Supported asymmetric key types #26996
Comments
tniessen
added
crypto
4 tasks
|
@tniessen ... is this still relevant? Should it remain open? |
|
@jasnell I think so, yes. Please leave it open for now. |
|
@tniessen ... just an update... I've got CMAC support on my todo list (revisiting the work that bnoordhuis had started but hadn't completed). I've also got poly1305 and siphash on my list but it'll be a while before I get to those. On the key types, I'm really not convinced yet that the remaining key types are a priority. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This is a meta issue to keep track of asymmetric key types supported by OpenSSL and node. The following list includes all key types supported by OpenSSL 1.1.1b. Checked items are fully supported by node's
KeyObjectAPI:EVP_PKEY_RSA: crypto: add key object API #24234EVP_PKEY_RSA2: appears to be unusable?EVP_PKEY_RSA_PSS: crypto: add support for RSA-PSS keys #26960EVP_PKEY_DSA: crypto: add key object API #24234EVP_PKEY_DSA1: alias forNID_dsa_2, but treated likeEVP_PKEY_DSAby OpenSSLEVP_PKEY_DSA2: alias forNID_dsaWithSHA, but treated likeEVP_PKEY_DSAby OpenSSLEVP_PKEY_DSA3: alias forNID_dsaWithSHA1, but treated likeEVP_PKEY_DSAby OpenSSLEVP_PKEY_DSA4: alias forNID_dsaWithSHA1_2, but treated likeEVP_PKEY_DSAby OpenSSLEVP_PKEY_DH: crypto: modernize DH/ECDH/ECDH-ES #31178EVP_PKEY_DHXEVP_PKEY_EC: crypto: add key object API #24234EVP_PKEY_SM2: crypto: add support for SM2 #37066EVP_PKEY_X25519: crypto: add support for x25119 and x448 key pair generation #26774EVP_PKEY_X448: crypto: add support for x25119 and x448 key pair generation #26774EVP_PKEY_ED25519: crypto: fix EdDSA support for KeyObject #26319 and crypto: add support for EdDSA key pair generation #26554EVP_PKEY_ED448: crypto: fix EdDSA support for KeyObject #26319 and crypto: add support for EdDSA key pair generation #26554The next step is to determine which of the above key types need to be dealt with in which way. Some of these types do not represent actual asymmetric keys (e.g.,
EVP_PKEY_SCRYPT) and thus don't need to be dealt with in theKeyObjectAPI:EVP_PKEY_SCRYPT: KDFEVP_PKEY_HMAC: MACEVP_PKEY_CMAC: MACEVP_PKEY_HKDF: KDFEVP_PKEY_POLY1305: MACEVP_PKEY_SIPHASH: MAC / PRFEVP_PKEY_TLS1_PRF: PRFThe text was updated successfully, but these errors were encountered: