Sortix volatile manual
This manual documents Sortix volatile, a development build that has not been officially released. You can instead view this document in the latest official manual.
NAME
EVP_PKEY_derive_init, EVP_PKEY_derive_set_peer, EVP_PKEY_CTX_get0_peerkey, EVP_PKEY_derive — derive public key algorithm shared secretSYNOPSIS
#include <openssl/evp.h>EVP_PKEY_derive_init(EVP_PKEY_CTX *ctx);
EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *ctx, EVP_PKEY *peerkey);
EVP_PKEY_CTX_get0_peerkey(EVP_PKEY_CTX *ctx);
EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *keylen);
DESCRIPTION
EVP_PKEY_derive_init() initializes the public key algorithm context ctx for shared secret derivation using the EVP_PKEY object already stored in ctx. The library provides built-in support for keys with an EVP_PKEY_base_id(3) of EVP_PKEY_DH, EVP_PKEY_EC, EVP_PKEY_HKDF, and EVP_PKEY_X25519.RETURN VALUES
EVP_PKEY_derive_init(), EVP_PKEY_derive_set_peer(), and EVP_PKEY_derive() return 1 for success and 0 or a negative value for failure. In particular, a return value of -2 indicates the operation is not supported by the public key algorithm.EXAMPLES
Derive shared secret (for example DH or EC keys):#include <openssl/evp.h> #include <openssl/rsa.h> EVP_PKEY_CTX *ctx; unsigned char *skey; size_t skeylen; EVP_PKEY *pkey, *peerkey; /* Assumes that pkey and peerkey have already been set up. */ ctx = EVP_PKEY_CTX_new(pkey, NULL); if (!ctx) /* Error occurred */ if (EVP_PKEY_derive_init(ctx) <= 0) /* Error */ if (EVP_PKEY_derive_set_peer(ctx, peerkey) <= 0) /* Error */ /* Determine buffer length */ if (EVP_PKEY_derive(ctx, NULL, &skeylen) <= 0) /* Error */ skey = malloc(skeylen); if (!skey) /* malloc failure */ if (EVP_PKEY_derive(ctx, skey, &skeylen) <= 0) /* Error */ /* Shared secret is skey bytes written to buffer skey */