1=pod 2 3=head1 NAME 4 5provider-keyexch - The keyexch library E<lt>-E<gt> provider functions 6 7=head1 SYNOPSIS 8 9=for openssl multiple includes 10 11 #include <openssl/core_dispatch.h> 12 #include <openssl/core_names.h> 13 14 /* 15 * None of these are actual functions, but are displayed like this for 16 * the function signatures for functions that are offered as function 17 * pointers in OSSL_DISPATCH arrays. 18 */ 19 20 /* Context management */ 21 void *OSSL_FUNC_keyexch_newctx(void *provctx); 22 void OSSL_FUNC_keyexch_freectx(void *ctx); 23 void *OSSL_FUNC_keyexch_dupctx(void *ctx); 24 25 /* Shared secret derivation */ 26 int OSSL_FUNC_keyexch_init(void *ctx, void *provkey, 27 const OSSL_PARAM params[]); 28 int OSSL_FUNC_keyexch_set_peer(void *ctx, void *provkey); 29 int OSSL_FUNC_keyexch_derive(void *ctx, unsigned char *secret, size_t *secretlen, 30 size_t outlen); 31 32 /* Key Exchange parameters */ 33 int OSSL_FUNC_keyexch_set_ctx_params(void *ctx, const OSSL_PARAM params[]); 34 const OSSL_PARAM *OSSL_FUNC_keyexch_settable_ctx_params(void *ctx, 35 void *provctx); 36 int OSSL_FUNC_keyexch_get_ctx_params(void *ctx, OSSL_PARAM params[]); 37 const OSSL_PARAM *OSSL_FUNC_keyexch_gettable_ctx_params(void *ctx, 38 void *provctx); 39 40=head1 DESCRIPTION 41 42This documentation is primarily aimed at provider authors. See L<provider(7)> 43for further information. 44 45The key exchange (OSSL_OP_KEYEXCH) operation enables providers to implement key 46exchange algorithms and make them available to applications via 47L<EVP_PKEY_derive(3)> and 48other related functions). 49 50All "functions" mentioned here are passed as function pointers between 51F<libcrypto> and the provider in L<OSSL_DISPATCH(3)> arrays via 52L<OSSL_ALGORITHM(3)> arrays that are returned by the provider's 53provider_query_operation() function 54(see L<provider-base(7)/Provider Functions>). 55 56All these "functions" have a corresponding function type definition 57named B<OSSL_FUNC_{name}_fn>, and a helper function to retrieve the 58function pointer from an L<OSSL_DISPATCH(3)> element named 59B<OSSL_FUNC_{name}>. 60For example, the "function" OSSL_FUNC_keyexch_newctx() has these: 61 62 typedef void *(OSSL_FUNC_keyexch_newctx_fn)(void *provctx); 63 static ossl_inline OSSL_FUNC_keyexch_newctx_fn 64 OSSL_FUNC_keyexch_newctx(const OSSL_DISPATCH *opf); 65 66L<OSSL_DISPATCH(3)> arrays are indexed by numbers that are provided as 67macros in L<openssl-core_dispatch.h(7)>, as follows: 68 69 OSSL_FUNC_keyexch_newctx OSSL_FUNC_KEYEXCH_NEWCTX 70 OSSL_FUNC_keyexch_freectx OSSL_FUNC_KEYEXCH_FREECTX 71 OSSL_FUNC_keyexch_dupctx OSSL_FUNC_KEYEXCH_DUPCTX 72 73 OSSL_FUNC_keyexch_init OSSL_FUNC_KEYEXCH_INIT 74 OSSL_FUNC_keyexch_set_peer OSSL_FUNC_KEYEXCH_SET_PEER 75 OSSL_FUNC_keyexch_derive OSSL_FUNC_KEYEXCH_DERIVE 76 77 OSSL_FUNC_keyexch_set_ctx_params OSSL_FUNC_KEYEXCH_SET_CTX_PARAMS 78 OSSL_FUNC_keyexch_settable_ctx_params OSSL_FUNC_KEYEXCH_SETTABLE_CTX_PARAMS 79 OSSL_FUNC_keyexch_get_ctx_params OSSL_FUNC_KEYEXCH_GET_CTX_PARAMS 80 OSSL_FUNC_keyexch_gettable_ctx_params OSSL_FUNC_KEYEXCH_GETTABLE_CTX_PARAMS 81 82A key exchange algorithm implementation may not implement all of these functions. 83In order to be a consistent set of functions a provider must implement 84OSSL_FUNC_keyexch_newctx, OSSL_FUNC_keyexch_freectx, OSSL_FUNC_keyexch_init and OSSL_FUNC_keyexch_derive. 85All other functions are optional. 86 87A key exchange algorithm must also implement some mechanism for generating, 88loading or importing keys via the key management (OSSL_OP_KEYMGMT) operation. 89See L<provider-keymgmt(7)> for further details. 90 91=head2 Context Management Functions 92 93OSSL_FUNC_keyexch_newctx() should create and return a pointer to a provider side 94structure for holding context information during a key exchange operation. 95A pointer to this context will be passed back in a number of the other key 96exchange operation function calls. 97The parameter I<provctx> is the provider context generated during provider 98initialisation (see L<provider(7)>). 99 100OSSL_FUNC_keyexch_freectx() is passed a pointer to the provider side key exchange 101context in the I<ctx> parameter. 102This function should free any resources associated with that context. 103 104OSSL_FUNC_keyexch_dupctx() should duplicate the provider side key exchange context in 105the I<ctx> parameter and return the duplicate copy. 106 107=head2 Shared Secret Derivation Functions 108 109OSSL_FUNC_keyexch_init() initialises a key exchange operation given a provider side key 110exchange context in the I<ctx> parameter, and a pointer to a provider key object 111in the I<provkey> parameter. 112The I<params>, if not NULL, should be set on the context in a manner similar to 113using OSSL_FUNC_keyexch_set_params(). 114The key object should have been previously 115generated, loaded or imported into the provider using the key management 116(OSSL_OP_KEYMGMT) operation (see provider-keymgmt(7)>. 117 118OSSL_FUNC_keyexch_set_peer() is called to supply the peer's public key (in the 119I<provkey> parameter) to be used when deriving the shared secret. 120It is also passed a previously initialised key exchange context in the I<ctx> 121parameter. 122The key object should have been previously generated, loaded or imported into 123the provider using the key management (OSSL_OP_KEYMGMT) operation (see 124provider-keymgmt(7)>. 125 126OSSL_FUNC_keyexch_derive() performs the actual key exchange itself by deriving a shared 127secret. 128A previously initialised key exchange context is passed in the I<ctx> 129parameter. 130The derived secret should be written to the location I<secret> which should not 131exceed I<outlen> bytes. 132The length of the shared secret should be written to I<*secretlen>. 133If I<secret> is NULL then the maximum length of the shared secret should be 134written to I<*secretlen>. 135 136=head2 Key Exchange Parameters Functions 137 138OSSL_FUNC_keyexch_set_ctx_params() sets key exchange parameters associated with the 139given provider side key exchange context I<ctx> to I<params>, 140see L</Common Key Exchange parameters>. 141Any parameter settings are additional to any that were previously set. 142Passing NULL for I<params> should return true. 143 144OSSL_FUNC_keyexch_get_ctx_params() gets key exchange parameters associated with the 145given provider side key exchange context I<ctx> into I<params>, 146see L</Common Key Exchange parameters>. 147Passing NULL for I<params> should return true. 148 149OSSL_FUNC_keyexch_settable_ctx_params() yields a constant L<OSSL_PARAM(3)> array that 150describes the settable parameters, i.e. parameters that can be used with 151OP_signature_set_ctx_params(). 152If OSSL_FUNC_keyexch_settable_ctx_params() is present, OSSL_FUNC_keyexch_set_ctx_params() must 153also be present, and vice versa. 154Similarly, OSSL_FUNC_keyexch_gettable_ctx_params() yields a constant L<OSSL_PARAM(3)> 155array that describes the gettable parameters, i.e. parameters that can be 156handled by OP_signature_get_ctx_params(). 157If OSSL_FUNC_keyexch_gettable_ctx_params() is present, OSSL_FUNC_keyexch_get_ctx_params() must 158also be present, and vice versa. 159 160Notice that not all settable parameters are also gettable, and vice versa. 161 162=head2 Common Key Exchange parameters 163 164See L<OSSL_PARAM(3)> for further details on the parameters structure used by 165the OSSL_FUNC_keyexch_set_ctx_params() and OSSL_FUNC_keyexch_get_ctx_params() functions. 166 167Common parameters currently recognised by built-in key exchange algorithms are 168as follows. 169 170=over 4 171 172=item "kdf-type" (B<OSSL_EXCHANGE_PARAM_KDF_TYPE>) <UTF8 string> 173 174Sets or gets the Key Derivation Function type to apply within the associated key 175exchange ctx. 176 177=item "kdf-digest" (B<OSSL_EXCHANGE_PARAM_KDF_DIGEST>) <UTF8 string> 178 179Sets or gets the Digest algorithm to be used as part of the Key Derivation Function 180associated with the given key exchange ctx. 181 182=item "kdf-digest-props" (B<OSSL_EXCHANGE_PARAM_KDF_DIGEST_PROPS>) <UTF8 string> 183 184Sets properties to be used upon look up of the implementation for the selected 185Digest algorithm for the Key Derivation Function associated with the given key 186exchange ctx. 187 188=item "kdf-outlen" (B<OSSL_EXCHANGE_PARAM_KDF_OUTLEN>) <unsigned integer> 189 190Sets or gets the desired size for the output of the chosen Key Derivation Function 191associated with the given key exchange ctx. 192The length of the "kdf-outlen" parameter should not exceed that of a B<size_t>. 193 194=item "kdf-ukm" (B<OSSL_EXCHANGE_PARAM_KDF_UKM>) <octet string> 195 196Sets the User Key Material to be used as part of the selected Key Derivation 197Function associated with the given key exchange ctx. 198 199=item "kdf-ukm" (B<OSSL_EXCHANGE_PARAM_KDF_UKM>) <octet string ptr> 200 201Gets a pointer to the User Key Material to be used as part of the selected 202Key Derivation Function associated with the given key exchange ctx. Providers 203usually do not need to support this gettable parameter as its sole purpose 204is to support functionality of the deprecated EVP_PKEY_CTX_get0_ecdh_kdf_ukm() 205and EVP_PKEY_CTX_get0_dh_kdf_ukm() functions. 206 207=back 208 209=head1 RETURN VALUES 210 211OSSL_FUNC_keyexch_newctx() and OSSL_FUNC_keyexch_dupctx() should return the newly created 212provider side key exchange context, or NULL on failure. 213 214OSSL_FUNC_keyexch_init(), OSSL_FUNC_keyexch_set_peer(), OSSL_FUNC_keyexch_derive(), 215OSSL_FUNC_keyexch_set_params(), and OSSL_FUNC_keyexch_get_params() should return 1 for success 216or 0 on error. 217 218OSSL_FUNC_keyexch_settable_ctx_params() and OSSL_FUNC_keyexch_gettable_ctx_params() should 219always return a constant L<OSSL_PARAM(3)> array. 220 221=head1 SEE ALSO 222 223L<provider(7)> 224 225=head1 HISTORY 226 227The provider KEYEXCH interface was introduced in OpenSSL 3.0. 228 229=head1 COPYRIGHT 230 231Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved. 232 233Licensed under the Apache License 2.0 (the "License"). You may not use 234this file except in compliance with the License. You can obtain a copy 235in the file LICENSE in the source distribution or at 236L<https://www.openssl.org/source/license.html>. 237 238=cut 239