EVP_EncryptInit(3) is among the most important "how to drive" manuals,

but it is still excessively long and complicated. To reduce the amount of distractions a bit, split out three deprecated functions into a new manual page EVP_CIPHER_CTX_init(3). No text change. In part suggested by tb@, who agrees with the direction.
author: schwarze <> 2023-12-01 10:40:21 +0000
committer: schwarze <> 2023-12-01 10:40:21 +0000
commit: b96a4b784440cf187468037ed3da35454f5567e6 (patch)
tree: 7938f7fbd9b5f339696036f09d5e7f1f30317b66 /src/lib/libcrypto/man/EVP_CIPHER_CTX_init.3
parent: 7129e109fdac17c935230717075e826277b3c26a (diff)
download: openbsd-b96a4b784440cf187468037ed3da35454f5567e6.tar.gz
openbsd-b96a4b784440cf187468037ed3da35454f5567e6.tar.bz2
openbsd-b96a4b784440cf187468037ed3da35454f5567e6.zip
1 files changed, 150 insertions, 0 deletions
diff --git a/src/lib/libcrypto/man/EVP_CIPHER_CTX_init.3 b/src/lib/libcrypto/man/EVP_CIPHER_CTX_init.3
new file mode 100644
index 0000000000..3bb40018f5
--- /dev/null
+++ b/src/lib/libcrypto/man/EVP_CIPHER_CTX_init.3
@@ -0,0 +1,150 @@
+.\" $OpenBSD: EVP_CIPHER_CTX_init.3,v 1.1 2023/12/01 10:40:21 schwarze Exp $
+.\" full merge up to:
+.\" OpenSSL EVP_EncryptInit.pod 0874d7f2 Oct 11 13:13:47 2022 +0100
+.\"
+.\" This file is a derived work.
+.\" The changes are covered by the following Copyright and license:
+.\"
+.\" Copyright (c) 2018, 2019 Ingo Schwarze <schwarze@openbsd.org>
+.\"
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+.\"
+.\" The original file was written by Dr. Stephen Henson <steve@openssl.org>
+.\" and Richard Levitte <levitte@openssl.org>.
+.\" Copyright (c) 2000-2001, 2015 The OpenSSL Project.
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\"
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\"
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in
+.\"    the documentation and/or other materials provided with the
+.\"    distribution.
+.\"
+.\" 3. All advertising materials mentioning features or use of this
+.\"    software must display the following acknowledgment:
+.\"    "This product includes software developed by the OpenSSL Project
+.\"    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
+.\"
+.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+.\"    endorse or promote products derived from this software without
+.\"    prior written permission. For written permission, please contact
+.\"    openssl-core@openssl.org.
+.\"
+.\" 5. Products derived from this software may not be called "OpenSSL"
+.\"    nor may "OpenSSL" appear in their names without prior written
+.\"    permission of the OpenSSL Project.
+.\"
+.\" 6. Redistributions of any form whatsoever must retain the following
+.\"    acknowledgment:
+.\"    "This product includes software developed by the OpenSSL Project
+.\"    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+.\" PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+.\" OF THE POSSIBILITY OF SUCH DAMAGE.
+.\"
+.Dd $Mdocdate: December 1 2023 $
+.Dt EVP_CIPHER_CTX_INIT 3
+.Os
+.Sh NAME
+.Nm EVP_CIPHER_CTX_init ,
+.Nm EVP_CIPHER_CTX_cleanup ,
+.Nm EVP_Cipher
+.Nd obsolete EVP cipher functions
+.Sh SYNOPSIS
+.In openssl/evp.h
+.Ft void
+.Fo EVP_CIPHER_CTX_init
+.Fa "EVP_CIPHER_CTX *ctx"
+.Fc
+.Ft int
+.Fo EVP_CIPHER_CTX_cleanup
+.Fa "EVP_CIPHER_CTX *ctx"
+.Fc
+.Ft int
+.Fo EVP_Cipher
+.Fa "EVP_CIPHER_CTX *ctx"
+.Fa "unsigned char *out"
+.Fa "const unsigned char *in"
+.Fa "unsigned int inl"
+.Fc
+.Sh DESCRIPTION
+.Fn EVP_CIPHER_CTX_init
+is a deprecated function to clear a cipher context on the stack
+before use.
+Do not use it on a cipher context returned from
+.Xr EVP_CIPHER_CTX_new 3
+or one that was already used.
+.Pp
+.Fn EVP_CIPHER_CTX_cleanup
+is a deprecated alias for
+.Xr EVP_CIPHER_CTX_reset 3 .
+It clears all information from
+.Fa ctx
+and frees all allocated memory associated with it, except the
+.Fa ctx
+object itself.
+.Pp
+.Fn EVP_Cipher
+encrypts or decrypts aligned blocks of data
+whose lengths match the cipher block size.
+It requires that the previous encryption or decryption operation
+using the same
+.Fa ctx ,
+if there was any, ended exactly on a block boundary and that
+.Fa inl
+is an integer multiple of the cipher block size.
+If either of these conditions is violated,
+.Fn EVP_Cipher
+silently produces incorrect results.
+For that reason, using the function
+.Xr EVP_CipherUpdate 3
+instead is strongly recommended.
+The latter can safely handle partial blocks, and even if
+.Fa inl
+actually is a multiple of the cipher block size for all calls,
+the overhead incurred by using
+.Xr EVP_CipherUpdate 3
+is minimal.
+.Sh RETURN VALUES
+.Fn EVP_CIPHER_CTX_cleanup
+and
+.Fn EVP_Cipher
+return 1 for success or 0 for failure.
+.Sh SEE ALSO
+.Xr evp 3 ,
+.Xr EVP_EncryptInit 3
+.Sh HISTORY
+.Fn EVP_Cipher
+first appeared in SSLeay 0.6.5.
+.Fn EVP_CIPHER_CTX_cleanup
+first appeared in SSLeay 0.8.0.
+.Fn EVP_CIPHER_CTX_init
+first appeared in SSLeay 0.9.0.
+All these functions have been available since
+.Ox 2.4 .
author	schwarze <>	2023-12-01 10:40:21 +0000
committer	schwarze <>	2023-12-01 10:40:21 +0000
commit	b96a4b784440cf187468037ed3da35454f5567e6 (patch)
tree	7938f7fbd9b5f339696036f09d5e7f1f30317b66 /src/lib/libcrypto/man/EVP_CIPHER_CTX_init.3
parent	7129e109fdac17c935230717075e826277b3c26a (diff)
download	openbsd-b96a4b784440cf187468037ed3da35454f5567e6.tar.gz openbsd-b96a4b784440cf187468037ed3da35454f5567e6.tar.bz2 openbsd-b96a4b784440cf187468037ed3da35454f5567e6.zip

diff --git a/src/lib/libcrypto/man/EVP_CIPHER_CTX_init.3 b/src/lib/libcrypto/man/EVP_CIPHER_CTX_init.3 new file mode 100644 index 0000000000..3bb40018f5 --- /dev/null +++ b/src/lib/libcrypto/man/EVP_CIPHER_CTX_init.3
@@ -0,0 +1,150 @@
	1	.\" $OpenBSD: EVP_CIPHER_CTX_init.3,v 1.1 2023/12/01 10:40:21 schwarze Exp $
	2	.\" full merge up to:
	3	.\" OpenSSL EVP_EncryptInit.pod 0874d7f2 Oct 11 13:13:47 2022 +0100
	4	.\"
	5	.\" This file is a derived work.
	6	.\" The changes are covered by the following Copyright and license:
	7	.\"
	8	.\" Copyright (c) 2018, 2019 Ingo Schwarze <schwarze@openbsd.org>
	9	.\"
	10	.\" Permission to use, copy, modify, and distribute this software for any
	11	.\" purpose with or without fee is hereby granted, provided that the above
	12	.\" copyright notice and this permission notice appear in all copies.
	13	.\"
	14	.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
	15	.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
	16	.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
	17	.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
	18	.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
	19	.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
	20	.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
	21	.\"
	22	.\" The original file was written by Dr. Stephen Henson <steve@openssl.org>
	23	.\" and Richard Levitte <levitte@openssl.org>.
	24	.\" Copyright (c) 2000-2001, 2015 The OpenSSL Project.
	25	.\" All rights reserved.
	26	.\"
	27	.\" Redistribution and use in source and binary forms, with or without
	28	.\" modification, are permitted provided that the following conditions
	29	.\" are met:
	30	.\"
	31	.\" 1. Redistributions of source code must retain the above copyright
	32	.\" notice, this list of conditions and the following disclaimer.
	33	.\"
	34	.\" 2. Redistributions in binary form must reproduce the above copyright
	35	.\" notice, this list of conditions and the following disclaimer in
	36	.\" the documentation and/or other materials provided with the
	37	.\" distribution.
	38	.\"
	39	.\" 3. All advertising materials mentioning features or use of this
	40	.\" software must display the following acknowledgment:
	41	.\" "This product includes software developed by the OpenSSL Project
	42	.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
	43	.\"
	44	.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
	45	.\" endorse or promote products derived from this software without
	46	.\" prior written permission. For written permission, please contact
	47	.\" openssl-core@openssl.org.
	48	.\"
	49	.\" 5. Products derived from this software may not be called "OpenSSL"
	50	.\" nor may "OpenSSL" appear in their names without prior written
	51	.\" permission of the OpenSSL Project.
	52	.\"
	53	.\" 6. Redistributions of any form whatsoever must retain the following
	54	.\" acknowledgment:
	55	.\" "This product includes software developed by the OpenSSL Project
	56	.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)"
	57	.\"
	58	.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
	59	.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	60	.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
	61	.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
	62	.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
	63	.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
	64	.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
	65	.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	66	.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
	67	.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
	68	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
	69	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
	70	.\"
	71	.Dd $Mdocdate: December 1 2023 $
	72	.Dt EVP_CIPHER_CTX_INIT 3
	73	.Os
	74	.Sh NAME
	75	.Nm EVP_CIPHER_CTX_init ,
	76	.Nm EVP_CIPHER_CTX_cleanup ,
	77	.Nm EVP_Cipher
	78	.Nd obsolete EVP cipher functions
	79	.Sh SYNOPSIS
	80	.In openssl/evp.h
	81	.Ft void
	82	.Fo EVP_CIPHER_CTX_init
	83	.Fa "EVP_CIPHER_CTX *ctx"
	84	.Fc
	85	.Ft int
	86	.Fo EVP_CIPHER_CTX_cleanup
	87	.Fa "EVP_CIPHER_CTX *ctx"
	88	.Fc
	89	.Ft int
	90	.Fo EVP_Cipher
	91	.Fa "EVP_CIPHER_CTX *ctx"
	92	.Fa "unsigned char *out"
	93	.Fa "const unsigned char *in"
	94	.Fa "unsigned int inl"
	95	.Fc
	96	.Sh DESCRIPTION
	97	.Fn EVP_CIPHER_CTX_init
	98	is a deprecated function to clear a cipher context on the stack
	99	before use.
	100	Do not use it on a cipher context returned from
	101	.Xr EVP_CIPHER_CTX_new 3
	102	or one that was already used.
	103	.Pp
	104	.Fn EVP_CIPHER_CTX_cleanup
	105	is a deprecated alias for
	106	.Xr EVP_CIPHER_CTX_reset 3 .
	107	It clears all information from
	108	.Fa ctx
	109	and frees all allocated memory associated with it, except the
	110	.Fa ctx
	111	object itself.
	112	.Pp
	113	.Fn EVP_Cipher
	114	encrypts or decrypts aligned blocks of data
	115	whose lengths match the cipher block size.
	116	It requires that the previous encryption or decryption operation
	117	using the same
	118	.Fa ctx ,
	119	if there was any, ended exactly on a block boundary and that
	120	.Fa inl
	121	is an integer multiple of the cipher block size.
	122	If either of these conditions is violated,
	123	.Fn EVP_Cipher
	124	silently produces incorrect results.
	125	For that reason, using the function
	126	.Xr EVP_CipherUpdate 3
	127	instead is strongly recommended.
	128	The latter can safely handle partial blocks, and even if
	129	.Fa inl
	130	actually is a multiple of the cipher block size for all calls,
	131	the overhead incurred by using
	132	.Xr EVP_CipherUpdate 3
	133	is minimal.
	134	.Sh RETURN VALUES
	135	.Fn EVP_CIPHER_CTX_cleanup
	136	and
	137	.Fn EVP_Cipher
	138	return 1 for success or 0 for failure.
	139	.Sh SEE ALSO
	140	.Xr evp 3 ,
	141	.Xr EVP_EncryptInit 3
	142	.Sh HISTORY
	143	.Fn EVP_Cipher
	144	first appeared in SSLeay 0.6.5.
	145	.Fn EVP_CIPHER_CTX_cleanup
	146	first appeared in SSLeay 0.8.0.
	147	.Fn EVP_CIPHER_CTX_init
	148	first appeared in SSLeay 0.9.0.
	149	All these functions have been available since
	150	.Ox 2.4 .