Add EVP_CIPHER_meth_* documentation from OpenSSL 1.1

This is essentially the original text with a few tweaks and fixes by me, removing parts inapplicable to LibreSSL. There are dangling references to EVP_CIPHER_CTX_copy(3) and EVP_CIPHER_CTX_get_cipher_data(3). This all isn't great, but it's better than nothing. Probably good enough for these rarely used functions.
author: tb <> 2023-03-16 15:05:23 +0000
committer: tb <> 2023-03-16 15:05:23 +0000
commit: 8d510aab1bc83283d625dfcaeb03171f6389a95c (patch)
tree: c10d4cd3c543b98dcbd4b53da87fc80aa602c12b
parent: f585206aaf511686270f4af4d348d979a0926dbb (diff)
download: openbsd-8d510aab1bc83283d625dfcaeb03171f6389a95c.tar.gz
openbsd-8d510aab1bc83283d625dfcaeb03171f6389a95c.tar.bz2
openbsd-8d510aab1bc83283d625dfcaeb03171f6389a95c.zip
1 files changed, 335 insertions, 0 deletions
diff --git a/src/lib/libcrypto/man/EVP_CIPHER_meth_new.3 b/src/lib/libcrypto/man/EVP_CIPHER_meth_new.3
new file mode 100644
index 0000000000..21555edfd3
--- /dev/null
+++ b/src/lib/libcrypto/man/EVP_CIPHER_meth_new.3
@@ -0,0 +1,335 @@
+.\" $OpenBSD: EVP_CIPHER_meth_new.3,v 1.1 2023/03/16 15:05:23 tb Exp $
+.\" selective merge up to: OpenSSL b0edda11 Mar 20 13:00:17 2018 +0000
+.\"
+.\" The original file was written by Richard Levitte <levitte@openssl.org>
+.\" Copyright (c) 2015 The OpenSSL Project.
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\"
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\"
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in
+.\"    the documentation and/or other materials provided with the
+.\"    distribution.
+.\"
+.\" 3. All advertising materials mentioning features or use of this
+.\"    software must display the following acknowledgment:
+.\"    "This product includes software developed by the OpenSSL Project
+.\"    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+.\"
+.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+.\"    endorse or promote products derived from this software without
+.\"    prior written permission. For written permission, please contact
+.\"    openssl-core@openssl.org.
+.\"
+.\" 5. Products derived from this software may not be called "OpenSSL"
+.\"    nor may "OpenSSL" appear in their names without prior written
+.\"    permission of the OpenSSL Project.
+.\"
+.\" 6. Redistributions of any form whatsoever must retain the following
+.\"    acknowledgment:
+.\"    "This product includes software developed by the OpenSSL Project
+.\"    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+.\" PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+.\" OF THE POSSIBILITY OF SUCH DAMAGE.
+.\"
+.Dd $Mdocdate: March 16 2023 $
+.Dt EVP_CIPHER_METH_NEW 3
+.Os
+.Sh NAME
+.Nm EVP_CIPHER_meth_new ,
+.Nm EVP_CIPHER_meth_dup ,
+.Nm EVP_CIPHER_meth_free ,
+.Nm EVP_CIPHER_meth_set_iv_length ,
+.Nm EVP_CIPHER_meth_set_flags ,
+.Nm EVP_CIPHER_meth_set_impl_ctx_size ,
+.Nm EVP_CIPHER_meth_set_init ,
+.Nm EVP_CIPHER_meth_set_do_cipher ,
+.Nm EVP_CIPHER_meth_set_cleanup ,
+.Nm EVP_CIPHER_meth_set_set_asn1_params ,
+.Nm EVP_CIPHER_meth_set_get_asn1_params ,
+.Nm EVP_CIPHER_meth_set_ctrl
+.Nd Routines to build up EVP_CIPHER methods
+.Sh SYNOPSIS
+.In openssl/evp.h
+.Ft EVP_CIPHER *
+.Fo EVP_CIPHER_meth_new
+.Fa "int cipher_type"
+.Fa "int block_size"
+.Fa "int key_len"
+.Fc
+.Ft EVP_CIPHER *
+.Fo EVP_CIPHER_meth_dup
+.Fa "const EVP_CIPHER *cipher"
+.Fc
+.Ft void
+.Fo EVP_CIPHER_meth_free
+.Fa "EVP_CIPHER *cipher"
+.Fc
+.Ft int
+.Fo EVP_CIPHER_meth_set_iv_length
+.Fa "EVP_CIPHER *cipher"
+.Fa "int iv_len"
+.Fc
+.Ft int
+.Fo EVP_CIPHER_meth_set_flags
+.Fa "EVP_CIPHER *cipher"
+.Fa "unsigned long flags"
+.Fc
+.Ft int
+.Fo EVP_CIPHER_meth_set_impl_ctx_size
+.Fa "EVP_CIPHER *cipher"
+.Fa "int ctx_size"
+.Fc
+.Ft int
+.Fo EVP_CIPHER_meth_set_init
+.Fa "EVP_CIPHER *cipher"
+.Fa "int (*init)(EVP_CIPHER_CTX *ctx, const unsigned char *key,\
+ const unsigned char *iv, int enc)"
+.Fc
+.Ft int
+.Fo EVP_CIPHER_meth_set_do_cipher
+.Fa "EVP_CIPHER *cipher"
+.Fa "int (*do_cipher)(EVP_CIPHER_CTX *ctx, unsigned char *out,\
+ const unsigned char *in, size_t inl)"
+.Fc
+.Ft int
+.Fo EVP_CIPHER_meth_set_cleanup
+.Fa "EVP_CIPHER *cipher"
+.Fa "int (*cleanup)(EVP_CIPHER_CTX *)"
+.Fc
+.Ft int
+.Fo EVP_CIPHER_meth_set_set_asn1_params
+.Fa "EVP_CIPHER *cipher"
+.Fa "int (*set_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *)"
+.Fc
+.Ft int
+.Fo EVP_CIPHER_meth_set_get_asn1_params
+.Fa "EVP_CIPHER *cipher"
+.Fa "int (*get_asn1_parameters)(EVP_CIPHER_CTX *, ASN1_TYPE *)"
+.Fc
+.Ft int
+.Fo EVP_CIPHER_meth_set_ctrl
+.Fa "EVP_CIPHER *cipher"
+.Fa "int (*ctrl)(EVP_CIPHER_CTX *, int type, int arg, void *ptr)"
+.Fc
+.Sh DESCRIPTION
+The
+.Vt EVP_CIPHER
+type is a structure holding function pointers for
+a symmetric cipher implementation.
+.Pp
+.Fn EVP_CIPHER_meth_new
+allocates a new
+.Vt EVP_CIPHER
+structure.
+The cipher's NID (see
+.Xr EVP_CIPHER_nid 3 )
+is set to
+.Fa cipher_type ,
+the block size and key length are set to
+.Fa block_size
+and
+.Fa key_len ,
+respectively.
+.Pp
+.Fn EVP_CIPHER_meth_dup
+creates a copy of
+.Fa cipher .
+.Pp
+.Fn EVP_CIPHER_meth_free
+frees an
+.Vt EVP_CIPHER
+structure.
+.Pp
+.Fn EVP_CIPHER_meth_set_iv_length
+sets the length of the initialization vector.
+This is only needed when the implemented cipher mode requires it.
+.Pp
+.Fn EVP_CIPHER_meth_set_flags
+overwrites the flags to describe optional behaviours in
+.Fa cipher
+with
+.Fa flags .
+At most one of the following cipher modes can be set:
+.Dv EVP_CIPH_STREAM_CIPHER ,
+.Dv EVP_CIPH_ECB_MODE ,
+.Dv EVP_CIPH_CBC_MODE ,
+.Dv EVP_CIPH_CFB_MODE ,
+.Dv EVP_CIPH_OFB_MODE ,
+.Dv EVP_CIPH_CTR_MODE ,
+.Dv EVP_CIPH_GCM_MODE ,
+.Dv EVP_CIPH_CCM_MODE ,
+.Dv EVP_CIPH_XTS_MODE ,
+and
+.Dv EVP_CIPH_WRAP_MODE .
+The available flags are:
+.Bl -tag -width Ds
+.It EVP_CIPH_VARIABLE_LENGTH
+This cipher is of variable length.
+.It EVP_CIPH_CUSTOM_IV
+Storing and initialising the IV is left entirely to the implementation.
+.It EVP_CIPH_ALWAYS_CALL_INIT
+Set this if the implementation's
+.Fn init
+function should be called even if
+.Fa key
+is
+.Dv NULL .
+.It EVP_CIPH_CTRL_INIT
+Set this to have the implementation's
+.Fn ctrl
+function called with command code
+.Dv EVP_CTRL_INIT
+early in its setup.
+.It EVP_CIPH_CUSTOM_KEY_LENGTH
+Checking and setting the key length after creating the
+.Vt EVP_CIPHER
+is left to the implementation.
+Whenever someone uses
+.Xr EVP_CIPHER_CTX_set_key_length 3
+on a
+.Vt EVP_CIPHER
+with this flag set, the implementation's
+.Fn ctrl
+function will be called with the control code
+.Dv EVP_CTRL_SET_KEY_LENGTH
+and the key length in
+.Fa arg .
+.It EVP_CIPH_NO_PADDING
+Don't use standard block padding.
+.It EVP_CIPH_RAND_KEY
+Making a key with random content is left to the implementation.
+This is done by calling the implementation's
+.Fn ctrl
+function with the control code
+.Dv EVP_CTRL_RAND_KEY
+and the pointer to the key memory storage in
+.Fa ptr .
+.It EVP_CIPH_CUSTOM_COPY
+Set this to have the implementation's
+.Fn ctrl
+function called with command code
+.Dv EVP_CTRL_COPY
+at the end of
+.Xr EVP_CIPHER_CTX_copy 3 .
+The intended use is for further things to deal with after the
+implementation specific data block has been copied.
+The destination
+.Vt EVP_CIPHER_CTX
+object is passed to the control with the
+.Fa ptr
+parameter.
+The implementation-specific data block is reached with
+.Xr EVP_CIPHER_CTX_get_cipher_data 3 .
+.It EVP_CIPH_FLAG_DEFAULT_ASN1
+Use the default EVP routines to pass IV to and from ASN.1.
+.It EVP_CIPH_FLAG_LENGTH_BITS
+Signals that the length of the input buffer for encryption / decryption
+is to be understood as the number of bits instead of bytes for this
+implementation.
+This is only useful for CFB1 ciphers.
+.It EVP_CIPH_FLAG_CUSTOM_CIPHER
+This indicates that the implementation takes care of everything,
+including padding, buffering and finalization.
+The EVP routines will simply give them control and do nothing more.
+.It EVP_CIPH_FLAG_AEAD_CIPHER
+This indicates that this is an AEAD cipher implementation.
+.El
+.Pp
+.Fn EVP_CIPHER_meth_set_impl_ctx_size
+sets the size of the EVP_CIPHER's implementation context so that it can
+be automatically allocated.
+.Pp
+.Fn EVP_CIPHER_meth_set_init
+sets the cipher init function for
+.Fa cipher .
+The cipher init function is called by
+.Xr EVP_CipherInit 3 ,
+.Xr EVP_CipherInit_ex 3 ,
+.Xr EVP_EncryptInit 3 ,
+.Xr EVP_EncryptInit_ex 3 ,
+.Xr EVP_DecryptInit 3 ,
+.Xr EVP_DecryptInit_ex 3 .
+.Pp
+.Fn EVP_CIPHER_meth_set_do_cipher
+sets the cipher function for
+.Fa cipher .
+The cipher function is called by
+.Xr EVP_CipherUpdate 3 ,
+.Xr EVP_EncryptUpdate 3 ,
+.Xr EVP_DecryptUpdate 3 ,
+.Xr EVP_CipherFinal 3 ,
+.Xr EVP_EncryptFinal 3 ,
+.Xr EVP_EncryptFinal_ex 3 ,
+.Xr EVP_DecryptFinal 3
+and
+.Xr EVP_DecryptFinal_ex 3 .
+.Pp
+.Fn EVP_CIPHER_meth_set_cleanup
+sets the function for
+.Fa cipher
+to do extra cleanup before the method's private data structure is
+cleaned out and freed.
+Note that the cleanup function is passed a
+.Sy EVP_CIPHER_CTX * ,
+the private data structure is then available with
+.Xr EVP_CIPHER_CTX_get_cipher_data 3 .
+This cleanup function is called by
+.Xr EVP_CIPHER_CTX_reset 3
+and
+.Xr EVP_CIPHER_CTX_free 3 .
+.Pp
+.Fn EVP_CIPHER_meth_set_set_asn1_params
+sets the function for
+.Fa cipher
+to set the AlgorithmIdentifier "parameter" based on the passed cipher.
+This function is called by
+.Xr EVP_CIPHER_param_to_asn1 3 .
+.Fn EVP_CIPHER_meth_set_get_asn1_params
+sets the function for
+.Fa cipher
+that sets the cipher parameters based on an ASN.1 AlgorithmIdentifier
+"parameter".
+Both these functions are needed when there is a need for custom data
+(more or other than the cipher IV). They are called by
+.Xr EVP_CIPHER_param_to_asn1 3
+and
+.Xr EVP_CIPHER_asn1_to_param 3
+respectively if defined.
+.Pp
+.Fn EVP_CIPHER_meth_set_ctrl
+sets the control function for
+.Fa cipher .
+.Sh RETURN VALUES
+.Fn EVP_CIPHER_meth_new
+and
+.Fn EVP_CIPHER_meth_dup
+return a pointer to a newly created
+.Vt EVP_CIPHER ,
+or NULL on failure.
+.Pp
+All
+.Fn EVP_CIPHER_meth_set_*
+functions return 1.
+.Sh SEE ALSO
+.Xr EVP_EncryptInit 3
+.Sh HISTORY
+These functions first appeared in OpenSSL 1.1.0 and have been available since
+.Ox 7.3 .
author	tb <>	2023-03-16 15:05:23 +0000
committer	tb <>	2023-03-16 15:05:23 +0000
commit	8d510aab1bc83283d625dfcaeb03171f6389a95c (patch)
tree	c10d4cd3c543b98dcbd4b53da87fc80aa602c12b
parent	f585206aaf511686270f4af4d348d979a0926dbb (diff)
download	openbsd-8d510aab1bc83283d625dfcaeb03171f6389a95c.tar.gz openbsd-8d510aab1bc83283d625dfcaeb03171f6389a95c.tar.bz2 openbsd-8d510aab1bc83283d625dfcaeb03171f6389a95c.zip

diff --git a/src/lib/libcrypto/man/EVP_CIPHER_meth_new.3 b/src/lib/libcrypto/man/EVP_CIPHER_meth_new.3 new file mode 100644 index 0000000000..21555edfd3 --- /dev/null +++ b/src/lib/libcrypto/man/EVP_CIPHER_meth_new.3
@@ -0,0 +1,335 @@
	1	.\" $OpenBSD: EVP_CIPHER_meth_new.3,v 1.1 2023/03/16 15:05:23 tb Exp $
	2	.\" selective merge up to: OpenSSL b0edda11 Mar 20 13:00:17 2018 +0000
	3	.\"
	4	.\" The original file was written by Richard Levitte <levitte@openssl.org>
	5	.\" Copyright (c) 2015 The OpenSSL Project.
	6	.\" All rights reserved.
	7	.\"
	8	.\" Redistribution and use in source and binary forms, with or without
	9	.\" modification, are permitted provided that the following conditions
	10	.\" are met:
	11	.\"
	12	.\" 1. Redistributions of source code must retain the above copyright
	13	.\" notice, this list of conditions and the following disclaimer.
	14	.\"
	15	.\" 2. Redistributions in binary form must reproduce the above copyright
	16	.\" notice, this list of conditions and the following disclaimer in
	17	.\" the documentation and/or other materials provided with the
	18	.\" distribution.
	19	.\"
	20	.\" 3. All advertising materials mentioning features or use of this
	21	.\" software must display the following acknowledgment:
	22	.\" "This product includes software developed by the OpenSSL Project
	23	.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
	24	.\"
	25	.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
	26	.\" endorse or promote products derived from this software without
	27	.\" prior written permission. For written permission, please contact
	28	.\" openssl-core@openssl.org.
	29	.\"
	30	.\" 5. Products derived from this software may not be called "OpenSSL"
	31	.\" nor may "OpenSSL" appear in their names without prior written
	32	.\" permission of the OpenSSL Project.
	33	.\"
	34	.\" 6. Redistributions of any form whatsoever must retain the following
	35	.\" acknowledgment:
	36	.\" "This product includes software developed by the OpenSSL Project
	37	.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)"
	38	.\"
	39	.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
	40	.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	41	.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
	42	.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
	43	.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
	44	.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
	45	.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
	46	.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	47	.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
	48	.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
	49	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
	50	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
	51	.\"
	52	.Dd $Mdocdate: March 16 2023 $
	53	.Dt EVP_CIPHER_METH_NEW 3
	54	.Os
	55	.Sh NAME
	56	.Nm EVP_CIPHER_meth_new ,
	57	.Nm EVP_CIPHER_meth_dup ,
	58	.Nm EVP_CIPHER_meth_free ,
	59	.Nm EVP_CIPHER_meth_set_iv_length ,
	60	.Nm EVP_CIPHER_meth_set_flags ,
	61	.Nm EVP_CIPHER_meth_set_impl_ctx_size ,
	62	.Nm EVP_CIPHER_meth_set_init ,
	63	.Nm EVP_CIPHER_meth_set_do_cipher ,
	64	.Nm EVP_CIPHER_meth_set_cleanup ,
	65	.Nm EVP_CIPHER_meth_set_set_asn1_params ,
	66	.Nm EVP_CIPHER_meth_set_get_asn1_params ,
	67	.Nm EVP_CIPHER_meth_set_ctrl
	68	.Nd Routines to build up EVP_CIPHER methods
	69	.Sh SYNOPSIS
	70	.In openssl/evp.h
	71	.Ft EVP_CIPHER *
	72	.Fo EVP_CIPHER_meth_new
	73	.Fa "int cipher_type"
	74	.Fa "int block_size"
	75	.Fa "int key_len"
	76	.Fc
	77	.Ft EVP_CIPHER *
	78	.Fo EVP_CIPHER_meth_dup
	79	.Fa "const EVP_CIPHER *cipher"
	80	.Fc
	81	.Ft void
	82	.Fo EVP_CIPHER_meth_free
	83	.Fa "EVP_CIPHER *cipher"
	84	.Fc
	85	.Ft int
	86	.Fo EVP_CIPHER_meth_set_iv_length
	87	.Fa "EVP_CIPHER *cipher"
	88	.Fa "int iv_len"
	89	.Fc
	90	.Ft int
	91	.Fo EVP_CIPHER_meth_set_flags
	92	.Fa "EVP_CIPHER *cipher"
	93	.Fa "unsigned long flags"
	94	.Fc
	95	.Ft int
	96	.Fo EVP_CIPHER_meth_set_impl_ctx_size
	97	.Fa "EVP_CIPHER *cipher"
	98	.Fa "int ctx_size"
	99	.Fc
	100	.Ft int
	101	.Fo EVP_CIPHER_meth_set_init
	102	.Fa "EVP_CIPHER *cipher"
	103	.Fa "int (init)(EVP_CIPHER_CTX ctx, const unsigned char *key,\
	104	const unsigned char *iv, int enc)"
	105	.Fc
	106	.Ft int
	107	.Fo EVP_CIPHER_meth_set_do_cipher
	108	.Fa "EVP_CIPHER *cipher"
	109	.Fa "int (do_cipher)(EVP_CIPHER_CTX ctx, unsigned char *out,\
	110	const unsigned char *in, size_t inl)"
	111	.Fc
	112	.Ft int
	113	.Fo EVP_CIPHER_meth_set_cleanup
	114	.Fa "EVP_CIPHER *cipher"
	115	.Fa "int (cleanup)(EVP_CIPHER_CTX )"
	116	.Fc
	117	.Ft int
	118	.Fo EVP_CIPHER_meth_set_set_asn1_params
	119	.Fa "EVP_CIPHER *cipher"
	120	.Fa "int (set_asn1_parameters)(EVP_CIPHER_CTX , ASN1_TYPE *)"
	121	.Fc
	122	.Ft int
	123	.Fo EVP_CIPHER_meth_set_get_asn1_params
	124	.Fa "EVP_CIPHER *cipher"
	125	.Fa "int (get_asn1_parameters)(EVP_CIPHER_CTX , ASN1_TYPE *)"
	126	.Fc
	127	.Ft int
	128	.Fo EVP_CIPHER_meth_set_ctrl
	129	.Fa "EVP_CIPHER *cipher"
	130	.Fa "int (ctrl)(EVP_CIPHER_CTX , int type, int arg, void *ptr)"
	131	.Fc
	132	.Sh DESCRIPTION
	133	The
	134	.Vt EVP_CIPHER
	135	type is a structure holding function pointers for
	136	a symmetric cipher implementation.
	137	.Pp
	138	.Fn EVP_CIPHER_meth_new
	139	allocates a new
	140	.Vt EVP_CIPHER
	141	structure.
	142	The cipher's NID (see
	143	.Xr EVP_CIPHER_nid 3 )
	144	is set to
	145	.Fa cipher_type ,
	146	the block size and key length are set to
	147	.Fa block_size
	148	and
	149	.Fa key_len ,
	150	respectively.
	151	.Pp
	152	.Fn EVP_CIPHER_meth_dup
	153	creates a copy of
	154	.Fa cipher .
	155	.Pp
	156	.Fn EVP_CIPHER_meth_free
	157	frees an
	158	.Vt EVP_CIPHER
	159	structure.
	160	.Pp
	161	.Fn EVP_CIPHER_meth_set_iv_length
	162	sets the length of the initialization vector.
	163	This is only needed when the implemented cipher mode requires it.
	164	.Pp
	165	.Fn EVP_CIPHER_meth_set_flags
	166	overwrites the flags to describe optional behaviours in
	167	.Fa cipher
	168	with
	169	.Fa flags .
	170	At most one of the following cipher modes can be set:
	171	.Dv EVP_CIPH_STREAM_CIPHER ,
	172	.Dv EVP_CIPH_ECB_MODE ,
	173	.Dv EVP_CIPH_CBC_MODE ,
	174	.Dv EVP_CIPH_CFB_MODE ,
	175	.Dv EVP_CIPH_OFB_MODE ,
	176	.Dv EVP_CIPH_CTR_MODE ,
	177	.Dv EVP_CIPH_GCM_MODE ,
	178	.Dv EVP_CIPH_CCM_MODE ,
	179	.Dv EVP_CIPH_XTS_MODE ,
	180	and
	181	.Dv EVP_CIPH_WRAP_MODE .
	182	The available flags are:
	183	.Bl -tag -width Ds
	184	.It EVP_CIPH_VARIABLE_LENGTH
	185	This cipher is of variable length.
	186	.It EVP_CIPH_CUSTOM_IV
	187	Storing and initialising the IV is left entirely to the implementation.
	188	.It EVP_CIPH_ALWAYS_CALL_INIT
	189	Set this if the implementation's
	190	.Fn init
	191	function should be called even if
	192	.Fa key
	193	is
	194	.Dv NULL .
	195	.It EVP_CIPH_CTRL_INIT
	196	Set this to have the implementation's
	197	.Fn ctrl
	198	function called with command code
	199	.Dv EVP_CTRL_INIT
	200	early in its setup.
	201	.It EVP_CIPH_CUSTOM_KEY_LENGTH
	202	Checking and setting the key length after creating the
	203	.Vt EVP_CIPHER
	204	is left to the implementation.
	205	Whenever someone uses
	206	.Xr EVP_CIPHER_CTX_set_key_length 3
	207	on a
	208	.Vt EVP_CIPHER
	209	with this flag set, the implementation's
	210	.Fn ctrl
	211	function will be called with the control code
	212	.Dv EVP_CTRL_SET_KEY_LENGTH
	213	and the key length in
	214	.Fa arg .
	215	.It EVP_CIPH_NO_PADDING
	216	Don't use standard block padding.
	217	.It EVP_CIPH_RAND_KEY
	218	Making a key with random content is left to the implementation.
	219	This is done by calling the implementation's
	220	.Fn ctrl
	221	function with the control code
	222	.Dv EVP_CTRL_RAND_KEY
	223	and the pointer to the key memory storage in
	224	.Fa ptr .
	225	.It EVP_CIPH_CUSTOM_COPY
	226	Set this to have the implementation's
	227	.Fn ctrl
	228	function called with command code
	229	.Dv EVP_CTRL_COPY
	230	at the end of
	231	.Xr EVP_CIPHER_CTX_copy 3 .
	232	The intended use is for further things to deal with after the
	233	implementation specific data block has been copied.
	234	The destination
	235	.Vt EVP_CIPHER_CTX
	236	object is passed to the control with the
	237	.Fa ptr
	238	parameter.
	239	The implementation-specific data block is reached with
	240	.Xr EVP_CIPHER_CTX_get_cipher_data 3 .
	241	.It EVP_CIPH_FLAG_DEFAULT_ASN1
	242	Use the default EVP routines to pass IV to and from ASN.1.
	243	.It EVP_CIPH_FLAG_LENGTH_BITS
	244	Signals that the length of the input buffer for encryption / decryption
	245	is to be understood as the number of bits instead of bytes for this
	246	implementation.
	247	This is only useful for CFB1 ciphers.
	248	.It EVP_CIPH_FLAG_CUSTOM_CIPHER
	249	This indicates that the implementation takes care of everything,
	250	including padding, buffering and finalization.
	251	The EVP routines will simply give them control and do nothing more.
	252	.It EVP_CIPH_FLAG_AEAD_CIPHER
	253	This indicates that this is an AEAD cipher implementation.
	254	.El
	255	.Pp
	256	.Fn EVP_CIPHER_meth_set_impl_ctx_size
	257	sets the size of the EVP_CIPHER's implementation context so that it can
	258	be automatically allocated.
	259	.Pp
	260	.Fn EVP_CIPHER_meth_set_init
	261	sets the cipher init function for
	262	.Fa cipher .
	263	The cipher init function is called by
	264	.Xr EVP_CipherInit 3 ,
	265	.Xr EVP_CipherInit_ex 3 ,
	266	.Xr EVP_EncryptInit 3 ,
	267	.Xr EVP_EncryptInit_ex 3 ,
	268	.Xr EVP_DecryptInit 3 ,
	269	.Xr EVP_DecryptInit_ex 3 .
	270	.Pp
	271	.Fn EVP_CIPHER_meth_set_do_cipher
	272	sets the cipher function for
	273	.Fa cipher .
	274	The cipher function is called by
	275	.Xr EVP_CipherUpdate 3 ,
	276	.Xr EVP_EncryptUpdate 3 ,
	277	.Xr EVP_DecryptUpdate 3 ,
	278	.Xr EVP_CipherFinal 3 ,
	279	.Xr EVP_EncryptFinal 3 ,
	280	.Xr EVP_EncryptFinal_ex 3 ,
	281	.Xr EVP_DecryptFinal 3
	282	and
	283	.Xr EVP_DecryptFinal_ex 3 .
	284	.Pp
	285	.Fn EVP_CIPHER_meth_set_cleanup
	286	sets the function for
	287	.Fa cipher
	288	to do extra cleanup before the method's private data structure is
	289	cleaned out and freed.
	290	Note that the cleanup function is passed a
	291	.Sy EVP_CIPHER_CTX * ,
	292	the private data structure is then available with
	293	.Xr EVP_CIPHER_CTX_get_cipher_data 3 .
	294	This cleanup function is called by
	295	.Xr EVP_CIPHER_CTX_reset 3
	296	and
	297	.Xr EVP_CIPHER_CTX_free 3 .
	298	.Pp
	299	.Fn EVP_CIPHER_meth_set_set_asn1_params
	300	sets the function for
	301	.Fa cipher
	302	to set the AlgorithmIdentifier "parameter" based on the passed cipher.
	303	This function is called by
	304	.Xr EVP_CIPHER_param_to_asn1 3 .
	305	.Fn EVP_CIPHER_meth_set_get_asn1_params
	306	sets the function for
	307	.Fa cipher
	308	that sets the cipher parameters based on an ASN.1 AlgorithmIdentifier
	309	"parameter".
	310	Both these functions are needed when there is a need for custom data
	311	(more or other than the cipher IV). They are called by
	312	.Xr EVP_CIPHER_param_to_asn1 3
	313	and
	314	.Xr EVP_CIPHER_asn1_to_param 3
	315	respectively if defined.
	316	.Pp
	317	.Fn EVP_CIPHER_meth_set_ctrl
	318	sets the control function for
	319	.Fa cipher .
	320	.Sh RETURN VALUES
	321	.Fn EVP_CIPHER_meth_new
	322	and
	323	.Fn EVP_CIPHER_meth_dup
	324	return a pointer to a newly created
	325	.Vt EVP_CIPHER ,
	326	or NULL on failure.
	327	.Pp
	328	All
	329	.Fn EVP_CIPHER_meth_set_*
	330	functions return 1.
	331	.Sh SEE ALSO
	332	.Xr EVP_EncryptInit 3
	333	.Sh HISTORY
	334	These functions first appeared in OpenSSL 1.1.0 and have been available since
	335	.Ox 7.3 .