Supported asymmetric key types

tniessen commented 5 years ago

This is a meta issue to keep track of asymmetric key types supported by OpenSSL and node. The following list includes all key types supported by OpenSSL 1.1.1b. Checked items are fully supported by node's KeyObject API:

[x] EVP_PKEY_RSA: https://github.com/nodejs/node/pull/24234
[ ] EVP_PKEY_RSA2: appears to be unusable?
[x] EVP_PKEY_RSA_PSS: https://github.com/nodejs/node/pull/26960
[x] EVP_PKEY_DSA: https://github.com/nodejs/node/pull/24234
[ ] EVP_PKEY_DSA1: alias for NID_dsa_2, but treated like EVP_PKEY_DSA by OpenSSL
[ ] EVP_PKEY_DSA2: alias for NID_dsaWithSHA, but treated like EVP_PKEY_DSA by OpenSSL
[ ] EVP_PKEY_DSA3: alias for NID_dsaWithSHA1, but treated like EVP_PKEY_DSA by OpenSSL
[ ] EVP_PKEY_DSA4: alias for NID_dsaWithSHA1_2, but treated like EVP_PKEY_DSA by OpenSSL
[x] EVP_PKEY_DH: https://github.com/nodejs/node/pull/31178
[ ] EVP_PKEY_DHX
[x] EVP_PKEY_EC: https://github.com/nodejs/node/pull/24234
[ ] EVP_PKEY_SM2: https://github.com/nodejs/node/pull/37066
[x] EVP_PKEY_X25519: https://github.com/nodejs/node/pull/26774
[x] EVP_PKEY_X448: https://github.com/nodejs/node/pull/26774
[x] EVP_PKEY_ED25519: https://github.com/nodejs/node/pull/26319 and https://github.com/nodejs/node/pull/26554
[x] EVP_PKEY_ED448: https://github.com/nodejs/node/pull/26319 and https://github.com/nodejs/node/pull/26554

The next step is to determine which of the above key types need to be dealt with in which way. Some of these types do not represent actual asymmetric keys (e.g., EVP_PKEY_SCRYPT) and thus don't need to be dealt with in the KeyObject API:

EVP_PKEY_SCRYPT: KDF
EVP_PKEY_HMAC: MAC
EVP_PKEY_CMAC: MAC
EVP_PKEY_HKDF: KDF
EVP_PKEY_POLY1305: MAC
EVP_PKEY_SIPHASH: MAC / PRF
EVP_PKEY_TLS1_PRF: PRF

jasnell commented 4 years ago

@tniessen ... is this still relevant? Should it remain open?

tniessen commented 4 years ago

@jasnell I think so, yes. Please leave it open for now.

jasnell commented 3 years ago

@tniessen ... just an update... I've got CMAC support on my todo list (revisiting the work that bnoordhuis had started but hadn't completed). I've also got poly1305 and siphash on my list but it'll be a while before I get to those.

On the key types, I'm really not convinced yet that the remaining key types are a priority.

nodejs / node

Supported asymmetric key types #26996