EVP Key and Parameter Generation

From OpenSSLWiki
Revision as of 11:58, 12 February 2021 by L.Habib (talk | contribs) (→‎Parameter Generation)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search

{{DocInclude |Name=Key and Parameter Generation |Url=http://wiki.ope

The EVP functions support the ability to generate parameters and keys if required for EVP_PKEY objects. Since these functions use random numbers you should ensure that the random number generator is appropriately seeded as discussed here.

Parameter Generation[edit]

Parameter generation is supported for the following EVP_PKEY types only:

  • EVP_PKEY_EC (for ECDSA and ECDH keys)
  • EVP_PKEY_DSA
  • EVP_PKEY_DH

The following sample code shows an example of how to generate parameters for each of these key types:

/* Create the context for generating the parameters */
EVP_PKEY_CTX* pctx;
if(!(pctx = EVP_PKEY_CTX_new_id(type, NULL))) goto err;
if(!EVP_PKEY_paramgen_init(pctx)) goto err;

/* Set the paramgen parameters according to the type */
switch(type)
{
case EVP_PKEY_EC:
  /* Use the NID_X9_62_prime256v1 named curve - defined in obj_mac.h */
  if(!EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, NID_X9_62_prime256v1)) goto err;		
  break;

case EVP_PKEY_DSA:
  /* Set a bit length of 2048 */
  if(!EVP_PKEY_CTX_set_dsa_paramgen_bits(pctx, 2048)) goto err;		
  break;

case EVP_PKEY_DH:
  /* Set a prime length of 2048 */
  if(!EVP_PKEY_CTX_set_dh_paramgen_prime_len(pctx, 2048)) goto err;
}

/* Generate parameters */
if (!EVP_PKEY_paramgen(pctx, &params)) goto err;

Key Generation[edit]

The following sample code shows an example of how to generate keys with the exception of EVP_PKEY_HMAC and EVP_PKEY_CMAC keys:

if(*params != NULL)
{
  if(!(kctx = EVP_PKEY_CTX_new(params, NULL))) goto err; 
}
else
{
  /* Create context for the key generation */
  if(!(kctx = EVP_PKEY_CTX_new_id(type, NULL))) goto err;
}

if(!EVP_PKEY_keygen_init(kctx)) goto err; 

/* RSA keys set the key length during key generation rather than parameter generation! */
if(type == EVP_PKEY_RSA)
{
  if(!EVP_PKEY_CTX_set_rsa_keygen_bits(kctx, 2048)) goto err;
}

/* Generate the key */
if (!EVP_PKEY_keygen(kctx, &key)) goto err;

CMAC keys are generated in a simlar fashion (see EVP_Signing_and_Verifying for information on generating MAC codes):

if(!(kctx = EVP_PKEY_CTX_new_id(type, NULL))) goto err;


if(!EVP_PKEY_keygen_init(kctx)) goto err;

/* Set the cipher to be used for the CMAC */
if (EVP_PKEY_CTX_ctrl(kctx, -1, EVP_PKEY_OP_KEYGEN,
  EVP_PKEY_CTRL_CIPHER,
  0, (void *)EVP_aes_256_ecb()) <= 0)
  goto err;

/* Set the key data to be used for the CMAC */
if (EVP_PKEY_CTX_ctrl(kctx, -1, EVP_PKEY_OP_KEYGEN,
  EVP_PKEY_CTRL_SET_MAC_KEY,
  /*key length*/32, "01234567890123456789012345678901") <= 0)
  goto err;

/* Generate the key */ 
if (!EVP_PKEY_keygen(kctx, &key)) goto err;

HMAC keys can be generated in the same way as for CMAC keys but do not take a cipher. A convenience function which wraps this process exists to simplify HMAC key generation:

key = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, "password", strlen("password"));

See also[edit]