Skip to content

openssl-ech

NAME

openssl-ech - ECH key generation

SYNOPSIS

openssl ech [-help] [-verbose] [-in files] [-out file] [-public_name name] [-max_name_len len] [-suite suite_str] [-ech_version version] [-select number] [-text]

DESCRIPTION

The openssl-ech(1) command generates Encrypted Client Hello (ECH) key pairs in the ECHConfig PEM file format as specified in https://datatracker.ietf.org/doc/rfc9934.

That format consists of an optional private key in PKCS#8 format and a base64 encoded ECHConfigList containing an entry with a matching public value (and possibly other entries as well).

OPTIONS

The following options are supported:

  • -help

    Print out a usage message.

  • -verbose

    Print more verbosely.

  • -in

    Provide an input ECH PEM file for printing or merging. Up to five input files can be provided via use of multiple in arguments.

  • -out file

    Name of output ECHConfig PEM file. If a new key pair was generated the output file will contain the private key and encoded ECHConfigList. If one or more input files was provided the output file will contain a set of ECHConfigList values with public keys from the inputs, and no private key(s).

  • -text

    Provide human-readable text output.

  • -public_name name

    The DNS name to use in the "public_name" field of the ECHConfig.

  • -max_name_len num

    Maximum name length field value to use in the ECHConfig.

  • -suite str

    HPKE suite to use in the ECHConfig.

  • -ech_version version

    The ECH version to use in the ECHConfig. Only 0xfe0d is supported in this version.

  • -select number

    Select the N-th ECHConfig/public key from the set of input ECH PEM files and output that.

NOTES

Ciphersuites are specified using a comma-separated list of IANA-registered codes/numbers e.g. "-c 0x20,1,3" or a comma-separated list of strings from: - KEMs: p256, p384, p521, x25519, x448 - KDFs: hkdf-sha256, hkdf-sha384, hkdf-sha512 - AEADs: aes128gcm, aes256gcm, chachapoly1305

For example the default is: x25519, hkdf-sha256, aes128gcm See OSSL_HPKE_CTX_new(3) for details.

SEE ALSO

openssl(1), openssl-s_client(1), openssl-s_server(1), SSL_set1_echstore(3)

HISTORY

This functionality described here was added in OpenSSL 4.0.

Copyright 2024 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at https://www.openssl.org/source/license.html.