Merge branch 'vendor/OPENSSL'
[dragonfly.git] / secure / lib / libcrypto / man / EVP_SealInit.3
CommitLineData
e257b235 1.\" Automatically generated by Pod::Man 2.16 (Pod::Simple 3.05)
8b0cefbb
JR
2.\"
3.\" Standard preamble:
4.\" ========================================================================
5.de Sh \" Subsection heading
984263bc
MD
6.br
7.if t .Sp
8.ne 5
9.PP
10\fB\\$1\fR
11.PP
12..
8b0cefbb 13.de Sp \" Vertical space (when we can't use .PP)
984263bc
MD
14.if t .sp .5v
15.if n .sp
16..
8b0cefbb 17.de Vb \" Begin verbatim text
984263bc
MD
18.ft CW
19.nf
20.ne \\$1
21..
8b0cefbb 22.de Ve \" End verbatim text
984263bc 23.ft R
984263bc
MD
24.fi
25..
8b0cefbb
JR
26.\" Set up some character translations and predefined strings. \*(-- will
27.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
e257b235
PA
28.\" double quote, and \*(R" will give a right double quote. \*(C+ will
29.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
30.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
31.\" nothing in troff, for use with C<>.
32.tr \(*W-
8b0cefbb 33.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
984263bc 34.ie n \{\
8b0cefbb
JR
35. ds -- \(*W-
36. ds PI pi
37. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
38. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
39. ds L" ""
40. ds R" ""
41. ds C` ""
42. ds C' ""
984263bc
MD
43'br\}
44.el\{\
8b0cefbb
JR
45. ds -- \|\(em\|
46. ds PI \(*p
47. ds L" ``
48. ds R" ''
984263bc 49'br\}
8b0cefbb 50.\"
e257b235
PA
51.\" Escape single quotes in literal strings from groff's Unicode transform.
52.ie \n(.g .ds Aq \(aq
53.el .ds Aq '
54.\"
8b0cefbb
JR
55.\" If the F register is turned on, we'll generate index entries on stderr for
56.\" titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and index
57.\" entries marked with X<> in POD. Of course, you'll have to process the
58.\" output yourself in some meaningful fashion.
e257b235 59.ie \nF \{\
8b0cefbb
JR
60. de IX
61. tm Index:\\$1\t\\n%\t"\\$2"
984263bc 62..
8b0cefbb
JR
63. nr % 0
64. rr F
984263bc 65.\}
e257b235
PA
66.el \{\
67. de IX
68..
69.\}
aac4ff6f 70.\"
8b0cefbb
JR
71.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
72.\" Fear. Run. Save yourself. No user-serviceable parts.
73. \" fudge factors for nroff and troff
984263bc 74.if n \{\
8b0cefbb
JR
75. ds #H 0
76. ds #V .8m
77. ds #F .3m
78. ds #[ \f1
79. ds #] \fP
984263bc
MD
80.\}
81.if t \{\
8b0cefbb
JR
82. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
83. ds #V .6m
84. ds #F 0
85. ds #[ \&
86. ds #] \&
984263bc 87.\}
8b0cefbb 88. \" simple accents for nroff and troff
984263bc 89.if n \{\
8b0cefbb
JR
90. ds ' \&
91. ds ` \&
92. ds ^ \&
93. ds , \&
94. ds ~ ~
95. ds /
984263bc
MD
96.\}
97.if t \{\
8b0cefbb
JR
98. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
99. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
100. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
101. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
102. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
103. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
984263bc 104.\}
8b0cefbb 105. \" troff and (daisy-wheel) nroff accents
984263bc
MD
106.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
107.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
108.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
109.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
110.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
111.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
112.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
113.ds ae a\h'-(\w'a'u*4/10)'e
114.ds Ae A\h'-(\w'A'u*4/10)'E
8b0cefbb 115. \" corrections for vroff
984263bc
MD
116.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
117.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
8b0cefbb 118. \" for low resolution devices (crt and lpr)
984263bc
MD
119.if \n(.H>23 .if \n(.V>19 \
120\{\
8b0cefbb
JR
121. ds : e
122. ds 8 ss
123. ds o a
124. ds d- d\h'-1'\(ga
125. ds D- D\h'-1'\(hy
126. ds th \o'bp'
127. ds Th \o'LP'
128. ds ae ae
129. ds Ae AE
984263bc
MD
130.\}
131.rm #[ #] #H #V #F C
8b0cefbb
JR
132.\" ========================================================================
133.\"
134.IX Title "EVP_SealInit 3"
fc468453 135.TH EVP_SealInit 3 "2010-02-27" "0.9.8m" "OpenSSL"
e257b235
PA
136.\" For nroff, turn off justification. Always turn off hyphenation; it makes
137.\" way too many mistakes in technical documents.
138.if n .ad l
139.nh
984263bc 140.SH "NAME"
74dab6c2 141EVP_SealInit, EVP_SealUpdate, EVP_SealFinal \- EVP envelope encryption
984263bc 142.SH "SYNOPSIS"
8b0cefbb 143.IX Header "SYNOPSIS"
984263bc
MD
144.Vb 1
145\& #include <openssl/evp.h>
e257b235 146\&
a561f9ff
SS
147\& int EVP_SealInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
148\& unsigned char **ek, int *ekl, unsigned char *iv,
149\& EVP_PKEY **pubk, int npubk);
984263bc
MD
150\& int EVP_SealUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
151\& int *outl, unsigned char *in, int inl);
152\& int EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out,
153\& int *outl);
154.Ve
155.SH "DESCRIPTION"
8b0cefbb
JR
156.IX Header "DESCRIPTION"
157The \s-1EVP\s0 envelope routines are a high level interface to envelope
158encryption. They generate a random key and \s-1IV\s0 (if required) then
159\&\*(L"envelope\*(R" it by using public key encryption. Data can then be
984263bc
MD
160encrypted using this key.
161.PP
8b0cefbb
JR
162\&\fIEVP_SealInit()\fR initializes a cipher context \fBctx\fR for encryption
163with cipher \fBtype\fR using a random secret key and \s-1IV\s0. \fBtype\fR is normally
984263bc
MD
164supplied by a function such as \fIEVP_des_cbc()\fR. The secret key is encrypted
165using one or more public keys, this allows the same encrypted data to be
166decrypted using any of the corresponding private keys. \fBek\fR is an array of
167buffers where the public key encrypted secret key will be written, each buffer
168must contain enough room for the corresponding encrypted key: that is
8b0cefbb 169\&\fBek[i]\fR must have room for \fBEVP_PKEY_size(pubk[i])\fR bytes. The actual
984263bc
MD
170size of each encrypted secret key is written to the array \fBekl\fR. \fBpubk\fR is
171an array of \fBnpubk\fR public keys.
172.PP
8b0cefbb
JR
173The \fBiv\fR parameter is a buffer where the generated \s-1IV\s0 is written to. It must
174contain enough room for the corresponding cipher's \s-1IV\s0, as determined by (for
175example) EVP_CIPHER_iv_length(type).
984263bc 176.PP
8b0cefbb
JR
177If the cipher does not require an \s-1IV\s0 then the \fBiv\fR parameter is ignored
178and can be \fB\s-1NULL\s0\fR.
984263bc 179.PP
8b0cefbb 180\&\fIEVP_SealUpdate()\fR and \fIEVP_SealFinal()\fR have exactly the same properties
984263bc 181as the \fIEVP_EncryptUpdate()\fR and \fIEVP_EncryptFinal()\fR routines, as
8b0cefbb 182documented on the \fIEVP_EncryptInit\fR\|(3) manual
e257b235 183page.
984263bc 184.SH "RETURN VALUES"
8b0cefbb
JR
185.IX Header "RETURN VALUES"
186\&\fIEVP_SealInit()\fR returns 0 on error or \fBnpubk\fR if successful.
984263bc 187.PP
8b0cefbb 188\&\fIEVP_SealUpdate()\fR and \fIEVP_SealFinal()\fR return 1 for success and 0 for
984263bc
MD
189failure.
190.SH "NOTES"
8b0cefbb 191.IX Header "NOTES"
984263bc
MD
192Because a random secret key is generated the random number generator
193must be seeded before calling \fIEVP_SealInit()\fR.
194.PP
8b0cefbb 195The public key must be \s-1RSA\s0 because it is the only OpenSSL public key
984263bc
MD
196algorithm that supports key transport.
197.PP
198Envelope encryption is the usual method of using public key encryption
199on large amounts of data, this is because public key encryption is slow
200but symmetric encryption is fast. So symmetric encryption is used for
201bulk encryption and the small random symmetric key used is transferred
202using public key encryption.
203.PP
204It is possible to call \fIEVP_SealInit()\fR twice in the same way as
8b0cefbb 205\&\fIEVP_EncryptInit()\fR. The first call should have \fBnpubk\fR set to 0
984263bc 206and (after setting any cipher parameters) it should be called again
8b0cefbb 207with \fBtype\fR set to \s-1NULL\s0.
984263bc 208.SH "SEE ALSO"
74dab6c2 209.IX Header "SEE ALSO"
8b0cefbb
JR
210\&\fIevp\fR\|(3), \fIrand\fR\|(3),
211\&\fIEVP_EncryptInit\fR\|(3),
212\&\fIEVP_OpenInit\fR\|(3)
213.SH "HISTORY"
984263bc 214.IX Header "HISTORY"
8b0cefbb 215\&\fIEVP_SealFinal()\fR did not return a value before OpenSSL 0.9.7.