Document the low-level rc2.h API.

Not that this would be particularly important, but i had to look at the code anyway while completing the EVP documentation.
author: schwarze <> 2024-12-07 19:22:15 +0000
committer: schwarze <> 2024-12-07 19:22:15 +0000
commit: d8d79ed322f8b091f81f6e914b20585f96de9ee4 (patch)
tree: 67eef49c9be70a6a9c17dd1a8843d00532776a27 /src
parent: 0fb85d5a81b250c6f715310586bf8253c5c2a56a (diff)
download: openbsd-d8d79ed322f8b091f81f6e914b20585f96de9ee4.tar.gz
openbsd-d8d79ed322f8b091f81f6e914b20585f96de9ee4.tar.bz2
openbsd-d8d79ed322f8b091f81f6e914b20585f96de9ee4.zip
2 files changed, 198 insertions, 2 deletions
diff --git a/src/lib/libcrypto/man/RC2_encrypt.3 b/src/lib/libcrypto/man/RC2_encrypt.3
new file mode 100644
index 0000000000..a9edbd0301
--- /dev/null
+++ b/src/lib/libcrypto/man/RC2_encrypt.3
@@ -0,0 +1,195 @@
+.\" $OpenBSD: RC2_encrypt.3,v 1.1 2024/12/07 19:22:15 schwarze Exp $
+.\"
+.\" Copyright (c) 2024 Ingo Schwarze <schwarze@openbsd.org>
+.\"
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+.\"
+.Dd $Mdocdate: December 7 2024 $
+.Dt RC2_ENCRYPT 3
+.Os
+.Sh NAME
+.Nm RC2_set_key ,
+.Nm RC2_encrypt ,
+.Nm RC2_decrypt ,
+.Nm RC2_cbc_encrypt ,
+.Nm RC2_ecb_encrypt ,
+.Nm RC2_cfb64_encrypt ,
+.Nm RC2_ofb64_encrypt
+.Nd low-level functions for Rivest Cipher 2
+.Sh SYNOPSIS
+.In openssl/rc2.h
+.Ft void
+.Fo RC2_set_key
+.Fa "RC2_KEY *expanded_key"
+.Fa "int len"
+.Fa "const unsigned char *user_key"
+.Fa "int effective_bits"
+.Fc
+.Ft void
+.Fo RC2_encrypt
+.Fa "unsigned long *data"
+.Fa "RC2_KEY *expanded_key"
+.Fc
+.Ft void
+.Fo RC2_decrypt
+.Fa "unsigned long *data"
+.Fa "RC2_KEY *expanded_key"
+.Fc
+.Ft void
+.Fo RC2_cbc_encrypt
+.Fa "const unsigned char *in"
+.Fa "unsigned char *out"
+.Fa "long length"
+.Fa "RC2_KEY *expanded_key"
+.Fa "unsigned char *iv"
+.Fa "int encrypt"
+.Fc
+.Ft void
+.Fo RC2_ecb_encrypt
+.Fa "const unsigned char *in"
+.Fa "unsigned char *out"
+.Fa "RC2_KEY *expanded_key"
+.Fa "int encrypt"
+.Fc
+.Ft void
+.Fo RC2_cfb64_encrypt
+.Fa "const unsigned char *in"
+.Fa "unsigned char *out"
+.Fa "long length"
+.Fa "RC2_KEY *expanded_key"
+.Fa "unsigned char *iv"
+.Fa "int *num"
+.Fa "int encrypt"
+.Fc
+.Ft void
+.Fo RC2_ofb64_encrypt
+.Fa "const unsigned char *in"
+.Fa "unsigned char *out"
+.Fa "long length"
+.Fa "RC2_KEY *expanded_key"
+.Fa "unsigned char *iv"
+.Fa "int *num"
+.Fc
+.Sh DESCRIPTION
+RC2 is a block cipher operating on blocks of
+.Dv RC2_BLOCK No = 8
+bytes, equivalent to 64 bits, using a variable key length
+with an additional parameter called
+.Dq effective key bits
+or
+.Dq effective key length .
+The maximum effective key kength is 1024 bits.
+.Pp
+If using RC2 cannot be avoided, it is recommended that application
+programs use the
+.Xr EVP_rc2_cbc 3
+family of functions instead of the functions documented in the present
+manual page, to ease later migration to less outdated encryption algorithms.
+.Pp
+.Fn RC2_set_key
+expands the first
+.Fa len
+bytes of
+.Fa user_key
+into the
+.Vt RC2_KEY
+structure
+.Pf * Fa expanded_key .
+The storage for the expanded key has to be provided by the calling code.
+If the
+.Fa len
+argument exceeds 128, only the first 128 bytes are used.
+.Pp
+Optionally, if the
+.Fa effective_bits
+argument is positive and less than 1024, the effective key length of
+.Pf * Fa expanded_key
+is reduced to
+.Fa effective_bits .
+Reducing the effective key length is not cryptographically useful.
+This option was originally designed to conform to US export regulations
+valid at the time, which were designed to allow the US government
+to spy on foreign encrypted communications.
+Unless interoperability requires otherwise, setting
+.Fa effective_bits
+to 1024 is recommended.
+.Pp
+.Fn RC2_encrypt
+and
+.Fn RC2_decrypt
+interpret
+.Fa data
+as an array of two 32 bit integers and encrypt or decrypt
+that single block in place, respectively, using the
+.Fa expanded_key .
+.Pp
+The remaining functions encode or decode
+.Fa length
+bytes starting at
+.Fa in
+to
+.Fa length
+bytes starting at
+.Fa out
+in various modes of operation using the
+.Fa expanded_key .
+Both arrays need to be long enough to hold
+.Fa length
+bytes rounded up to the next multiple of 8.
+The
+.Fa iv
+argument points to an array of 8 bytes used as the initialization vector.
+If the
+.Fa encrypt
+argument is
+.Dv RC2_ENCRYPT
+or another non-zero value, encryption is performed;
+if it is
+.Dv RC2_DECRYPT No = 0 ,
+decryption is performed.
+.Pp
+.Fn RC2_cbc_encrypt
+operates in cipher block chaining mode.
+.Pp
+.Fn RC2_ecb_encrypt
+encodes or decodes eight bytes at
+.Fa in
+to
+eight bytes at
+.Fa out
+in electronic codebook mode.
+.Pp
+.Fn RC2_cfb64_encrypt
+and
+.Fn RC2_ofb64_encrypt
+operate in cipher feedback mode and output feedback mode, respectively,
+with 64 bit blocks.
+The number of bytes used from the last 8 byte block is kept track of in
+.Pf * Fa num .
+.Sh SEE ALSO
+.Xr crypto 3 ,
+.Xr EVP_EncryptInit 3 ,
+.Xr EVP_rc2_cbc 3
+.Sh HISTORY
+.Fn RC2_set_key ,
+.Fn RC2_encrypt ,
+.Fn RC2_cbc_encrypt ,
+.Fn RC2_ecb_encrypt ,
+.Fn RC2_cfb64_encrypt ,
+and
+.Fn RC2_ofb64_encrypt
+first appeared in SSLeay 0.5.2.
+.Fn RC2_decrypt
+first appeared in SSLeay 0.9.0.
+All these functions have been available since
+.Ox 2.4 .
diff --git a/src/lib/libcrypto/man/crypto.3 b/src/lib/libcrypto/man/crypto.3
index e63c1a78df..f1367e9e62 100644
--- a/src/lib/libcrypto/man/crypto.3
+++ b/src/lib/libcrypto/man/crypto.3
@@ -1,4 +1,4 @@
-.\"     $OpenBSD: crypto.3,v 1.29 2023/05/01 07:37:45 tb Exp $
+.\"     $OpenBSD: crypto.3,v 1.30 2024/12/07 19:22:15 schwarze Exp $
 .\"     OpenSSL a9c85cea Nov 11 09:33:55 2016 +0100
 .\"
 .\" This file is a derived work.
@@ -66,7 +66,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: May 1 2023 $
+.Dd $Mdocdate: December 7 2024 $
 .Dt CRYPTO 3
 .Os
 .Sh NAME
@@ -88,6 +88,7 @@ Low-level stand-alone interfaces include
 .Xr BF_set_key 3 ,
 .Xr ChaCha 3 ,
 .Xr DES_set_key 3 ,
+.Xr RC2_encrypt 3 ,
 and
 .Xr RC4 3 .
 .Pp
author	schwarze <>	2024-12-07 19:22:15 +0000
committer	schwarze <>	2024-12-07 19:22:15 +0000
commit	d8d79ed322f8b091f81f6e914b20585f96de9ee4 (patch)
tree	67eef49c9be70a6a9c17dd1a8843d00532776a27 /src
parent	0fb85d5a81b250c6f715310586bf8253c5c2a56a (diff)
download	openbsd-d8d79ed322f8b091f81f6e914b20585f96de9ee4.tar.gz openbsd-d8d79ed322f8b091f81f6e914b20585f96de9ee4.tar.bz2 openbsd-d8d79ed322f8b091f81f6e914b20585f96de9ee4.zip

diff --git a/src/lib/libcrypto/man/RC2_encrypt.3 b/src/lib/libcrypto/man/RC2_encrypt.3 new file mode 100644 index 0000000000..a9edbd0301 --- /dev/null +++ b/src/lib/libcrypto/man/RC2_encrypt.3
@@ -0,0 +1,195 @@
		1	.\" $OpenBSD: RC2_encrypt.3,v 1.1 2024/12/07 19:22:15 schwarze Exp $
		2	.\"
		3	.\" Copyright (c) 2024 Ingo Schwarze <schwarze@openbsd.org>
		4	.\"
		5	.\" Permission to use, copy, modify, and distribute this software for any
		6	.\" purpose with or without fee is hereby granted, provided that the above
		7	.\" copyright notice and this permission notice appear in all copies.
		8	.\"
		9	.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
		10	.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
		11	.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
		12	.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
		13	.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
		14	.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
		15	.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
		16	.\"
		17	.Dd $Mdocdate: December 7 2024 $
		18	.Dt RC2_ENCRYPT 3
		19	.Os
		20	.Sh NAME
		21	.Nm RC2_set_key ,
		22	.Nm RC2_encrypt ,
		23	.Nm RC2_decrypt ,
		24	.Nm RC2_cbc_encrypt ,
		25	.Nm RC2_ecb_encrypt ,
		26	.Nm RC2_cfb64_encrypt ,
		27	.Nm RC2_ofb64_encrypt
		28	.Nd low-level functions for Rivest Cipher 2
		29	.Sh SYNOPSIS
		30	.In openssl/rc2.h
		31	.Ft void
		32	.Fo RC2_set_key
		33	.Fa "RC2_KEY *expanded_key"
		34	.Fa "int len"
		35	.Fa "const unsigned char *user_key"
		36	.Fa "int effective_bits"
		37	.Fc
		38	.Ft void
		39	.Fo RC2_encrypt
		40	.Fa "unsigned long *data"
		41	.Fa "RC2_KEY *expanded_key"
		42	.Fc
		43	.Ft void
		44	.Fo RC2_decrypt
		45	.Fa "unsigned long *data"
		46	.Fa "RC2_KEY *expanded_key"
		47	.Fc
		48	.Ft void
		49	.Fo RC2_cbc_encrypt
		50	.Fa "const unsigned char *in"
		51	.Fa "unsigned char *out"
		52	.Fa "long length"
		53	.Fa "RC2_KEY *expanded_key"
		54	.Fa "unsigned char *iv"
		55	.Fa "int encrypt"
		56	.Fc
		57	.Ft void
		58	.Fo RC2_ecb_encrypt
		59	.Fa "const unsigned char *in"
		60	.Fa "unsigned char *out"
		61	.Fa "RC2_KEY *expanded_key"
		62	.Fa "int encrypt"
		63	.Fc
		64	.Ft void
		65	.Fo RC2_cfb64_encrypt
		66	.Fa "const unsigned char *in"
		67	.Fa "unsigned char *out"
		68	.Fa "long length"
		69	.Fa "RC2_KEY *expanded_key"
		70	.Fa "unsigned char *iv"
		71	.Fa "int *num"
		72	.Fa "int encrypt"
		73	.Fc
		74	.Ft void
		75	.Fo RC2_ofb64_encrypt
		76	.Fa "const unsigned char *in"
		77	.Fa "unsigned char *out"
		78	.Fa "long length"
		79	.Fa "RC2_KEY *expanded_key"
		80	.Fa "unsigned char *iv"
		81	.Fa "int *num"
		82	.Fc
		83	.Sh DESCRIPTION
		84	RC2 is a block cipher operating on blocks of
		85	.Dv RC2_BLOCK No = 8
		86	bytes, equivalent to 64 bits, using a variable key length
		87	with an additional parameter called
		88	.Dq effective key bits
		89	or
		90	.Dq effective key length .
		91	The maximum effective key kength is 1024 bits.
		92	.Pp
		93	If using RC2 cannot be avoided, it is recommended that application
		94	programs use the
		95	.Xr EVP_rc2_cbc 3
		96	family of functions instead of the functions documented in the present
		97	manual page, to ease later migration to less outdated encryption algorithms.
		98	.Pp
		99	.Fn RC2_set_key
		100	expands the first
		101	.Fa len
		102	bytes of
		103	.Fa user_key
		104	into the
		105	.Vt RC2_KEY
		106	structure
		107	.Pf * Fa expanded_key .
		108	The storage for the expanded key has to be provided by the calling code.
		109	If the
		110	.Fa len
		111	argument exceeds 128, only the first 128 bytes are used.
		112	.Pp
		113	Optionally, if the
		114	.Fa effective_bits
		115	argument is positive and less than 1024, the effective key length of
		116	.Pf * Fa expanded_key
		117	is reduced to
		118	.Fa effective_bits .
		119	Reducing the effective key length is not cryptographically useful.
		120	This option was originally designed to conform to US export regulations
		121	valid at the time, which were designed to allow the US government
		122	to spy on foreign encrypted communications.
		123	Unless interoperability requires otherwise, setting
		124	.Fa effective_bits
		125	to 1024 is recommended.
		126	.Pp
		127	.Fn RC2_encrypt
		128	and
		129	.Fn RC2_decrypt
		130	interpret
		131	.Fa data
		132	as an array of two 32 bit integers and encrypt or decrypt
		133	that single block in place, respectively, using the
		134	.Fa expanded_key .
		135	.Pp
		136	The remaining functions encode or decode
		137	.Fa length
		138	bytes starting at
		139	.Fa in
		140	to
		141	.Fa length
		142	bytes starting at
		143	.Fa out
		144	in various modes of operation using the
		145	.Fa expanded_key .
		146	Both arrays need to be long enough to hold
		147	.Fa length
		148	bytes rounded up to the next multiple of 8.
		149	The
		150	.Fa iv
		151	argument points to an array of 8 bytes used as the initialization vector.
		152	If the
		153	.Fa encrypt
		154	argument is
		155	.Dv RC2_ENCRYPT
		156	or another non-zero value, encryption is performed;
		157	if it is
		158	.Dv RC2_DECRYPT No = 0 ,
		159	decryption is performed.
		160	.Pp
		161	.Fn RC2_cbc_encrypt
		162	operates in cipher block chaining mode.
		163	.Pp
		164	.Fn RC2_ecb_encrypt
		165	encodes or decodes eight bytes at
		166	.Fa in
		167	to
		168	eight bytes at
		169	.Fa out
		170	in electronic codebook mode.
		171	.Pp
		172	.Fn RC2_cfb64_encrypt
		173	and
		174	.Fn RC2_ofb64_encrypt
		175	operate in cipher feedback mode and output feedback mode, respectively,
		176	with 64 bit blocks.
		177	The number of bytes used from the last 8 byte block is kept track of in
		178	.Pf * Fa num .
		179	.Sh SEE ALSO
		180	.Xr crypto 3 ,
		181	.Xr EVP_EncryptInit 3 ,
		182	.Xr EVP_rc2_cbc 3
		183	.Sh HISTORY
		184	.Fn RC2_set_key ,
		185	.Fn RC2_encrypt ,
		186	.Fn RC2_cbc_encrypt ,
		187	.Fn RC2_ecb_encrypt ,
		188	.Fn RC2_cfb64_encrypt ,
		189	and
		190	.Fn RC2_ofb64_encrypt
		191	first appeared in SSLeay 0.5.2.
		192	.Fn RC2_decrypt
		193	first appeared in SSLeay 0.9.0.
		194	All these functions have been available since
		195	.Ox 2.4 .


diff --git a/src/lib/libcrypto/man/crypto.3 b/src/lib/libcrypto/man/crypto.3 index e63c1a78df..f1367e9e62 100644 --- a/src/lib/libcrypto/man/crypto.3 +++ b/src/lib/libcrypto/man/crypto.3
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: crypto.3,v 1.29 2023/05/01 07:37:45 tb Exp $	1	.\" $OpenBSD: crypto.3,v 1.30 2024/12/07 19:22:15 schwarze Exp $
2	.\" OpenSSL a9c85cea Nov 11 09:33:55 2016 +0100	2	.\" OpenSSL a9c85cea Nov 11 09:33:55 2016 +0100
3	.\"	3	.\"
4	.\" This file is a derived work.	4	.\" This file is a derived work.
@@ -66,7 +66,7 @@
66	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	66	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
67	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	67	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
68	.\"	68	.\"
69	.Dd $Mdocdate: May 1 2023 $	69	.Dd $Mdocdate: December 7 2024 $
70	.Dt CRYPTO 3	70	.Dt CRYPTO 3
71	.Os	71	.Os
72	.Sh NAME	72	.Sh NAME
@@ -88,6 +88,7 @@ Low-level stand-alone interfaces include
88	.Xr BF_set_key 3 ,	88	.Xr BF_set_key 3 ,
89	.Xr ChaCha 3 ,	89	.Xr ChaCha 3 ,
90	.Xr DES_set_key 3 ,	90	.Xr DES_set_key 3 ,
		91	.Xr RC2_encrypt 3 ,
91	and	92	and
92	.Xr RC4 3 .	93	.Xr RC4 3 .
93	.Pp	94	.Pp