1238384Sjkim=pod 2238384Sjkim 3238384Sjkim=head1 NAME 4238384Sjkim 5238384SjkimEVP_PKEY_derive_init, EVP_PKEY_derive_set_peer, EVP_PKEY_derive - derive public key algorithm shared secret. 6238384Sjkim 7238384Sjkim=head1 SYNOPSIS 8238384Sjkim 9238384Sjkim #include <openssl/evp.h> 10238384Sjkim 11238384Sjkim int EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx); 12238384Sjkim int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peer); 13238384Sjkim int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen); 14238384Sjkim 15238384Sjkim=head1 DESCRIPTION 16238384Sjkim 17238384SjkimThe EVP_PKEY_derive_init() function initializes a public key algorithm 18238384Sjkimcontext using key B<pkey> for shared secret derivation. 19238384Sjkim 20238384SjkimThe EVP_PKEY_derive_set_peer() function sets the peer key: this will normally 21238384Sjkimbe a public key. 22238384Sjkim 23238384SjkimThe EVP_PKEY_derive() derives a shared secret using B<ctx>. 24238384SjkimIf B<key> is B<NULL> then the maximum size of the output buffer is written to 25238384Sjkimthe B<keylen> parameter. If B<key> is not B<NULL> then before the call the 26238384SjkimB<keylen> parameter should contain the length of the B<key> buffer, if the call 27238384Sjkimis successful the shared secret is written to B<key> and the amount of data 28238384Sjkimwritten to B<keylen>. 29238384Sjkim 30238384Sjkim=head1 NOTES 31238384Sjkim 32238384SjkimAfter the call to EVP_PKEY_derive_init() algorithm specific control 33238384Sjkimoperations can be performed to set any appropriate parameters for the 34238384Sjkimoperation. 35238384Sjkim 36238384SjkimThe function EVP_PKEY_derive() can be called more than once on the same 37238384Sjkimcontext if several operations are performed using the same parameters. 38238384Sjkim 39238384Sjkim=head1 RETURN VALUES 40238384Sjkim 41238384SjkimEVP_PKEY_derive_init() and EVP_PKEY_derive() return 1 for success and 0 42238384Sjkimor a negative value for failure. In particular a return value of -2 43238384Sjkimindicates the operation is not supported by the public key algorithm. 44238384Sjkim 45238384Sjkim=head1 EXAMPLE 46238384Sjkim 47238384SjkimDerive shared secret (for example DH or EC keys): 48238384Sjkim 49238384Sjkim #include <openssl/evp.h> 50238384Sjkim #include <openssl/rsa.h> 51238384Sjkim 52238384Sjkim EVP_PKEY_CTX *ctx; 53238384Sjkim unsigned char *skey; 54238384Sjkim size_t skeylen; 55238384Sjkim EVP_PKEY *pkey, *peerkey; 56238384Sjkim /* NB: assumes pkey, peerkey have been already set up */ 57238384Sjkim 58238384Sjkim ctx = EVP_PKEY_CTX_new(pkey); 59238384Sjkim if (!ctx) 60238384Sjkim /* Error occurred */ 61238384Sjkim if (EVP_PKEY_derive_init(ctx) <= 0) 62238384Sjkim /* Error */ 63238384Sjkim if (EVP_PKEY_derive_set_peer(ctx, peerkey) <= 0) 64238384Sjkim /* Error */ 65238384Sjkim 66238384Sjkim /* Determine buffer length */ 67238384Sjkim if (EVP_PKEY_derive(ctx, NULL, &skeylen) <= 0) 68238384Sjkim /* Error */ 69238384Sjkim 70238384Sjkim skey = OPENSSL_malloc(skeylen); 71238384Sjkim 72238384Sjkim if (!skey) 73238384Sjkim /* malloc failure */ 74238384Sjkim 75238384Sjkim if (EVP_PKEY_derive(ctx, skey, &skeylen) <= 0) 76238384Sjkim /* Error */ 77238384Sjkim 78238384Sjkim /* Shared secret is skey bytes written to buffer skey */ 79238384Sjkim 80238384Sjkim=head1 SEE ALSO 81238384Sjkim 82238384SjkimL<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>, 83238384SjkimL<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>, 84238384SjkimL<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>, 85238384SjkimL<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>, 86238384SjkimL<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>, 87246772SjkimL<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>, 88238384Sjkim 89238384Sjkim=head1 HISTORY 90238384Sjkim 91238384SjkimThese functions were first added to OpenSSL 1.0.0. 92238384Sjkim 93238384Sjkim=cut 94