1e41f4b71Sopenharmony_ci# Key Agreement Overview and Algorithm Specifications
2e41f4b71Sopenharmony_ci
3e41f4b71Sopenharmony_ci
4e41f4b71Sopenharmony_ciKey agreement allows two or more parties to jointly establish a shared key in a non-secure environment.
5e41f4b71Sopenharmony_ci
6e41f4b71Sopenharmony_ci
7e41f4b71Sopenharmony_ciThis topic describes the key agreement algorithms and specifications supported by the system.
8e41f4b71Sopenharmony_ci
9e41f4b71Sopenharmony_ci
10e41f4b71Sopenharmony_ci## ECDH
11e41f4b71Sopenharmony_ci
12e41f4b71Sopenharmony_ciThe Crypto framework provides a variety of Elliptic Curve Diffie–Hellman key exchange (ECDH) capabilities.
13e41f4b71Sopenharmony_ci
14e41f4b71Sopenharmony_ci
15e41f4b71Sopenharmony_ciWhen creating an ECDH key agreement instance, you need to specify the algorithm specifications in a string parameter, as listed in the table below.
16e41f4b71Sopenharmony_ci
17e41f4b71Sopenharmony_ci
18e41f4b71Sopenharmony_ci| Asymmetric Key Algorithm| String Parameter| API Version| 
19e41f4b71Sopenharmony_ci| -------- | -------- | -------- |
20e41f4b71Sopenharmony_ci| ECC | ECC224 | 9+ | 
21e41f4b71Sopenharmony_ci| ECC | ECC256 | 9+ | 
22e41f4b71Sopenharmony_ci| ECC | ECC384 | 9+ | 
23e41f4b71Sopenharmony_ci| ECC | ECC521 | 9+ | 
24e41f4b71Sopenharmony_ci| ECC | ECC_BrainPoolP160r1 | 11+ | 
25e41f4b71Sopenharmony_ci| ECC | ECC_BrainPoolP160t1 | 11+ | 
26e41f4b71Sopenharmony_ci| ECC | ECC_BrainPoolP192r1 | 11+ | 
27e41f4b71Sopenharmony_ci| ECC | ECC_BrainPoolP192t1 | 11+ | 
28e41f4b71Sopenharmony_ci| ECC | ECC_BrainPoolP224r1 | 11+ | 
29e41f4b71Sopenharmony_ci| ECC | ECC_BrainPoolP224t1 | 11+ | 
30e41f4b71Sopenharmony_ci| ECC | ECC_BrainPoolP256r1 | 11+ | 
31e41f4b71Sopenharmony_ci| ECC | ECC_BrainPoolP256t1 | 11+ | 
32e41f4b71Sopenharmony_ci| ECC | ECC_BrainPoolP320r1 | 11+ | 
33e41f4b71Sopenharmony_ci| ECC | ECC_BrainPoolP320t1 | 11+ | 
34e41f4b71Sopenharmony_ci| ECC | ECC_BrainPoolP384r1 | 11+ | 
35e41f4b71Sopenharmony_ci| ECC | ECC_BrainPoolP384t1 | 11+ | 
36e41f4b71Sopenharmony_ci| ECC | ECC_BrainPoolP512r1 | 11+ | 
37e41f4b71Sopenharmony_ci| ECC | ECC_BrainPoolP512t1 | 11+ | 
38e41f4b71Sopenharmony_ci| ECC | ECC | 10+ | 
39e41f4b71Sopenharmony_ci
40e41f4b71Sopenharmony_ci
41e41f4b71Sopenharmony_ciAs indicated by the last row in the preceding table, you can specify the ECDH key type without the key length and curve name to ensure compatibility with the key generated based on the key parameter. In this case, the key agreement operation varies depending on the actual key length.
42e41f4b71Sopenharmony_ci
43e41f4b71Sopenharmony_ci
44e41f4b71Sopenharmony_ci## X25519
45e41f4b71Sopenharmony_ci
46e41f4b71Sopenharmony_ciThe Crypto framework provides X25519 key agreement capabilities.
47e41f4b71Sopenharmony_ci
48e41f4b71Sopenharmony_ci
49e41f4b71Sopenharmony_ciWhen creating an X25519 key agreement instance, you need to specify the algorithm specifications in a string parameter, as listed in the table below.
50e41f4b71Sopenharmony_ci
51e41f4b71Sopenharmony_ci
52e41f4b71Sopenharmony_ci| Asymmetric Key Algorithm| String Parameter| API Version| 
53e41f4b71Sopenharmony_ci| -------- | -------- | -------- |
54e41f4b71Sopenharmony_ci| X25519 | X25519 | 11+ | 
55e41f4b71Sopenharmony_ci
56e41f4b71Sopenharmony_ci
57e41f4b71Sopenharmony_ci## DH
58e41f4b71Sopenharmony_ci
59e41f4b71Sopenharmony_ciThe Crypto framework provides Diffie–Hellman key exchange (DH) key agreement capabilities.
60e41f4b71Sopenharmony_ci
61e41f4b71Sopenharmony_ci
62e41f4b71Sopenharmony_ciWhen creating a DH key agreement instance, you need to specify the algorithm specifications in a string parameter, as listed in the table below.
63e41f4b71Sopenharmony_ci
64e41f4b71Sopenharmony_ci
65e41f4b71Sopenharmony_ci| Asymmetric Key Algorithm| String Parameter| API Version| 
66e41f4b71Sopenharmony_ci| -------- | -------- | -------- |
67e41f4b71Sopenharmony_ci| DH | DH_modp1536 | 11+ | 
68e41f4b71Sopenharmony_ci| DH | DH_modp2048 | 11+ | 
69e41f4b71Sopenharmony_ci| DH | DH_modp3072 | 11+ | 
70e41f4b71Sopenharmony_ci| DH | DH_modp4096 | 11+ | 
71e41f4b71Sopenharmony_ci| DH | DH_modp6144 | 11+ | 
72e41f4b71Sopenharmony_ci| DH | DH_modp8192 | 11+ | 
73e41f4b71Sopenharmony_ci| DH | DH_ffdhe2048 | 11+ | 
74e41f4b71Sopenharmony_ci| DH | DH_ffdhe3072 | 11+ | 
75e41f4b71Sopenharmony_ci| DH | DH_ffdhe4096 | 11+ | 
76e41f4b71Sopenharmony_ci| DH | DH_ffdhe6144 | 11+ | 
77e41f4b71Sopenharmony_ci| DH | DH_ffdhe8192 | 11+ | 
78e41f4b71Sopenharmony_ci| DH | DH | 11+ | 
79e41f4b71Sopenharmony_ci
80e41f4b71Sopenharmony_ci
81e41f4b71Sopenharmony_ciAs indicated by the last row in the preceding table, you can specify the DH key type without the named DH group to ensure compatibility with the key generated based on the key parameter. In this case, the key agreement operation varies depending on the actual key length, and unnamed DH groups are also supported.
82