summaryrefslogtreecommitdiff
path: root/src/lib
diff options
context:
space:
mode:
authorschwarze <>2019-03-19 19:50:03 +0000
committerschwarze <>2019-03-19 19:50:03 +0000
commitcc008cce259ba8fd951eb5ca8fa12e1b3ece4f8c (patch)
treeb722f67c61a07d31b7ddff717cead257db8bfca0 /src/lib
parent9ae692347a234e6733cfcda5ecaaa6d4308eb627 (diff)
downloadopenbsd-cc008cce259ba8fd951eb5ca8fa12e1b3ece4f8c.tar.gz
openbsd-cc008cce259ba8fd951eb5ca8fa12e1b3ece4f8c.tar.bz2
openbsd-cc008cce259ba8fd951eb5ca8fa12e1b3ece4f8c.zip
Document the flag EVP_CIPHER_CTX_FLAG_WRAP_ALLOW needed for the EVP
AES wrap modes, the function EVP_CIPHER_CTX_set_flags(3) needed to set it, and the companion functions EVP_CIPHER_CTX_clear_flags(3) and EVP_CIPHER_CTX_test_flags(3). With help and an OK from tb@.
Diffstat (limited to 'src/lib')
-rw-r--r--src/lib/libcrypto/man/EVP_EncryptInit.346
-rw-r--r--src/lib/libcrypto/man/EVP_aes_128_cbc.329
2 files changed, 71 insertions, 4 deletions
diff --git a/src/lib/libcrypto/man/EVP_EncryptInit.3 b/src/lib/libcrypto/man/EVP_EncryptInit.3
index 10d30c4cf0..bb2457d9e0 100644
--- a/src/lib/libcrypto/man/EVP_EncryptInit.3
+++ b/src/lib/libcrypto/man/EVP_EncryptInit.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: EVP_EncryptInit.3,v 1.28 2019/03/18 11:38:16 schwarze Exp $ 1.\" $OpenBSD: EVP_EncryptInit.3,v 1.29 2019/03/19 19:50:03 schwarze Exp $
2.\" full merge up to: OpenSSL 5211e094 Nov 11 14:39:11 2014 -0800 2.\" full merge up to: OpenSSL 5211e094 Nov 11 14:39:11 2014 -0800
3.\" selective merge up to: OpenSSL 16cfc2c9 Mar 8 22:30:28 2018 +0100 3.\" selective merge up to: OpenSSL 16cfc2c9 Mar 8 22:30:28 2018 +0100
4.\" 4.\"
@@ -51,7 +51,7 @@
51.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 51.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
52.\" OF THE POSSIBILITY OF SUCH DAMAGE. 52.\" OF THE POSSIBILITY OF SUCH DAMAGE.
53.\" 53.\"
54.Dd $Mdocdate: March 18 2019 $ 54.Dd $Mdocdate: March 19 2019 $
55.Dt EVP_ENCRYPTINIT 3 55.Dt EVP_ENCRYPTINIT 3
56.Os 56.Os
57.Sh NAME 57.Sh NAME
@@ -75,6 +75,9 @@
75.Nm EVP_DecryptFinal , 75.Nm EVP_DecryptFinal ,
76.Nm EVP_CipherInit , 76.Nm EVP_CipherInit ,
77.Nm EVP_CipherFinal , 77.Nm EVP_CipherFinal ,
78.Nm EVP_CIPHER_CTX_set_flags ,
79.Nm EVP_CIPHER_CTX_clear_flags ,
80.Nm EVP_CIPHER_CTX_test_flags ,
78.Nm EVP_CIPHER_CTX_set_padding , 81.Nm EVP_CIPHER_CTX_set_padding ,
79.Nm EVP_CIPHER_CTX_set_key_length , 82.Nm EVP_CIPHER_CTX_set_key_length ,
80.Nm EVP_CIPHER_CTX_ctrl , 83.Nm EVP_CIPHER_CTX_ctrl ,
@@ -267,6 +270,21 @@
267.Fa "unsigned char *outm" 270.Fa "unsigned char *outm"
268.Fa "int *outl" 271.Fa "int *outl"
269.Fc 272.Fc
273.Ft void
274.Fo EVP_CIPHER_CTX_set_flags
275.Fa "EVP_CIPHER_CTX *ctx"
276.Fa "int flags"
277.Fc
278.Ft void
279.Fo EVP_CIPHER_CTX_clear_flags
280.Fa "EVP_CIPHER_CTX *ctx"
281.Fa "int flags"
282.Fc
283.Ft int
284.Fo EVP_CIPHER_CTX_test_flags
285.Fa "EVP_CIPHER_CTX *ctx"
286.Fa "int flags"
287.Fc
270.Ft int 288.Ft int
271.Fo EVP_CIPHER_CTX_set_padding 289.Fo EVP_CIPHER_CTX_set_padding
272.Fa "EVP_CIPHER_CTX *x" 290.Fa "EVP_CIPHER_CTX *x"
@@ -595,6 +613,30 @@ structure.
595The actual NID value is an internal value which may not have a 613The actual NID value is an internal value which may not have a
596corresponding OBJECT IDENTIFIER. 614corresponding OBJECT IDENTIFIER.
597.Pp 615.Pp
616.Fn EVP_CIPHER_CTX_set_flags
617enables the given
618.Fa flags
619in
620.Fa ctx .
621.Fn EVP_CIPHER_CTX_clear_flags
622disables the given
623.Fa flags
624in
625.Fa ctx .
626.Fn EVP_CIPHER_CTX_test_flags
627checks whether any of the given
628.Fa flags
629are currently set in
630.Fa ctx ,
631returning the subset of the
632.Fa flags
633that are set, or 0 if none of them are set.
634Currently, the only supported cipher context flag is
635.Dv EVP_CIPHER_CTX_FLAG_WRAP_ALLOW ;
636see
637.Xr EVP_aes_128_wrap 3
638for details.
639.Pp
598.Fn EVP_CIPHER_CTX_set_padding 640.Fn EVP_CIPHER_CTX_set_padding
599enables or disables padding. 641enables or disables padding.
600This function should be called after the context is set up for 642This function should be called after the context is set up for
diff --git a/src/lib/libcrypto/man/EVP_aes_128_cbc.3 b/src/lib/libcrypto/man/EVP_aes_128_cbc.3
index 8c01f07f55..be8e5ff75b 100644
--- a/src/lib/libcrypto/man/EVP_aes_128_cbc.3
+++ b/src/lib/libcrypto/man/EVP_aes_128_cbc.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: EVP_aes_128_cbc.3,v 1.1 2019/03/18 11:38:16 schwarze Exp $ 1.\" $OpenBSD: EVP_aes_128_cbc.3,v 1.2 2019/03/19 19:50:03 schwarze Exp $
2.\" selective merge up to: OpenSSL 7c6d372a Nov 20 13:20:01 2018 +0000 2.\" selective merge up to: OpenSSL 7c6d372a Nov 20 13:20:01 2018 +0000
3.\" 3.\"
4.\" This file was written by Ronald Tse <ronald.tse@ribose.com> 4.\" This file was written by Ronald Tse <ronald.tse@ribose.com>
@@ -48,7 +48,7 @@
48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 48.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49.\" OF THE POSSIBILITY OF SUCH DAMAGE. 49.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50.\" 50.\"
51.Dd $Mdocdate: March 18 2019 $ 51.Dd $Mdocdate: March 19 2019 $
52.Dt EVP_AES_128_CBC 3 52.Dt EVP_AES_128_CBC 3
53.Os 53.Os
54.Sh NAME 54.Sh NAME
@@ -237,6 +237,31 @@ and
237.Fn EVP_aes_256_wrap 237.Fn EVP_aes_256_wrap
238provide AES key wrap with 128, 192 and 256 bit keys 238provide AES key wrap with 128, 192 and 256 bit keys
239according to RFC 3394 section 2.2.1 ("wrap"). 239according to RFC 3394 section 2.2.1 ("wrap").
240When the returned
241.Vt EVP_CIPHER
242object is later passed to
243.Xr EVP_CipherInit_ex 3 ,
244.Xr EVP_EncryptInit_ex 3 ,
245or
246.Xr EVP_DecryptInit_ex 3
247together with an
248.Vt EVP_CIPHER_CTX
249object, the flag
250.Dv EVP_CIPHER_CTX_FLAG_WRAP_ALLOW
251must have been set in the
252.Vt EVP_CIPHER_CTX
253using
254.Xr EVP_CIPHER_CTX_set_flags 3 .
255Otherwise, or when passing the returned
256.Vt EVP_CIPHER
257object to
258.Xr EVP_CipherInit 3 ,
259.Xr EVP_EncryptInit 3 ,
260or
261.Xr EVP_DecryptInit 3 ,
262initialization fails with a
263.Dq wrap not allowed
264error.
240.Pp 265.Pp
241.Fn EVP_aes_128_xts 266.Fn EVP_aes_128_xts
242and 267and
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-23 11:17:50 +0000