kcapi_kpp_setkey - Man Page

set the private key of the DH / ECDH operation


int kcapi_kpp_setkey(struct kcapi_handle * handle, const uint8_t * key, uint32_t keylen);



[in] cipher handle


[in] key buffer


[in] length of key buffer


With this function, the caller sets the key for subsequent DH / ECDH public key generation or shared secret generation operations.

If the key / keylen is zero, the kernel tries to generate the private key itself and retains it internally. This is useful if the DH / ECDH operation shall be performed on ephemeral keys where the caller is only interested in eventually obtain the shared secret.

After the caller provided the key, the caller may securely destroy the key as it is now maintained by the kernel.

Note, the key can only be set after the DH parameters or the ECC curve has been set.

return in case of success a positive integer is returned that denominates the maximum output size of the cryptographic operation -- this value must be used as the size of the output buffer for one cryptographic operation); a negative errno-style error code if an error occurred -- the error -EOPNOTSUPP is returned in case a kernel-triggered private key generation is requested, but the underlying cipher implementation does not support this operation.


Stephan Mueller <smueller@chronox.de>



July 2021 libkcapi Manual 1.3.1 Programming Interface