key Material to be used as part of the selected Key Derivation 198Function associated with the given key exchange ctx. 199 200=item "kdf-ukm" (B<OSSL_EXCHANGE_PARAM_KDF_UKM>) <octet string ptr> 201 202Gets a pointer to the User Key Material to be used as part of the selected 203Key Derivation Function associated with the given key exchange ctx. Providers 204usually do not need to support this gettable parameter as its sole purpose 205is to support functionality of the deprecated EVP_PKEY_CTX_get0_ecdh_kdf_ukm() 206and EVP_PKEY_CTX_get0_dh_kdf_ukm() functions. 207 208=back 209 210=head1 RETURN VALUES 211 212OSSL_FUNC_keyexch_newctx() and OSSL_FUNC_keyexch_dupctx() should return the newly created 213provider side key exchange context, or NULL on failure. 214 215OSSL_FUNC_keyexch_init(), OSSL_FUNC_keyexch_set_peer(), OSSL_FUNC_keyexch_derive(), 216OSSL_FUNC_keyexch_set_params(), and OSSL_FUNC_keyexch_get_params() should return 1 for success 217or 0 on error. 218 219OSSL_FUNC_keyexch_settable_ctx_params() and OSSL_FUNC_keyexch_gettable_ctx_params() should 220always return a constant B<OSSL_PARAM> array. 221 222=head1 SEE ALSO 223 224L<provider(7)> 225 226=head1 HISTORY 227 228The provider KEYEXCH interface was introduced in OpenSSL 3.0. 229 230=head1 COPYRIGHT 231 232Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved. 233 234Licensed under the Apache License 2.0 (the "License"). You may not use 235this file except in compliance with the License. You can obtain a copy 236in the file LICENSE in the source distribution or at 237L<https://www.openssl.org/source/license.html>. 238 239=cut 240