diff options
| author | Shane Lontis <shane.lontis@oracle.com> | 2020-02-16 19:54:08 +1000 |
|---|---|---|
| committer | Shane Lontis <shane.lontis@oracle.com> | 2020-03-04 07:48:45 +1000 |
| commit | f552d900459cbacd82433b688b237cd6870663cd (patch) | |
| tree | 8fca1cf5a0274525e750cf74e890a3ac7f7eb671 /doc/man7 | |
| parent | 4a98ad086a6db9a8646244bd6e6517f9fff11762 (diff) | |
Add Serializers for EC
Provide EC serializers for text, pem and der.
EC parameters use ANS1 'CHOICE' - which means they are more embedded than other parameters used by
other KEY types (which normally have a SEQUENCE at the top level).
For this reason the ANS1_STRING type that was being passed around has been changed to a void so that the
code can still be shared with EC.
The EC serializer only supports named curves currently.
NOTE the serializer code assumes PKCS8 format - if the older encode methods are needed they will need to be
added in another PR. (Probably when deserialization is considered).
EVP_PKEY_key_fromdata_init was changed from using a keypair selection to all bits of a key. A side effect of this was
that the very restrictive checks in the ecx code needed to be relaxed as it was assuming all selection flags were non
optional. As this is not the case for any other key the code has been modified.
Fixed a bug in legacy_ctrl_str_to_params() - "ecdh_cofactor_mode" was being incorrectly converted to the wrong keyname.
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11107)
Diffstat (limited to 'doc/man7')
| -rw-r--r-- | doc/man7/provider-keymgmt.pod | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/doc/man7/provider-keymgmt.pod b/doc/man7/provider-keymgmt.pod index 91b87cecdc..0f765f775a 100644 --- a/doc/man7/provider-keymgmt.pod +++ b/doc/man7/provider-keymgmt.pod @@ -354,6 +354,32 @@ The private key value. =back +=head2 Built-in EC Import/Export Types + +The following Import/Export types are available for the built-in EC algorithm: + +=over 4 + +=item "curve-name" (B<OSSL_PKEY_PARAM_EC_NAME>) <utf8 string> + +The EC curve name. + +=item "use-cofactor-flag" (B<OSSL_PKEY_PARAM_USE_COFACTOR_ECDH>) <integer> + +Enable Cofactor DH (ECC CDH) if this value is 1, otherwise it uses normal EC DH +if the value is zero. The cofactor variant multiplies the shared secret by the +EC curve's cofactor (note for some curves the cofactor is 1). + +=item "pub" (B<OSSL_PKEY_PARAM_PUB_KEY>) <octet string> + +The public key value in EC point format. + +=item "priv" (B<OSSL_PKEY_PARAM_PRIV_KEY>) <integer> + +The private key value. + +=back + =head2 Information Parameters See L<OSSL_PARAM(3)> for further details on the parameters structure. |