You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This is a meta issue to keep track of asymmetric key types supported by OpenSSL and node. The following list includes all key types supported by OpenSSL 1.1.1b. Checked items are fully supported by node's KeyObject API:
The next step is to determine which of the above key types need to be dealt with in which way. Some of these types do not represent actual asymmetric keys (e.g., EVP_PKEY_SCRYPT) and thus don't need to be dealt with in the KeyObject API:
EVP_PKEY_SCRYPT: KDF
EVP_PKEY_HMAC: MAC
EVP_PKEY_CMAC: MAC
EVP_PKEY_HKDF: KDF
EVP_PKEY_POLY1305: MAC
EVP_PKEY_SIPHASH: MAC / PRF
EVP_PKEY_TLS1_PRF: PRF
The text was updated successfully, but these errors were encountered:
@tniessen ... just an update... I've got CMAC support on my todo list (revisiting the work that bnoordhuis had started but hadn't completed). I've also got poly1305 and siphash on my list but it'll be a while before I get to those.
On the key types, I'm really not convinced yet that the remaining key types are a priority.
This is a meta issue to keep track of asymmetric key types supported by OpenSSL and node. The following list includes all key types supported by OpenSSL 1.1.1b. Checked items are fully supported by node's
KeyObject
API:EVP_PKEY_RSA
: crypto: add key object API #24234EVP_PKEY_RSA2
: appears to be unusable?EVP_PKEY_RSA_PSS
: crypto: add support for RSA-PSS keys #26960EVP_PKEY_DSA
: crypto: add key object API #24234EVP_PKEY_DSA1
: alias forNID_dsa_2
, but treated likeEVP_PKEY_DSA
by OpenSSLEVP_PKEY_DSA2
: alias forNID_dsaWithSHA
, but treated likeEVP_PKEY_DSA
by OpenSSLEVP_PKEY_DSA3
: alias forNID_dsaWithSHA1
, but treated likeEVP_PKEY_DSA
by OpenSSLEVP_PKEY_DSA4
: alias forNID_dsaWithSHA1_2
, but treated likeEVP_PKEY_DSA
by OpenSSLEVP_PKEY_DH
: crypto: modernize DH/ECDH/ECDH-ES #31178EVP_PKEY_DHX
EVP_PKEY_EC
: crypto: add key object API #24234EVP_PKEY_SM2
: crypto: add support for SM2 #37066EVP_PKEY_X25519
: crypto: add support for x25119 and x448 key pair generation #26774EVP_PKEY_X448
: crypto: add support for x25119 and x448 key pair generation #26774EVP_PKEY_ED25519
: crypto: fix EdDSA support for KeyObject #26319 and crypto: add support for EdDSA key pair generation #26554EVP_PKEY_ED448
: crypto: fix EdDSA support for KeyObject #26319 and crypto: add support for EdDSA key pair generation #26554The next step is to determine which of the above key types need to be dealt with in which way. Some of these types do not represent actual asymmetric keys (e.g.,
EVP_PKEY_SCRYPT
) and thus don't need to be dealt with in theKeyObject
API:EVP_PKEY_SCRYPT
: KDFEVP_PKEY_HMAC
: MACEVP_PKEY_CMAC
: MACEVP_PKEY_HKDF
: KDFEVP_PKEY_POLY1305
: MACEVP_PKEY_SIPHASH
: MAC / PRFEVP_PKEY_TLS1_PRF
: PRFThe text was updated successfully, but these errors were encountered: