EVP_PKEY-EC.pod - OpenGrok cross reference for /third_party/openssl/doc/man7/EVP

Lines Matching +full:enable +full:- +full:fips
5 EVP_PKEY-EC,
6 EVP_KEYMGMT-EC
7 - EVP_PKEY EC keytype and algorithm support
17 used that specify "field-type", "p", "a", "b", "generator" and "order".
23 built-in EC algorithm:
31 =item "field-type" (B<OSSL_PKEY_PARAM_EC_FIELD_TYPE>) <UTF8 string>
33 The value should be either "prime-field" or "characteristic-two-field",
39 represents the irreducible polynomial - each bit represents a term in the
67 I<order> - 1.
71 =item  "decoded-from-explicit" (B<OSSL_PKEY_PARAM_EC_DECODED_FROM_EXPLICIT_PARAMS>) <integer>
76 =item "use-cofactor-flag" (B<OSSL_PKEY_PARAM_USE_COFACTOR_ECDH>) <integer>
78 Enable Cofactor DH (ECC CDH) if this value is 1, otherwise it uses normal EC DH
82 See also L<EVP_KEYEXCH-ECDH(7)> for the related
84 per-operation basis.
91 =item "point-format" (B<OSSL_PKEY_PARAM_EC_POINT_CONVERSION_FORMAT>) <UTF8 string>
97 =item "group-check" (B<OSSL_PKEY_PARAM_EC_GROUP_CHECK_TYPE>) <UTF8 string>
100 Valid values are "default", "named" and "named-nist".
102 "named-nist" is similiar but also checks that the named curve is a nist curve.
104 but is equivalent to "named-nist" for the OpenSSL FIPS provider.
106 =item "include-public" (B<OSSL_PKEY_PARAM_EC_INCLUDE_PUBLIC>) <integer>
131 =item "encoded-pub-key" (B<OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY>) <octet string>
145 =item "default-digest" (B<OSSL_PKEY_PARAM_DEFAULT_DIGEST>) <UTF8 string>
152 The following Gettable types are also available for the built-in EC algorithm:
156 =item "basis-type" (B<OSSL_PKEY_PARAM_EC_CHAR2_TYPE>) <UTF8 string>
188 The OpenSSL FIPS provider uses L<EC_GROUP_check_named_curve(3)> in order to
189 conform to SP800-56Ar3 I<Assurances of Domain-Parameter Validity>.
195 conform to SP800-56Ar3 I<ECC Full Public-Key Validation> and
196 I<ECC Partial Public-Key Validation> respectively.
199 conform to SP800-56Ar3 I<Private key validity> and
200 I<Owner Assurance of Pair-wise Consistency> respectively.
209 An B<EVP_PKEY> ECDSA or ECDH key can be generated with a "P-256" named group by
212     pkey = EVP_EC_gen("P-256");
224                                                  "P-256", 0);
235 An B<EVP_PKEY> EC CDH (Cofactor Diffie-Hellman) key can be generated with a
236 "K-571" named group by calling:
247                                                  "K-571", 0);
249      * This curve has a cofactor that is not 1 - so setting CDH mode changes
250      * the behaviour. For many curves the cofactor is 1 - so setting this has
269 L<provider-keymgmt(7)>,
270 L<EVP_SIGNATURE-ECDSA(7)>,
271 L<EVP_KEYEXCH-ECDH(7)>
275 Copyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved.