EVP_KEM-EC(7ssl) - Man pages

dwww Home | Manual pages | Find package
EVP_KEM-EC(7SSL)                    OpenSSL                    EVP_KEM-EC(7SSL)

NAME
       EVP_KEM-EC - EVP_KEM EC keytype and algorithm support

DESCRIPTION
       The EC keytype and its parameters are described in EVP_PKEY-EC(7).  See
       EVP_PKEY_encapsulate(3) and EVP_PKEY_decapsulate(3) for more info.

   EC KEM parameters
       "operation" (OSSL_KEM_PARAM_OPERATION)<UTF8 string>
           The  OpenSSL  EC  Key  Encapsulation  Mechanisms  only  supports the
           following default operation (operating mode):

           "DHKEM" (OSSL_KEM_PARAM_OPERATION_DHKEM)
               The encapsulate function  generates  an  ephemeral  keypair.  It
               produces  keymaterial  by  doing  an ECDH key exchange using the
               ephemeral private key and a supplied  recipient  public  key.  A
               HKDF  operation  using  the  keymaterial  and a kem context then
               produces a shared secret. The shared secret  and  the  ephemeral
               public  key  are  returned.   The  decapsulate function uses the
               recipient private key and the ephemeral public  key  to  produce
               the same keymaterial, which can then be used to produce the same
               shared                        secret.                        See
               <https://www.rfc-editor.org/rfc/rfc9180.html#name-dh-based-kem-dhkem>

           This  can  be  set   using   either   EVP_PKEY_CTX_set_kem_op()   or
           EVP_PKEY_CTX_set_params().

       "ikme" (OSSL_KEM_PARAM_IKME) <octet string>
           Used  to  specify  the  key  material  used  for  generation  of the
           ephemeral key.  This value should not be reused for other  purposes.
           It  can only be used for the curves "P-256", "P-384" and "P-521" and
           should have a length of at least the size of the encoded private key
           (i.e. 32, 48 and 66 for the listed curves).  If this  value  is  not
           set, then a random ikm is used.

CONFORMING TO
       RFC9180

SEE ALSO
       EVP_PKEY_CTX_set_kem_op(3),                     EVP_PKEY_encapsulate(3),
       EVP_PKEY_decapsulate(3) EVP_KEYMGMT(3), EVP_PKEY(3), provider-keymgmt(7)

HISTORY
       This functionality was added in OpenSSL 3.2.

       The "operation" (operating mode)  was  a  required  parameter  prior  to
       OpenSSL  3.5.  As of OpenSSL 3.5, "DHKEM" is the default operating mode,
       and no explicit value need be specified.

COPYRIGHT
       Copyright 2022-2025 The OpenSSL Project Authors. All Rights Reserved.

       Licensed under the Apache License 2.0 (the "License").  You may not  use
       this  file except in compliance with the License.  You can obtain a copy
       in   the   file   LICENSE   in   the   source   distribution    or    at
       <https://www.openssl.org/source/license.html>.

3.5.4                              2025-09-30                  EVP_KEM-EC(7SSL)
Generated by dwww version 1.16 on Tue Dec 16 04:20:16 CET 2025.