suzanne.soy/man-pages
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
gh-pages
man-pages/man7/Ed25519.7ssl.html
Suzanne Soy 4c89183f2b Added man pages from my system
2021-03-31 01:06:50 +01:00

158 lines
5.0 KiB
HTML
Raw Permalink Blame History

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML><HEAD><TITLE>Man page of ED25519</TITLE>
</HEAD><BODY>
<H1>ED25519</H1>
Section: OpenSSL (7SSL)<BR>Updated: 2021-03-22<BR><A HREF="#index">Index</A>
<A HREF="/cgi-bin/man/man2html">Return to Main Contents</A><HR>
<A NAME="lbAB">&nbsp;</A>
<H2>NAME</H2>
Ed25519, Ed448 - EVP_PKEY Ed25519 and Ed448 support
<A NAME="lbAC">&nbsp;</A>
<H2>DESCRIPTION</H2>
The <B>Ed25519</B> and <B>Ed448</B> <FONT SIZE="-1">EVP_PKEY</FONT> implementation supports key generation,
one-shot digest sign and digest verify using PureEdDSA and <B>Ed25519</B> or <B>Ed448</B>
(see <FONT SIZE="-1">RFC8032</FONT>). It has associated private and public key formats compatible with
<FONT SIZE="-1">RFC 8410.</FONT>
<P>
No additional parameters can be set during key generation, one-shot signing or
verification. In particular, because PureEdDSA is used, a digest must <B></B><FONT SIZE="-1"><B>NOT</B></FONT><B></B> be
specified when signing or verifying.
<A NAME="lbAD">&nbsp;</A>
<H2>NOTES</H2>
The PureEdDSA algorithm does not support the streaming mechanism
of other signature algorithms using, for example, <B>EVP_DigestUpdate()</B>.
The message to sign or verify must be passed using the one-shot
<B>EVP_DigestSign()</B> and <B>EVP_DigestVerify()</B> functions.
<P>
When calling <B>EVP_DigestSignInit()</B> or <B>EVP_DigestVerifyInit()</B>, the
digest <B>type</B> parameter <B></B><FONT SIZE="-1"><B>MUST</B></FONT><B></B> be set to <B></B><FONT SIZE="-1"><B>NULL</B></FONT><B></B>.
<P>
Applications wishing to sign certificates (or other structures such as
CRLs or certificate requests) using Ed25519 or Ed448 can either use <B>X509_sign()</B>
or <B>X509_sign_ctx()</B> in the usual way.
<P>
A context for the <B>Ed25519</B> algorithm can be obtained by calling:
<P>
<PRE>
EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_ED25519, NULL);
</PRE>
<P>
For the <B>Ed448</B> algorithm a context can be obtained by calling:
<P>
<PRE>
EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_ED448, NULL);
</PRE>
<P>
Ed25519 or Ed448 private keys can be set directly using
<B><A HREF="/cgi-bin/man/man2html?3+EVP_PKEY_new_raw_private_key">EVP_PKEY_new_raw_private_key</A></B>(3) or loaded from a PKCS#8 private key file
using <B><A HREF="/cgi-bin/man/man2html?3+PEM_read_bio_PrivateKey">PEM_read_bio_PrivateKey</A></B>(3) (or similar function). Completely new keys
can also be generated (see the example below). Setting a private key also sets
the associated public key.
<P>
Ed25519 or Ed448 public keys can be set directly using
<B><A HREF="/cgi-bin/man/man2html?3+EVP_PKEY_new_raw_public_key">EVP_PKEY_new_raw_public_key</A></B>(3) or loaded from a SubjectPublicKeyInfo
structure in a <FONT SIZE="-1">PEM</FONT> file using <B><A HREF="/cgi-bin/man/man2html?3+PEM_read_bio_PUBKEY">PEM_read_bio_PUBKEY</A></B>(3) (or similar function).
<P>
Ed25519 and Ed448 can be tested within <B><A HREF="/cgi-bin/man/man2html?1+speed">speed</A></B>(1) application since version 1.1.1.
Valid algorithm names are <B>ed25519</B>, <B>ed448</B> and <B>eddsa</B>. If <B>eddsa</B> is
specified, then both Ed25519 and Ed448 are benchmarked.
<A NAME="lbAE">&nbsp;</A>
<H2>EXAMPLES</H2>
This example generates an <B></B><FONT SIZE="-1"><B>ED25519</B></FONT><B></B> private key and writes it to standard
output in <FONT SIZE="-1">PEM</FONT> format:
<P>
<PRE>
#include &lt;<A HREF="file:///usr/include/openssl/evp.h">openssl/evp.h</A>&gt;
#include &lt;<A HREF="file:///usr/include/openssl/pem.h">openssl/pem.h</A>&gt;
...
EVP_PKEY *pkey = NULL;
EVP_PKEY_CTX *pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_ED25519, NULL);
EVP_PKEY_keygen_init(pctx);
EVP_PKEY_keygen(pctx, &amp;pkey);
EVP_PKEY_CTX_free(pctx);
PEM_write_PrivateKey(stdout, pkey, NULL, NULL, 0, NULL, NULL);
</PRE>
<A NAME="lbAF">&nbsp;</A>
<H2>SEE ALSO</H2>
<B><A HREF="/cgi-bin/man/man2html?3+EVP_PKEY_CTX_new">EVP_PKEY_CTX_new</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+EVP_PKEY_keygen">EVP_PKEY_keygen</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+EVP_DigestSignInit">EVP_DigestSignInit</A></B>(3),
<B><A HREF="/cgi-bin/man/man2html?3+EVP_DigestVerifyInit">EVP_DigestVerifyInit</A></B>(3),
<A NAME="lbAG">&nbsp;</A>
<H2>COPYRIGHT</H2>
Copyright 2017-2020 The OpenSSL Project Authors. All Rights Reserved.
<P>
Licensed under the OpenSSL license (the ``License''). You may not use
this file except in compliance with the License. You can obtain a copy
in the file <FONT SIZE="-1">LICENSE</FONT> in the source distribution or at
&lt;<A HREF="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</A>&gt;.
<P>
<HR>
<A NAME="index">&nbsp;</A><H2>Index</H2>
<DL>
<DT id="1"><A HREF="#lbAB">NAME</A><DD>
<DT id="2"><A HREF="#lbAC">DESCRIPTION</A><DD>
<DT id="3"><A HREF="#lbAD">NOTES</A><DD>
<DT id="4"><A HREF="#lbAE">EXAMPLES</A><DD>
<DT id="5"><A HREF="#lbAF">SEE ALSO</A><DD>
<DT id="6"><A HREF="#lbAG">COPYRIGHT</A><DD>
</DL>
<HR>
This document was created by
<A HREF="/cgi-bin/man/man2html">man2html</A>,
using the manual pages.<BR>
Time: 00:06:08 GMT, March 31, 2021
</BODY>
</HTML>
Reference in New Issue View Git Blame Copy Permalink