.\"
.\" This file is part of Trivial IP Encryption (TrIPE).
.\"
-.\" TrIPE is free software; you can redistribute it and/or modify
-.\" it under the terms of the GNU General Public License as published by
-.\" the Free Software Foundation; either version 2 of the License, or
-.\" (at your option) any later version.
+.\" TrIPE is free software: you can redistribute it and/or modify it under
+.\" the terms of the GNU General Public License as published by the Free
+.\" Software Foundation; either version 3 of the License, or (at your
+.\" option) any later version.
.\"
-.\" TrIPE is distributed in the hope that it will be useful,
-.\" but WITHOUT ANY WARRANTY; without even the implied warranty of
-.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-.\" GNU General Public License for more details.
+.\" TrIPE is distributed in the hope that it will be useful, but WITHOUT
+.\" ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+.\" FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+.\" for more details.
.\"
.\" You should have received a copy of the GNU General Public License
-.\" along with TrIPE; if not, write to the Free Software Foundation,
-.\" Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+.\" along with TrIPE. If not, see <https://www.gnu.org/licenses/>.
.
.\"--------------------------------------------------------------------------
.so ../common/defs.man \" @@@PRE@@@
.B ec
(elliptic curves). The default is
.BR dh .
-.ne 7
+.ne 9
.TP
.I kx-genalg
Key generation algorithm name to pass to
_
dh dh
ec ec
+x25519 x25519
+x448 x448
_
.TE
-.ne 7
+.ne 9
.TP
.I kx-param-genalg
Key generation algorithm name to pass to
_
dh dh-param
ec ec-param
+x25519 empty
+x448 empty
_
.TE
-.ne 7
+.ne 9
.TP
.I kx-param
Options to pass to
_
dh \-LS \-b3072 \-B256
ec \-Cnist-p256
+x25519 \fInone
+x448 \fInone
_
.TE
+.ne 9
.TP
.I kx-attrs
Additional attributes to set on the parameters
as
.IB key = value
pairs separated by spaces.
-Default is
-.BR serialization=constlen .
+Default depends on
+.I kx
+as follows.
+.TS
+center;
+| ci | ci |
+| lb | lb |.
+_
+kx kx-attrs
+_
+dh serialization=constlen
+ec serialization=constlen
+x25519 \fIempty
+x448 \fIempty
+_
+.TE
.TP
.I kx-expire
Expiry time for generated keys. Default is
The bulk crypto transform to use.
Default is
.BR iiv .
+.ne 8
+.TP
.I mac
-Message authentication algorithm to use. Default is
-.IB hash -hmac/ halfhashlen \fR,
-where
+Message authentication algorithm to use.
+Default depends on
+.I bulk
+as follows.
+.TS
+center;
+| ci | ci |
+| lb | lb |.
+_
+bulk mac
+_
+v0 \fIhash\fB-hmac/\fIhalfhashlen
+iiv \fIhash\fB-hmac/\fIhalfhashlenrijndael-cbc
+naclbox poly1305/128
+_
+.TE
+.IP
+(In the above,
.I halfhashlen
is half of
.IR hash 's
-output length.
+output length.)
.TP
.I mgf
Mask-generation algorithm to use. Default is
.IB hash -mgf \fR.
This is probably a good choice.
-.ne 6
+.ne 7
.TP
.I cipher
-Symmetric encryption scheme to use. Default is
-.BR rijndael-cbc .
-.ne 6
+Symmetric encryption scheme to use.
+Default depends on
+.I bulk
+as follows.
+.TS
+center;
+| ci | ci |
+| lb | lb |.
+_
+bulk cipher
+_
+v0 rijndael-cbc
+iiv rijndael-cbc
+naclbox chacha20
+_
+.TE
+.ne 8
.TP
.I sig
Signature scheme to use. Must be one of those recognized by
_
dh dsa
ec ecdsa
+x25519 ed25519
+x448 ed448
_
.TE
.ne 12
_
kcdsa dh
dsa dsa
-rsapcs1 rsa
+rsapkcs1 rsa
rsapss rsa
ecdsa ec
eckcdsa ec