Commit | Line | Data |
---|---|---|
5a44c043 | 1 | .\" Automatically generated by Pod::Man 2.27 (Pod::Simple 3.28) |
8b0cefbb JR |
2 | .\" |
3 | .\" Standard preamble: | |
4 | .\" ======================================================================== | |
8b0cefbb | 5 | .de Sp \" Vertical space (when we can't use .PP) |
984263bc MD |
6 | .if t .sp .5v |
7 | .if n .sp | |
8 | .. | |
8b0cefbb | 9 | .de Vb \" Begin verbatim text |
984263bc MD |
10 | .ft CW |
11 | .nf | |
12 | .ne \\$1 | |
13 | .. | |
8b0cefbb | 14 | .de Ve \" End verbatim text |
984263bc | 15 | .ft R |
984263bc MD |
16 | .fi |
17 | .. | |
8b0cefbb JR |
18 | .\" Set up some character translations and predefined strings. \*(-- will |
19 | .\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left | |
e257b235 PA |
20 | .\" double quote, and \*(R" will give a right double quote. \*(C+ will |
21 | .\" give a nicer C++. Capital omega is used to do unbreakable dashes and | |
22 | .\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff, | |
23 | .\" nothing in troff, for use with C<>. | |
24 | .tr \(*W- | |
8b0cefbb | 25 | .ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' |
984263bc | 26 | .ie n \{\ |
8b0cefbb JR |
27 | . ds -- \(*W- |
28 | . ds PI pi | |
29 | . if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch | |
30 | . if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch | |
31 | . ds L" "" | |
32 | . ds R" "" | |
33 | . ds C` "" | |
34 | . ds C' "" | |
984263bc MD |
35 | 'br\} |
36 | .el\{\ | |
8b0cefbb JR |
37 | . ds -- \|\(em\| |
38 | . ds PI \(*p | |
39 | . ds L" `` | |
40 | . ds R" '' | |
5a44c043 SW |
41 | . ds C` |
42 | . ds C' | |
984263bc | 43 | 'br\} |
8b0cefbb | 44 | .\" |
e257b235 PA |
45 | .\" Escape single quotes in literal strings from groff's Unicode transform. |
46 | .ie \n(.g .ds Aq \(aq | |
47 | .el .ds Aq ' | |
48 | .\" | |
8b0cefbb | 49 | .\" If the F register is turned on, we'll generate index entries on stderr for |
01185282 | 50 | .\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index |
8b0cefbb JR |
51 | .\" entries marked with X<> in POD. Of course, you'll have to process the |
52 | .\" output yourself in some meaningful fashion. | |
5a44c043 SW |
53 | .\" |
54 | .\" Avoid warning from groff about undefined register 'F'. | |
55 | .de IX | |
984263bc | 56 | .. |
5a44c043 SW |
57 | .nr rF 0 |
58 | .if \n(.g .if rF .nr rF 1 | |
59 | .if (\n(rF:(\n(.g==0)) \{ | |
60 | . if \nF \{ | |
61 | . de IX | |
62 | . tm Index:\\$1\t\\n%\t"\\$2" | |
e257b235 | 63 | .. |
5a44c043 SW |
64 | . if !\nF==2 \{ |
65 | . nr % 0 | |
66 | . nr F 2 | |
67 | . \} | |
68 | . \} | |
e257b235 | 69 | .\} |
5a44c043 | 70 | .rr rF |
aac4ff6f | 71 | .\" |
8b0cefbb JR |
72 | .\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). |
73 | .\" Fear. Run. Save yourself. No user-serviceable parts. | |
74 | . \" fudge factors for nroff and troff | |
984263bc | 75 | .if n \{\ |
8b0cefbb JR |
76 | . ds #H 0 |
77 | . ds #V .8m | |
78 | . ds #F .3m | |
79 | . ds #[ \f1 | |
80 | . ds #] \fP | |
984263bc MD |
81 | .\} |
82 | .if t \{\ | |
8b0cefbb JR |
83 | . ds #H ((1u-(\\\\n(.fu%2u))*.13m) |
84 | . ds #V .6m | |
85 | . ds #F 0 | |
86 | . ds #[ \& | |
87 | . ds #] \& | |
984263bc | 88 | .\} |
8b0cefbb | 89 | . \" simple accents for nroff and troff |
984263bc | 90 | .if n \{\ |
8b0cefbb JR |
91 | . ds ' \& |
92 | . ds ` \& | |
93 | . ds ^ \& | |
94 | . ds , \& | |
95 | . ds ~ ~ | |
96 | . ds / | |
984263bc MD |
97 | .\} |
98 | .if t \{\ | |
8b0cefbb JR |
99 | . ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" |
100 | . ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' | |
101 | . ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' | |
102 | . ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' | |
103 | . ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' | |
104 | . ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' | |
984263bc | 105 | .\} |
8b0cefbb | 106 | . \" troff and (daisy-wheel) nroff accents |
984263bc MD |
107 | .ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' |
108 | .ds 8 \h'\*(#H'\(*b\h'-\*(#H' | |
109 | .ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] | |
110 | .ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' | |
111 | .ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' | |
112 | .ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] | |
113 | .ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] | |
114 | .ds ae a\h'-(\w'a'u*4/10)'e | |
115 | .ds Ae A\h'-(\w'A'u*4/10)'E | |
8b0cefbb | 116 | . \" corrections for vroff |
984263bc MD |
117 | .if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' |
118 | .if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' | |
8b0cefbb | 119 | . \" for low resolution devices (crt and lpr) |
984263bc MD |
120 | .if \n(.H>23 .if \n(.V>19 \ |
121 | \{\ | |
8b0cefbb JR |
122 | . ds : e |
123 | . ds 8 ss | |
124 | . ds o a | |
125 | . ds d- d\h'-1'\(ga | |
126 | . ds D- D\h'-1'\(hy | |
127 | . ds th \o'bp' | |
128 | . ds Th \o'LP' | |
129 | . ds ae ae | |
130 | . ds Ae AE | |
984263bc MD |
131 | .\} |
132 | .rm #[ #] #H #V #F C | |
8b0cefbb JR |
133 | .\" ======================================================================== |
134 | .\" | |
135 | .IX Title "EVP_EncryptInit 3" | |
7dc78669 | 136 | .TH EVP_EncryptInit 3 "2015-07-09" "1.0.1p" "OpenSSL" |
e257b235 PA |
137 | .\" For nroff, turn off justification. Always turn off hyphenation; it makes |
138 | .\" way too many mistakes in technical documents. | |
139 | .if n .ad l | |
140 | .nh | |
984263bc MD |
141 | .SH "NAME" |
142 | EVP_CIPHER_CTX_init, EVP_EncryptInit_ex, EVP_EncryptUpdate, | |
143 | EVP_EncryptFinal_ex, EVP_DecryptInit_ex, EVP_DecryptUpdate, | |
144 | EVP_DecryptFinal_ex, EVP_CipherInit_ex, EVP_CipherUpdate, | |
145 | EVP_CipherFinal_ex, EVP_CIPHER_CTX_set_key_length, | |
146 | EVP_CIPHER_CTX_ctrl, EVP_CIPHER_CTX_cleanup, EVP_EncryptInit, | |
147 | EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, | |
148 | EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, | |
149 | EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, | |
150 | EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, | |
151 | EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, | |
152 | EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, | |
153 | EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, | |
154 | EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, | |
155 | EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, | |
74dab6c2 | 156 | EVP_CIPHER_CTX_set_padding \- EVP cipher routines |
984263bc | 157 | .SH "SYNOPSIS" |
8b0cefbb | 158 | .IX Header "SYNOPSIS" |
984263bc MD |
159 | .Vb 1 |
160 | \& #include <openssl/evp.h> | |
e257b235 | 161 | \& |
a561f9ff | 162 | \& void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a); |
e257b235 | 163 | \& |
984263bc MD |
164 | \& int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, |
165 | \& ENGINE *impl, unsigned char *key, unsigned char *iv); | |
166 | \& int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, | |
167 | \& int *outl, unsigned char *in, int inl); | |
168 | \& int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, | |
169 | \& int *outl); | |
e257b235 | 170 | \& |
984263bc MD |
171 | \& int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, |
172 | \& ENGINE *impl, unsigned char *key, unsigned char *iv); | |
173 | \& int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, | |
174 | \& int *outl, unsigned char *in, int inl); | |
175 | \& int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, | |
176 | \& int *outl); | |
e257b235 | 177 | \& |
984263bc MD |
178 | \& int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, |
179 | \& ENGINE *impl, unsigned char *key, unsigned char *iv, int enc); | |
180 | \& int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, | |
181 | \& int *outl, unsigned char *in, int inl); | |
182 | \& int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, | |
183 | \& int *outl); | |
e257b235 | 184 | \& |
984263bc MD |
185 | \& int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, |
186 | \& unsigned char *key, unsigned char *iv); | |
187 | \& int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, | |
188 | \& int *outl); | |
e257b235 | 189 | \& |
984263bc MD |
190 | \& int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, |
191 | \& unsigned char *key, unsigned char *iv); | |
192 | \& int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, | |
193 | \& int *outl); | |
e257b235 | 194 | \& |
984263bc MD |
195 | \& int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, |
196 | \& unsigned char *key, unsigned char *iv, int enc); | |
197 | \& int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, | |
198 | \& int *outl); | |
e257b235 | 199 | \& |
984263bc MD |
200 | \& int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding); |
201 | \& int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen); | |
202 | \& int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr); | |
203 | \& int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a); | |
e257b235 | 204 | \& |
984263bc MD |
205 | \& const EVP_CIPHER *EVP_get_cipherbyname(const char *name); |
206 | \& #define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a)) | |
207 | \& #define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a)) | |
e257b235 PA |
208 | \& |
209 | \& #define EVP_CIPHER_nid(e) ((e)\->nid) | |
210 | \& #define EVP_CIPHER_block_size(e) ((e)\->block_size) | |
211 | \& #define EVP_CIPHER_key_length(e) ((e)\->key_len) | |
212 | \& #define EVP_CIPHER_iv_length(e) ((e)\->iv_len) | |
213 | \& #define EVP_CIPHER_flags(e) ((e)\->flags) | |
214 | \& #define EVP_CIPHER_mode(e) ((e)\->flags) & EVP_CIPH_MODE) | |
984263bc | 215 | \& int EVP_CIPHER_type(const EVP_CIPHER *ctx); |
e257b235 PA |
216 | \& |
217 | \& #define EVP_CIPHER_CTX_cipher(e) ((e)\->cipher) | |
218 | \& #define EVP_CIPHER_CTX_nid(e) ((e)\->cipher\->nid) | |
219 | \& #define EVP_CIPHER_CTX_block_size(e) ((e)\->cipher\->block_size) | |
220 | \& #define EVP_CIPHER_CTX_key_length(e) ((e)\->key_len) | |
221 | \& #define EVP_CIPHER_CTX_iv_length(e) ((e)\->cipher\->iv_len) | |
222 | \& #define EVP_CIPHER_CTX_get_app_data(e) ((e)\->app_data) | |
223 | \& #define EVP_CIPHER_CTX_set_app_data(e,d) ((e)\->app_data=(char *)(d)) | |
984263bc | 224 | \& #define EVP_CIPHER_CTX_type(c) EVP_CIPHER_type(EVP_CIPHER_CTX_cipher(c)) |
e257b235 PA |
225 | \& #define EVP_CIPHER_CTX_flags(e) ((e)\->cipher\->flags) |
226 | \& #define EVP_CIPHER_CTX_mode(e) ((e)\->cipher\->flags & EVP_CIPH_MODE) | |
227 | \& | |
984263bc MD |
228 | \& int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type); |
229 | \& int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type); | |
230 | .Ve | |
231 | .SH "DESCRIPTION" | |
8b0cefbb JR |
232 | .IX Header "DESCRIPTION" |
233 | The \s-1EVP\s0 cipher routines are a high level interface to certain | |
984263bc MD |
234 | symmetric ciphers. |
235 | .PP | |
8b0cefbb | 236 | \&\fIEVP_CIPHER_CTX_init()\fR initializes cipher contex \fBctx\fR. |
984263bc | 237 | .PP |
8b0cefbb | 238 | \&\fIEVP_EncryptInit_ex()\fR sets up cipher context \fBctx\fR for encryption |
5a44c043 | 239 | with cipher \fBtype\fR from \s-1ENGINE \s0\fBimpl\fR. \fBctx\fR must be initialized |
984263bc | 240 | before calling this function. \fBtype\fR is normally supplied |
8b0cefbb | 241 | by a function such as \fIEVP_des_cbc()\fR. If \fBimpl\fR is \s-1NULL\s0 then the |
984263bc | 242 | default implementation is used. \fBkey\fR is the symmetric key to use |
8b0cefbb JR |
243 | and \fBiv\fR is the \s-1IV\s0 to use (if necessary), the actual number of bytes |
244 | used for the key and \s-1IV\s0 depends on the cipher. It is possible to set | |
245 | all parameters to \s-1NULL\s0 except \fBtype\fR in an initial call and supply | |
984263bc | 246 | the remaining parameters in subsequent calls, all of which have \fBtype\fR |
5a44c043 | 247 | set to \s-1NULL.\s0 This is done when the default cipher parameters are not |
984263bc MD |
248 | appropriate. |
249 | .PP | |
8b0cefbb | 250 | \&\fIEVP_EncryptUpdate()\fR encrypts \fBinl\fR bytes from the buffer \fBin\fR and |
984263bc MD |
251 | writes the encrypted version to \fBout\fR. This function can be called |
252 | multiple times to encrypt successive blocks of data. The amount | |
253 | of data written depends on the block alignment of the encrypted data: | |
254 | as a result the amount of data written may be anything from zero bytes | |
ca2244c8 | 255 | to (inl + cipher_block_size \- 1) so \fBout\fR should contain sufficient |
984263bc MD |
256 | room. The actual number of bytes written is placed in \fBoutl\fR. |
257 | .PP | |
258 | If padding is enabled (the default) then \fIEVP_EncryptFinal_ex()\fR encrypts | |
259 | the \*(L"final\*(R" data, that is any data that remains in a partial block. | |
8b0cefbb | 260 | It uses standard block padding (aka \s-1PKCS\s0 padding). The encrypted |
984263bc MD |
261 | final data is written to \fBout\fR which should have sufficient space for |
262 | one cipher block. The number of bytes written is placed in \fBoutl\fR. After | |
263 | this function is called the encryption operation is finished and no further | |
264 | calls to \fIEVP_EncryptUpdate()\fR should be made. | |
265 | .PP | |
266 | If padding is disabled then \fIEVP_EncryptFinal_ex()\fR will not encrypt any more | |
267 | data and it will return an error if any data remains in a partial block: | |
e257b235 | 268 | that is if the total data length is not a multiple of the block size. |
984263bc | 269 | .PP |
8b0cefbb | 270 | \&\fIEVP_DecryptInit_ex()\fR, \fIEVP_DecryptUpdate()\fR and \fIEVP_DecryptFinal_ex()\fR are the |
984263bc MD |
271 | corresponding decryption operations. \fIEVP_DecryptFinal()\fR will return an |
272 | error code if padding is enabled and the final block is not correctly | |
273 | formatted. The parameters and restrictions are identical to the encryption | |
274 | operations except that if padding is enabled the decrypted data buffer \fBout\fR | |
275 | passed to \fIEVP_DecryptUpdate()\fR should have sufficient room for | |
276 | (\fBinl\fR + cipher_block_size) bytes unless the cipher block size is 1 in | |
277 | which case \fBinl\fR bytes is sufficient. | |
278 | .PP | |
8b0cefbb | 279 | \&\fIEVP_CipherInit_ex()\fR, \fIEVP_CipherUpdate()\fR and \fIEVP_CipherFinal_ex()\fR are |
984263bc MD |
280 | functions that can be used for decryption or encryption. The operation |
281 | performed depends on the value of the \fBenc\fR parameter. It should be set | |
282 | to 1 for encryption, 0 for decryption and \-1 to leave the value unchanged | |
8b0cefbb | 283 | (the actual value of 'enc' being supplied in a previous call). |
984263bc | 284 | .PP |
8b0cefbb | 285 | \&\fIEVP_CIPHER_CTX_cleanup()\fR clears all information from a cipher context |
984263bc MD |
286 | and free up any allocated memory associate with it. It should be called |
287 | after all operations using a cipher are complete so sensitive information | |
288 | does not remain in memory. | |
289 | .PP | |
8b0cefbb | 290 | \&\fIEVP_EncryptInit()\fR, \fIEVP_DecryptInit()\fR and \fIEVP_CipherInit()\fR behave in a |
984263bc | 291 | similar way to \fIEVP_EncryptInit_ex()\fR, EVP_DecryptInit_ex and |
11c7e1cd | 292 | \&\fIEVP_CipherInit_ex()\fR except the \fBctx\fR parameter does not need to be |
984263bc MD |
293 | initialized and they always use the default cipher implementation. |
294 | .PP | |
8b0cefbb | 295 | \&\fIEVP_EncryptFinal()\fR, \fIEVP_DecryptFinal()\fR and \fIEVP_CipherFinal()\fR behave in a |
984263bc | 296 | similar way to \fIEVP_EncryptFinal_ex()\fR, \fIEVP_DecryptFinal_ex()\fR and |
8b0cefbb | 297 | \&\fIEVP_CipherFinal_ex()\fR except \fBctx\fR is automatically cleaned up |
984263bc MD |
298 | after the call. |
299 | .PP | |
8b0cefbb JR |
300 | \&\fIEVP_get_cipherbyname()\fR, \fIEVP_get_cipherbynid()\fR and \fIEVP_get_cipherbyobj()\fR |
301 | return an \s-1EVP_CIPHER\s0 structure when passed a cipher name, a \s-1NID\s0 or an | |
302 | \&\s-1ASN1_OBJECT\s0 structure. | |
984263bc | 303 | .PP |
8b0cefbb JR |
304 | \&\fIEVP_CIPHER_nid()\fR and \fIEVP_CIPHER_CTX_nid()\fR return the \s-1NID\s0 of a cipher when |
305 | passed an \fB\s-1EVP_CIPHER\s0\fR or \fB\s-1EVP_CIPHER_CTX\s0\fR structure. The actual \s-1NID\s0 | |
5a44c043 SW |
306 | value is an internal value which may not have a corresponding \s-1OBJECT |
307 | IDENTIFIER.\s0 | |
984263bc | 308 | .PP |
8b0cefbb | 309 | \&\fIEVP_CIPHER_CTX_set_padding()\fR enables or disables padding. By default |
984263bc MD |
310 | encryption operations are padded using standard block padding and the |
311 | padding is checked and removed when decrypting. If the \fBpad\fR parameter | |
312 | is zero then no padding is performed, the total amount of data encrypted | |
313 | or decrypted must then be a multiple of the block size or an error will | |
314 | occur. | |
315 | .PP | |
8b0cefbb JR |
316 | \&\fIEVP_CIPHER_key_length()\fR and \fIEVP_CIPHER_CTX_key_length()\fR return the key |
317 | length of a cipher when passed an \fB\s-1EVP_CIPHER\s0\fR or \fB\s-1EVP_CIPHER_CTX\s0\fR | |
318 | structure. The constant \fB\s-1EVP_MAX_KEY_LENGTH\s0\fR is the maximum key length | |
984263bc MD |
319 | for all ciphers. Note: although \fIEVP_CIPHER_key_length()\fR is fixed for a |
320 | given cipher, the value of \fIEVP_CIPHER_CTX_key_length()\fR may be different | |
321 | for variable key length ciphers. | |
322 | .PP | |
8b0cefbb | 323 | \&\fIEVP_CIPHER_CTX_set_key_length()\fR sets the key length of the cipher ctx. |
984263bc MD |
324 | If the cipher is a fixed length cipher then attempting to set the key |
325 | length to any value other than the fixed value is an error. | |
326 | .PP | |
8b0cefbb JR |
327 | \&\fIEVP_CIPHER_iv_length()\fR and \fIEVP_CIPHER_CTX_iv_length()\fR return the \s-1IV\s0 |
328 | length of a cipher when passed an \fB\s-1EVP_CIPHER\s0\fR or \fB\s-1EVP_CIPHER_CTX\s0\fR. | |
5a44c043 | 329 | It will return zero if the cipher does not use an \s-1IV. \s0 The constant |
8b0cefbb | 330 | \&\fB\s-1EVP_MAX_IV_LENGTH\s0\fR is the maximum \s-1IV\s0 length for all ciphers. |
984263bc | 331 | .PP |
8b0cefbb JR |
332 | \&\fIEVP_CIPHER_block_size()\fR and \fIEVP_CIPHER_CTX_block_size()\fR return the block |
333 | size of a cipher when passed an \fB\s-1EVP_CIPHER\s0\fR or \fB\s-1EVP_CIPHER_CTX\s0\fR | |
334 | structure. The constant \fB\s-1EVP_MAX_IV_LENGTH\s0\fR is also the maximum block | |
984263bc MD |
335 | length for all ciphers. |
336 | .PP | |
8b0cefbb | 337 | \&\fIEVP_CIPHER_type()\fR and \fIEVP_CIPHER_CTX_type()\fR return the type of the passed |
5a44c043 SW |
338 | cipher or context. This \*(L"type\*(R" is the actual \s-1NID\s0 of the cipher \s-1OBJECT |
339 | IDENTIFIER\s0 as such it ignores the cipher parameters and 40 bit \s-1RC2\s0 and | |
340 | 128 bit \s-1RC2\s0 have the same \s-1NID.\s0 If the cipher does not have an object | |
8b0cefbb JR |
341 | identifier or does not have \s-1ASN1\s0 support this function will return |
342 | \&\fBNID_undef\fR. | |
984263bc | 343 | .PP |
8b0cefbb JR |
344 | \&\fIEVP_CIPHER_CTX_cipher()\fR returns the \fB\s-1EVP_CIPHER\s0\fR structure when passed |
345 | an \fB\s-1EVP_CIPHER_CTX\s0\fR structure. | |
984263bc | 346 | .PP |
8b0cefbb | 347 | \&\fIEVP_CIPHER_mode()\fR and \fIEVP_CIPHER_CTX_mode()\fR return the block cipher mode: |
5a44c043 SW |
348 | \&\s-1EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE\s0 or |
349 | \&\s-1EVP_CIPH_OFB_MODE.\s0 If the cipher is a stream cipher then | |
8b0cefbb | 350 | \&\s-1EVP_CIPH_STREAM_CIPHER\s0 is returned. |
984263bc | 351 | .PP |
8b0cefbb | 352 | \&\fIEVP_CIPHER_param_to_asn1()\fR sets the AlgorithmIdentifier \*(L"parameter\*(R" based |
984263bc | 353 | on the passed cipher. This will typically include any parameters and an |
5a44c043 | 354 | \&\s-1IV.\s0 The cipher \s-1IV \s0(if any) must be set when this call is made. This call |
984263bc | 355 | should be made before the cipher is actually \*(L"used\*(R" (before any |
8b0cefbb JR |
356 | \&\fIEVP_EncryptUpdate()\fR, \fIEVP_DecryptUpdate()\fR calls for example). This function |
357 | may fail if the cipher does not have any \s-1ASN1\s0 support. | |
984263bc | 358 | .PP |
8b0cefbb | 359 | \&\fIEVP_CIPHER_asn1_to_param()\fR sets the cipher parameters based on an \s-1ASN1\s0 |
984263bc | 360 | AlgorithmIdentifier \*(L"parameter\*(R". The precise effect depends on the cipher |
5a44c043 | 361 | In the case of \s-1RC2,\s0 for example, it will set the \s-1IV\s0 and effective key length. |
984263bc | 362 | This function should be called after the base cipher type is set but before |
8b0cefbb | 363 | the key is set. For example \fIEVP_CipherInit()\fR will be called with the \s-1IV\s0 and |
5a44c043 SW |
364 | key set to \s-1NULL,\s0 \fIEVP_CIPHER_asn1_to_param()\fR will be called and finally |
365 | \&\fIEVP_CipherInit()\fR again with all parameters except the key set to \s-1NULL.\s0 It is | |
8b0cefbb JR |
366 | possible for this function to fail if the cipher does not have any \s-1ASN1\s0 support |
367 | or the parameters cannot be set (for example the \s-1RC2\s0 effective key length | |
984263bc MD |
368 | is not supported. |
369 | .PP | |
8b0cefbb JR |
370 | \&\fIEVP_CIPHER_CTX_ctrl()\fR allows various cipher specific parameters to be determined |
371 | and set. Currently only the \s-1RC2\s0 effective key length and the number of rounds of | |
372 | \&\s-1RC5\s0 can be set. | |
984263bc | 373 | .SH "RETURN VALUES" |
8b0cefbb | 374 | .IX Header "RETURN VALUES" |
a561f9ff SS |
375 | \&\fIEVP_EncryptInit_ex()\fR, \fIEVP_EncryptUpdate()\fR and \fIEVP_EncryptFinal_ex()\fR |
376 | return 1 for success and 0 for failure. | |
984263bc | 377 | .PP |
8b0cefbb JR |
378 | \&\fIEVP_DecryptInit_ex()\fR and \fIEVP_DecryptUpdate()\fR return 1 for success and 0 for failure. |
379 | \&\fIEVP_DecryptFinal_ex()\fR returns 0 if the decrypt failed or 1 for success. | |
984263bc | 380 | .PP |
8b0cefbb JR |
381 | \&\fIEVP_CipherInit_ex()\fR and \fIEVP_CipherUpdate()\fR return 1 for success and 0 for failure. |
382 | \&\fIEVP_CipherFinal_ex()\fR returns 0 for a decryption failure or 1 for success. | |
984263bc | 383 | .PP |
8b0cefbb | 384 | \&\fIEVP_CIPHER_CTX_cleanup()\fR returns 1 for success and 0 for failure. |
984263bc | 385 | .PP |
8b0cefbb JR |
386 | \&\fIEVP_get_cipherbyname()\fR, \fIEVP_get_cipherbynid()\fR and \fIEVP_get_cipherbyobj()\fR |
387 | return an \fB\s-1EVP_CIPHER\s0\fR structure or \s-1NULL\s0 on error. | |
984263bc | 388 | .PP |
5a44c043 | 389 | \&\fIEVP_CIPHER_nid()\fR and \fIEVP_CIPHER_CTX_nid()\fR return a \s-1NID.\s0 |
984263bc | 390 | .PP |
8b0cefbb | 391 | \&\fIEVP_CIPHER_block_size()\fR and \fIEVP_CIPHER_CTX_block_size()\fR return the block |
984263bc MD |
392 | size. |
393 | .PP | |
8b0cefbb | 394 | \&\fIEVP_CIPHER_key_length()\fR and \fIEVP_CIPHER_CTX_key_length()\fR return the key |
984263bc MD |
395 | length. |
396 | .PP | |
8b0cefbb | 397 | \&\fIEVP_CIPHER_CTX_set_padding()\fR always returns 1. |
984263bc | 398 | .PP |
8b0cefbb | 399 | \&\fIEVP_CIPHER_iv_length()\fR and \fIEVP_CIPHER_CTX_iv_length()\fR return the \s-1IV\s0 |
5a44c043 | 400 | length or zero if the cipher does not use an \s-1IV.\s0 |
984263bc | 401 | .PP |
8b0cefbb | 402 | \&\fIEVP_CIPHER_type()\fR and \fIEVP_CIPHER_CTX_type()\fR return the \s-1NID\s0 of the cipher's |
5a44c043 | 403 | \&\s-1OBJECT IDENTIFIER\s0 or NID_undef if it has no defined \s-1OBJECT IDENTIFIER.\s0 |
984263bc | 404 | .PP |
8b0cefbb | 405 | \&\fIEVP_CIPHER_CTX_cipher()\fR returns an \fB\s-1EVP_CIPHER\s0\fR structure. |
984263bc | 406 | .PP |
8b0cefbb | 407 | \&\fIEVP_CIPHER_param_to_asn1()\fR and \fIEVP_CIPHER_asn1_to_param()\fR return 1 for |
984263bc MD |
408 | success or zero for failure. |
409 | .SH "CIPHER LISTING" | |
8b0cefbb | 410 | .IX Header "CIPHER LISTING" |
984263bc | 411 | All algorithms have a fixed key length unless otherwise stated. |
8b0cefbb JR |
412 | .IP "\fIEVP_enc_null()\fR" 4 |
413 | .IX Item "EVP_enc_null()" | |
984263bc | 414 | Null cipher: does nothing. |
8b0cefbb JR |
415 | .IP "EVP_des_cbc(void), EVP_des_ecb(void), EVP_des_cfb(void), EVP_des_ofb(void)" 4 |
416 | .IX Item "EVP_des_cbc(void), EVP_des_ecb(void), EVP_des_cfb(void), EVP_des_ofb(void)" | |
5a44c043 | 417 | \&\s-1DES\s0 in \s-1CBC, ECB, CFB\s0 and \s-1OFB\s0 modes respectively. |
8b0cefbb | 418 | .IP "EVP_des_ede_cbc(void), \fIEVP_des_ede()\fR, EVP_des_ede_ofb(void), EVP_des_ede_cfb(void)" 4 |
5a44c043 SW |
419 | .IX Item "EVP_des_ede_cbc(void), EVP_des_ede(), EVP_des_ede_ofb(void), EVP_des_ede_cfb(void)" |
420 | Two key triple \s-1DES\s0 in \s-1CBC, ECB, CFB\s0 and \s-1OFB\s0 modes respectively. | |
8b0cefbb | 421 | .IP "EVP_des_ede3_cbc(void), \fIEVP_des_ede3()\fR, EVP_des_ede3_ofb(void), EVP_des_ede3_cfb(void)" 4 |
5a44c043 SW |
422 | .IX Item "EVP_des_ede3_cbc(void), EVP_des_ede3(), EVP_des_ede3_ofb(void), EVP_des_ede3_cfb(void)" |
423 | Three key triple \s-1DES\s0 in \s-1CBC, ECB, CFB\s0 and \s-1OFB\s0 modes respectively. | |
8b0cefbb JR |
424 | .IP "EVP_desx_cbc(void)" 4 |
425 | .IX Item "EVP_desx_cbc(void)" | |
426 | \&\s-1DESX\s0 algorithm in \s-1CBC\s0 mode. | |
427 | .IP "EVP_rc4(void)" 4 | |
428 | .IX Item "EVP_rc4(void)" | |
429 | \&\s-1RC4\s0 stream cipher. This is a variable key length cipher with default key length 128 bits. | |
430 | .IP "EVP_rc4_40(void)" 4 | |
431 | .IX Item "EVP_rc4_40(void)" | |
432 | \&\s-1RC4\s0 stream cipher with 40 bit key length. This is obsolete and new code should use \fIEVP_rc4()\fR | |
984263bc | 433 | and the \fIEVP_CIPHER_CTX_set_key_length()\fR function. |
8b0cefbb JR |
434 | .IP "\fIEVP_idea_cbc()\fR EVP_idea_ecb(void), EVP_idea_cfb(void), EVP_idea_ofb(void), EVP_idea_cbc(void)" 4 |
435 | .IX Item "EVP_idea_cbc() EVP_idea_ecb(void), EVP_idea_cfb(void), EVP_idea_ofb(void), EVP_idea_cbc(void)" | |
5a44c043 | 436 | \&\s-1IDEA\s0 encryption algorithm in \s-1CBC, ECB, CFB\s0 and \s-1OFB\s0 modes respectively. |
8b0cefbb JR |
437 | .IP "EVP_rc2_cbc(void), EVP_rc2_ecb(void), EVP_rc2_cfb(void), EVP_rc2_ofb(void)" 4 |
438 | .IX Item "EVP_rc2_cbc(void), EVP_rc2_ecb(void), EVP_rc2_cfb(void), EVP_rc2_ofb(void)" | |
5a44c043 | 439 | \&\s-1RC2\s0 encryption algorithm in \s-1CBC, ECB, CFB\s0 and \s-1OFB\s0 modes respectively. This is a variable key |
984263bc MD |
440 | length cipher with an additional parameter called \*(L"effective key bits\*(R" or \*(L"effective key length\*(R". |
441 | By default both are set to 128 bits. | |
8b0cefbb JR |
442 | .IP "EVP_rc2_40_cbc(void), EVP_rc2_64_cbc(void)" 4 |
443 | .IX Item "EVP_rc2_40_cbc(void), EVP_rc2_64_cbc(void)" | |
444 | \&\s-1RC2\s0 algorithm in \s-1CBC\s0 mode with a default key length and effective key length of 40 and 64 bits. | |
984263bc | 445 | These are obsolete and new code should use \fIEVP_rc2_cbc()\fR, \fIEVP_CIPHER_CTX_set_key_length()\fR and |
8b0cefbb JR |
446 | \&\fIEVP_CIPHER_CTX_ctrl()\fR to set the key length and effective key length. |
447 | .IP "EVP_bf_cbc(void), EVP_bf_ecb(void), EVP_bf_cfb(void), EVP_bf_ofb(void);" 4 | |
448 | .IX Item "EVP_bf_cbc(void), EVP_bf_ecb(void), EVP_bf_cfb(void), EVP_bf_ofb(void);" | |
5a44c043 | 449 | Blowfish encryption algorithm in \s-1CBC, ECB, CFB\s0 and \s-1OFB\s0 modes respectively. This is a variable key |
984263bc | 450 | length cipher. |
8b0cefbb JR |
451 | .IP "EVP_cast5_cbc(void), EVP_cast5_ecb(void), EVP_cast5_cfb(void), EVP_cast5_ofb(void)" 4 |
452 | .IX Item "EVP_cast5_cbc(void), EVP_cast5_ecb(void), EVP_cast5_cfb(void), EVP_cast5_ofb(void)" | |
5a44c043 | 453 | \&\s-1CAST\s0 encryption algorithm in \s-1CBC, ECB, CFB\s0 and \s-1OFB\s0 modes respectively. This is a variable key |
984263bc | 454 | length cipher. |
8b0cefbb JR |
455 | .IP "EVP_rc5_32_12_16_cbc(void), EVP_rc5_32_12_16_ecb(void), EVP_rc5_32_12_16_cfb(void), EVP_rc5_32_12_16_ofb(void)" 4 |
456 | .IX Item "EVP_rc5_32_12_16_cbc(void), EVP_rc5_32_12_16_ecb(void), EVP_rc5_32_12_16_cfb(void), EVP_rc5_32_12_16_ofb(void)" | |
5a44c043 | 457 | \&\s-1RC5\s0 encryption algorithm in \s-1CBC, ECB, CFB\s0 and \s-1OFB\s0 modes respectively. This is a variable key length |
984263bc MD |
458 | cipher with an additional \*(L"number of rounds\*(R" parameter. By default the key length is set to 128 |
459 | bits and 12 rounds. | |
460 | .SH "NOTES" | |
8b0cefbb JR |
461 | .IX Header "NOTES" |
462 | Where possible the \fB\s-1EVP\s0\fR interface to symmetric ciphers should be used in | |
984263bc | 463 | preference to the low level interfaces. This is because the code then becomes |
ecf90583 SW |
464 | transparent to the cipher used and much more flexible. Additionally, the |
465 | \&\fB\s-1EVP\s0\fR interface will ensure the use of platform specific cryptographic | |
466 | acceleration such as AES-NI (the low level interfaces do not provide the | |
467 | guarantee). | |
984263bc | 468 | .PP |
8b0cefbb | 469 | \&\s-1PKCS\s0 padding works by adding \fBn\fR padding bytes of value \fBn\fR to make the total |
984263bc MD |
470 | length of the encrypted data a multiple of the block size. Padding is always |
471 | added so if the data is already a multiple of the block size \fBn\fR will equal | |
472 | the block size. For example if the block size is 8 and 11 bytes are to be | |
473 | encrypted then 5 padding bytes of value 5 will be added. | |
474 | .PP | |
475 | When decrypting the final block is checked to see if it has the correct form. | |
476 | .PP | |
477 | Although the decryption operation can produce an error if padding is enabled, | |
478 | it is not a strong test that the input data or key is correct. A random block | |
479 | has better than 1 in 256 chance of being of the correct format and problems with | |
480 | the input data earlier on will not produce a final decrypt error. | |
481 | .PP | |
482 | If padding is disabled then the decryption operation will always succeed if | |
483 | the total amount of data decrypted is a multiple of the block size. | |
484 | .PP | |
485 | The functions \fIEVP_EncryptInit()\fR, \fIEVP_EncryptFinal()\fR, \fIEVP_DecryptInit()\fR, | |
8b0cefbb | 486 | \&\fIEVP_CipherInit()\fR and \fIEVP_CipherFinal()\fR are obsolete but are retained for |
984263bc | 487 | compatibility with existing code. New code should use \fIEVP_EncryptInit_ex()\fR, |
8b0cefbb JR |
488 | \&\fIEVP_EncryptFinal_ex()\fR, \fIEVP_DecryptInit_ex()\fR, \fIEVP_DecryptFinal_ex()\fR, |
489 | \&\fIEVP_CipherInit_ex()\fR and \fIEVP_CipherFinal_ex()\fR because they can reuse an | |
984263bc MD |
490 | existing context without allocating and freeing it up on each call. |
491 | .SH "BUGS" | |
8b0cefbb JR |
492 | .IX Header "BUGS" |
493 | For \s-1RC5\s0 the number of rounds can currently only be set to 8, 12 or 16. This is | |
494 | a limitation of the current \s-1RC5\s0 code rather than the \s-1EVP\s0 interface. | |
984263bc | 495 | .PP |
8b0cefbb | 496 | \&\s-1EVP_MAX_KEY_LENGTH\s0 and \s-1EVP_MAX_IV_LENGTH\s0 only refer to the internal ciphers with |
984263bc MD |
497 | default key lengths. If custom ciphers exceed these values the results are |
498 | unpredictable. This is because it has become standard practice to define a | |
8b0cefbb | 499 | generic key as a fixed unsigned char array containing \s-1EVP_MAX_KEY_LENGTH\s0 bytes. |
984263bc | 500 | .PP |
8b0cefbb | 501 | The \s-1ASN1\s0 code is incomplete (and sometimes inaccurate) it has only been tested |
5a44c043 | 502 | for certain common S/MIME ciphers (\s-1RC2, DES,\s0 triple \s-1DES\s0) in \s-1CBC\s0 mode. |
984263bc | 503 | .SH "EXAMPLES" |
8b0cefbb | 504 | .IX Header "EXAMPLES" |
d95b477a | 505 | Encrypt a string using \s-1IDEA:\s0 |
984263bc | 506 | .PP |
d95b477a | 507 | .Vb 12 |
984263bc MD |
508 | \& int do_crypt(char *outfile) |
509 | \& { | |
510 | \& unsigned char outbuf[1024]; | |
511 | \& int outlen, tmplen; | |
e257b235 | 512 | \& /* Bogus key and IV: we\*(Aqd normally set these from |
984263bc MD |
513 | \& * another source. |
514 | \& */ | |
515 | \& unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15}; | |
516 | \& unsigned char iv[] = {1,2,3,4,5,6,7,8}; | |
517 | \& char intext[] = "Some Crypto Text"; | |
518 | \& EVP_CIPHER_CTX ctx; | |
519 | \& FILE *out; | |
d95b477a | 520 | \& |
984263bc | 521 | \& EVP_CIPHER_CTX_init(&ctx); |
d95b477a | 522 | \& EVP_EncryptInit_ex(&ctx, EVP_idea_cbc(), NULL, key, iv); |
e257b235 | 523 | \& |
984263bc MD |
524 | \& if(!EVP_EncryptUpdate(&ctx, outbuf, &outlen, intext, strlen(intext))) |
525 | \& { | |
526 | \& /* Error */ | |
527 | \& return 0; | |
528 | \& } | |
529 | \& /* Buffer passed to EVP_EncryptFinal() must be after data just | |
530 | \& * encrypted to avoid overwriting it. | |
531 | \& */ | |
532 | \& if(!EVP_EncryptFinal_ex(&ctx, outbuf + outlen, &tmplen)) | |
533 | \& { | |
534 | \& /* Error */ | |
535 | \& return 0; | |
536 | \& } | |
537 | \& outlen += tmplen; | |
538 | \& EVP_CIPHER_CTX_cleanup(&ctx); | |
539 | \& /* Need binary mode for fopen because encrypted data is | |
540 | \& * binary data. Also cannot use strlen() on it because | |
541 | \& * it wont be null terminated and may contain embedded | |
542 | \& * nulls. | |
543 | \& */ | |
544 | \& out = fopen(outfile, "wb"); | |
545 | \& fwrite(outbuf, 1, outlen, out); | |
546 | \& fclose(out); | |
547 | \& return 1; | |
548 | \& } | |
549 | .Ve | |
8b0cefbb | 550 | .PP |
984263bc | 551 | The ciphertext from the above example can be decrypted using the \fBopenssl\fR |
d95b477a | 552 | utility with the command line (shown on two lines for clarity): |
984263bc | 553 | .PP |
d95b477a SW |
554 | .Vb 2 |
555 | \& openssl idea \-d <filename | |
556 | \& \-K 000102030405060708090A0B0C0D0E0F \-iv 0102030405060708 | |
8b0cefbb JR |
557 | .Ve |
558 | .PP | |
5a44c043 | 559 | General encryption and decryption function example using \s-1FILE I/O\s0 and \s-1AES128\s0 |
d95b477a | 560 | with a 128\-bit key: |
984263bc | 561 | .PP |
d95b477a | 562 | .Vb 11 |
984263bc MD |
563 | \& int do_crypt(FILE *in, FILE *out, int do_encrypt) |
564 | \& { | |
565 | \& /* Allow enough space in output buffer for additional block */ | |
d95b477a | 566 | \& unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH]; |
984263bc | 567 | \& int inlen, outlen; |
d95b477a | 568 | \& EVP_CIPHER_CTX ctx; |
e257b235 | 569 | \& /* Bogus key and IV: we\*(Aqd normally set these from |
984263bc MD |
570 | \& * another source. |
571 | \& */ | |
d95b477a SW |
572 | \& unsigned char key[] = "0123456789abcdeF"; |
573 | \& unsigned char iv[] = "1234567887654321"; | |
574 | \& | |
575 | \& /* Don\*(Aqt set key or IV right away; we want to check lengths */ | |
984263bc | 576 | \& EVP_CIPHER_CTX_init(&ctx); |
d95b477a SW |
577 | \& EVP_CipherInit_ex(&ctx, EVP_aes_128_cbc(), NULL, NULL, NULL, |
578 | \& do_encrypt); | |
579 | \& OPENSSL_assert(EVP_CIPHER_CTX_key_length(&ctx) == 16); | |
580 | \& OPENSSL_assert(EVP_CIPHER_CTX_iv_length(&ctx) == 16); | |
581 | \& | |
582 | \& /* Now we can set key and IV */ | |
984263bc | 583 | \& EVP_CipherInit_ex(&ctx, NULL, NULL, key, iv, do_encrypt); |
e257b235 | 584 | \& |
984263bc MD |
585 | \& for(;;) |
586 | \& { | |
587 | \& inlen = fread(inbuf, 1, 1024, in); | |
588 | \& if(inlen <= 0) break; | |
589 | \& if(!EVP_CipherUpdate(&ctx, outbuf, &outlen, inbuf, inlen)) | |
590 | \& { | |
591 | \& /* Error */ | |
a561f9ff | 592 | \& EVP_CIPHER_CTX_cleanup(&ctx); |
984263bc MD |
593 | \& return 0; |
594 | \& } | |
595 | \& fwrite(outbuf, 1, outlen, out); | |
596 | \& } | |
597 | \& if(!EVP_CipherFinal_ex(&ctx, outbuf, &outlen)) | |
598 | \& { | |
599 | \& /* Error */ | |
a561f9ff | 600 | \& EVP_CIPHER_CTX_cleanup(&ctx); |
984263bc MD |
601 | \& return 0; |
602 | \& } | |
603 | \& fwrite(outbuf, 1, outlen, out); | |
e257b235 | 604 | \& |
984263bc MD |
605 | \& EVP_CIPHER_CTX_cleanup(&ctx); |
606 | \& return 1; | |
607 | \& } | |
608 | .Ve | |
609 | .SH "SEE ALSO" | |
74dab6c2 | 610 | .IX Header "SEE ALSO" |
8b0cefbb JR |
611 | \&\fIevp\fR\|(3) |
612 | .SH "HISTORY" | |
74dab6c2 | 613 | .IX Header "HISTORY" |
8b0cefbb JR |
614 | \&\fIEVP_CIPHER_CTX_init()\fR, \fIEVP_EncryptInit_ex()\fR, \fIEVP_EncryptFinal_ex()\fR, |
615 | \&\fIEVP_DecryptInit_ex()\fR, \fIEVP_DecryptFinal_ex()\fR, \fIEVP_CipherInit_ex()\fR, | |
616 | \&\fIEVP_CipherFinal_ex()\fR and \fIEVP_CIPHER_CTX_set_padding()\fR appeared in | |
617 | OpenSSL 0.9.7. | |
d95b477a SW |
618 | .PP |
619 | \&\s-1IDEA\s0 appeared in OpenSSL 0.9.7 but was often disabled due to | |
620 | patent concerns; the last patents expired in 2012. |