|
Packit |
c4476c |
=pod
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
=head1 NAME
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
EVP_OpenInit, EVP_OpenUpdate, EVP_OpenFinal - EVP envelope decryption
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
=head1 SYNOPSIS
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
#include <openssl/evp.h>
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
int EVP_OpenInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char *ek,
|
|
Packit |
c4476c |
int ekl, unsigned char *iv, EVP_PKEY *priv);
|
|
Packit |
c4476c |
int EVP_OpenUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
|
|
Packit |
c4476c |
int *outl, unsigned char *in, int inl);
|
|
Packit |
c4476c |
int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
=head1 DESCRIPTION
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
The EVP envelope routines are a high level interface to envelope
|
|
Packit |
c4476c |
decryption. They decrypt a public key encrypted symmetric key and
|
|
Packit |
c4476c |
then decrypt data using it.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
EVP_OpenInit() initializes a cipher context B<ctx> for decryption
|
|
Packit |
c4476c |
with cipher B<type>. It decrypts the encrypted symmetric key of length
|
|
Packit |
c4476c |
B<ekl> bytes passed in the B<ek> parameter using the private key B<priv>.
|
|
Packit |
c4476c |
The IV is supplied in the B<iv> parameter.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
EVP_OpenUpdate() and EVP_OpenFinal() have exactly the same properties
|
|
Packit |
c4476c |
as the EVP_DecryptUpdate() and EVP_DecryptFinal() routines, as
|
|
Packit |
c4476c |
documented on the L<EVP_EncryptInit(3)> manual
|
|
Packit |
c4476c |
page.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
=head1 NOTES
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
It is possible to call EVP_OpenInit() twice in the same way as
|
|
Packit |
c4476c |
EVP_DecryptInit(). The first call should have B<priv> set to NULL
|
|
Packit |
c4476c |
and (after setting any cipher parameters) it should be called again
|
|
Packit |
c4476c |
with B<type> set to NULL.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
If the cipher passed in the B<type> parameter is a variable length
|
|
Packit |
c4476c |
cipher then the key length will be set to the value of the recovered
|
|
Packit |
c4476c |
key length. If the cipher is a fixed length cipher then the recovered
|
|
Packit |
c4476c |
key length must match the fixed cipher length.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
=head1 RETURN VALUES
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
EVP_OpenInit() returns 0 on error or a non zero integer (actually the
|
|
Packit |
c4476c |
recovered secret key size) if successful.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
EVP_OpenUpdate() returns 1 for success or 0 for failure.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
EVP_OpenFinal() returns 0 if the decrypt failed or 1 for success.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
=head1 SEE ALSO
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
L<evp(7)>, L<RAND_bytes(3)>,
|
|
Packit |
c4476c |
L<EVP_EncryptInit(3)>,
|
|
Packit |
c4476c |
L<EVP_SealInit(3)>
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
=head1 COPYRIGHT
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
Licensed under the OpenSSL license (the "License"). You may not use
|
|
Packit |
c4476c |
this file except in compliance with the License. You can obtain a copy
|
|
Packit |
c4476c |
in the file LICENSE in the source distribution or at
|
|
Packit |
c4476c |
L<https://www.openssl.org/source/license.html>.
|
|
Packit |
c4476c |
|
|
Packit |
c4476c |
=cut
|