4 files changed, 47 insertions, 21 deletions
diff --git a/src/lib/libcrypto/man/EVP_EncryptInit.3 b/src/lib/libcrypto/man/EVP_EncryptInit.3
index a0adfbab09..32ed3349b9 100644
--- a/src/lib/libcrypto/man/EVP_EncryptInit.3
+++ b/src/lib/libcrypto/man/EVP_EncryptInit.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: EVP_EncryptInit.3,v 1.52 2024/07/21 08:36:43 tb Exp $
+.\" $OpenBSD: EVP_EncryptInit.3,v 1.53 2024/11/09 22:03:49 schwarze Exp $
 .\" full merge up to: OpenSSL 5211e094 Nov 11 14:39:11 2014 -0800
 .\"   EVP_bf_cbc.pod EVP_cast5_cbc.pod EVP_idea_cbc.pod EVP_rc2_cbc.pod
 .\"   7c6d372a Nov 20 13:20:01 2018 +0000
@@ -69,7 +69,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: July 21 2024 $
+.Dd $Mdocdate: November 9 2024 $
 .Dt EVP_ENCRYPTINIT 3
 .Os
 .Sh NAME
@@ -553,7 +553,6 @@ returns an
 .Vt EVP_CIPHER
 structure.
 .Sh CIPHER LISTING
-All algorithms have a fixed key length unless otherwise stated.
 .Bl -tag -width Ds
 .It Fn EVP_enc_null
 Null cipher: does nothing.
@@ -564,6 +563,8 @@ Null cipher: does nothing.
 .Fn EVP_idea_ofb
 .Xc
 IDEA encryption algorithm in CBC, ECB, CFB and OFB modes respectively.
+IDEA is a block cipher operating on 64 bit blocks using a 128 bit
+.Fa key .
 .Fn EVP_idea_cfb
 is an alias for
 .Fn EVP_idea_cfb64 ,
@@ -575,7 +576,9 @@ implemented as a macro.
 .Fn EVP_rc2_ofb
 .Xc
 RC2 encryption algorithm in CBC, ECB, CFB and OFB modes respectively.
-This is a variable key length cipher with an additional parameter called
+RC2 is a block cipher operating on 64 bit blocks using a variable
+.Fa key
+length with an additional parameter called
 "effective key bits" or "effective key length".
 By default both are set to 128 bits.
 .Fn EVP_rc2_cfb
@@ -602,7 +605,10 @@ to set the key length and effective key length.
 .Xc
 Blowfish encryption algorithm in CBC, ECB, CFB and OFB modes
 respectively.
-This is a variable key length cipher.
+Blowfish is a block cipher operating on 64 bit blocks using a variable
+.Fa key
+length.
+The default key length is 128 bits.
 .Fn EVP_bf_cfb
 is an alias for
 .Fn EVP_bf_cfb64 ,
@@ -613,21 +619,28 @@ implemented as a macro.
 .Fn EVP_cast5_cfb64 ,
 .Fn EVP_cast5_ofb
 .Xc
-CAST encryption algorithm in CBC, ECB, CFB and OFB modes respectively.
+CAST-128 encryption algorithm in CBC, ECB, CFB and OFB modes respectively.
-This is a variable key length cipher.
+CAST-128 is a block cipher operating on 64 bit blocks using a variable
+.Fa key
+length.
+The default and maximum key length is 128 bits.
 .Fn EVP_cast5_cfb
 is an alias for
 .Fn EVP_cast5_cfb64 ,
 implemented as a macro.
 .El
 .Pp
-See also
+Some algorithms are documented in separate manual pages:
-.Xr EVP_aes_128_cbc 3 ,
+.Pp
-.Xr EVP_camellia_128_cbc 3 ,
+.Bl -column "EVP_camellia_128_cbc(3)" "block size" -compact
-.Xr EVP_des_cbc 3 ,
+.It manual page               Ta block size Ta Fa key No size Pq in bits
-.Xr EVP_rc4 3 ,
+.It Xr EVP_aes_128_cbc 3      Ta 128        Ta 128, 192, 256
-and
+.It Xr EVP_camellia_128_cbc 3 Ta 128        Ta 128, 192, 256
-.Xr EVP_sm4_cbc 3 .
+.It Xr EVP_chacha20 3         Ta stream     Ta 256
+.It Xr EVP_des_cbc 3          Ta 64         Ta 64
+.It Xr EVP_rc4 3              Ta stream     Ta variable, default 128
+.It Xr EVP_sm4_cbc 3          Ta 128        Ta 128
+.El
 .Ss GCM mode
 For GCM mode ciphers, the behaviour of the EVP interface
 is subtly altered and several additional ctrl operations are
diff --git a/src/lib/libcrypto/man/EVP_aes_128_cbc.3 b/src/lib/libcrypto/man/EVP_aes_128_cbc.3
index 4d153e5cbd..6249bf7348 100644
--- a/src/lib/libcrypto/man/EVP_aes_128_cbc.3
+++ b/src/lib/libcrypto/man/EVP_aes_128_cbc.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: EVP_aes_128_cbc.3,v 1.5 2023/11/16 20:27:43 schwarze Exp $
+.\" $OpenBSD: EVP_aes_128_cbc.3,v 1.6 2024/11/09 22:03:49 schwarze Exp $
 .\" selective merge up to: OpenSSL 7c6d372a Nov 20 13:20:01 2018 +0000
 .\"
 .\" This file was written by Ronald Tse <ronald.tse@ribose.com>
@@ -48,7 +48,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: November 16 2023 $
+.Dd $Mdocdate: November 9 2024 $
 .Dt EVP_AES_128_CBC 3
 .Os
 .Sh NAME
@@ -170,6 +170,8 @@
 These functions provide the AES encryption algorithm in the
 .Xr evp 3
 framework.
+AES is a family of block ciphers operating on 128 bit blocks
+using key lengths of 128, 192, and 256 bits.
 .Pp
 .Fn EVP_aes_128_cbc ,
 .Fn EVP_aes_192_cbc ,
diff --git a/src/lib/libcrypto/man/EVP_camellia_128_cbc.3 b/src/lib/libcrypto/man/EVP_camellia_128_cbc.3
index 190247a68b..6f15a85f7f 100644
--- a/src/lib/libcrypto/man/EVP_camellia_128_cbc.3
+++ b/src/lib/libcrypto/man/EVP_camellia_128_cbc.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: EVP_camellia_128_cbc.3,v 1.2 2020/06/24 18:15:00 jmc Exp $
+.\" $OpenBSD: EVP_camellia_128_cbc.3,v 1.3 2024/11/09 22:03:49 schwarze Exp $
 .\" selective merge up to: OpenSSL 7c6d372a Nov 20 13:20:01 2018 +0000
 .\"
 .\" This file was written by Ronald Tse <ronald.tse@ribose.com>
@@ -48,7 +48,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: June 24 2020 $
+.Dd $Mdocdate: November 9 2024 $
 .Dt EVP_CAMELLIA_128_CBC 3
 .Os
 .Sh NAME
@@ -122,7 +122,9 @@
 These functions provide the Camellia encryption algorithm in the
 .Xr evp 3
 framework.
-They use 128, 192, and 256-bit keys in the following modes, respectively:
+Camellia is a block cipher operating on 128 bit blocks.
+These functions use 128, 192, and 256-bit keys
+in the following modes, respectively:
 CBC, CFB with 1-bit shift, CFB with 8-bit shift, CFB with 128-bit shift,
 ECB, and OFB.
 .Pp
diff --git a/src/lib/libcrypto/man/EVP_des_cbc.3 b/src/lib/libcrypto/man/EVP_des_cbc.3
index 759e03fac0..7c8a08c7db 100644
--- a/src/lib/libcrypto/man/EVP_des_cbc.3
+++ b/src/lib/libcrypto/man/EVP_des_cbc.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: EVP_des_cbc.3,v 1.1 2019/03/21 12:54:37 schwarze Exp $
+.\" $OpenBSD: EVP_des_cbc.3,v 1.2 2024/11/09 22:03:49 schwarze Exp $
 .\" full merge up to:
 .\"   OpenSSL EVP_desx_cbc.pod 8fa4d95e Oct 21 11:59:09 2017 +0900
 .\" selective merge up to:
@@ -51,7 +51,7 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: March 21 2019 $
+.Dd $Mdocdate: November 9 2024 $
 .Dt EVP_DES_CBC 3
 .Os
 .Sh NAME
@@ -128,6 +128,15 @@
 These functions provide the DES encryption algorithm in the
 .Xr evp 3
 framework.
+DES is a block cipher operating on 64 bit blocks.
+The key length to be used for
+.Xr EVP_EncryptInit 3
+is 64 bits.
+However, only 56 of these bits are used in the encryption algorithm.
+The least significant bit in each of the eight bytes is only used
+for checking parity.
+Using this algorithm is discouraged because the short key length
+makes it vulnerable to brute force attacks.
 .Pp
 .Fn EVP_des_cbc ,
 .Fn EVP_des_cfb1 ,

diff --git a/src/lib/libcrypto/man/EVP_EncryptInit.3 b/src/lib/libcrypto/man/EVP_EncryptInit.3 index a0adfbab09..32ed3349b9 100644 --- a/src/lib/libcrypto/man/EVP_EncryptInit.3 +++ b/src/lib/libcrypto/man/EVP_EncryptInit.3
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: EVP_EncryptInit.3,v 1.52 2024/07/21 08:36:43 tb Exp $	1	.\" $OpenBSD: EVP_EncryptInit.3,v 1.53 2024/11/09 22:03:49 schwarze Exp $
2	.\" full merge up to: OpenSSL 5211e094 Nov 11 14:39:11 2014 -0800	2	.\" full merge up to: OpenSSL 5211e094 Nov 11 14:39:11 2014 -0800
3	.\" EVP_bf_cbc.pod EVP_cast5_cbc.pod EVP_idea_cbc.pod EVP_rc2_cbc.pod	3	.\" EVP_bf_cbc.pod EVP_cast5_cbc.pod EVP_idea_cbc.pod EVP_rc2_cbc.pod
4	.\" 7c6d372a Nov 20 13:20:01 2018 +0000	4	.\" 7c6d372a Nov 20 13:20:01 2018 +0000
@@ -69,7 +69,7 @@
69	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	69	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
70	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	70	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
71	.\"	71	.\"
72	.Dd $Mdocdate: July 21 2024 $	72	.Dd $Mdocdate: November 9 2024 $
73	.Dt EVP_ENCRYPTINIT 3	73	.Dt EVP_ENCRYPTINIT 3
74	.Os	74	.Os
75	.Sh NAME	75	.Sh NAME
@@ -553,7 +553,6 @@ returns an
553	.Vt EVP_CIPHER	553	.Vt EVP_CIPHER
554	structure.	554	structure.
555	.Sh CIPHER LISTING	555	.Sh CIPHER LISTING
556	All algorithms have a fixed key length unless otherwise stated.
557	.Bl -tag -width Ds	556	.Bl -tag -width Ds
558	.It Fn EVP_enc_null	557	.It Fn EVP_enc_null
559	Null cipher: does nothing.	558	Null cipher: does nothing.
@@ -564,6 +563,8 @@ Null cipher: does nothing.
564	.Fn EVP_idea_ofb	563	.Fn EVP_idea_ofb
565	.Xc	564	.Xc
566	IDEA encryption algorithm in CBC, ECB, CFB and OFB modes respectively.	565	IDEA encryption algorithm in CBC, ECB, CFB and OFB modes respectively.
		566	IDEA is a block cipher operating on 64 bit blocks using a 128 bit
		567	.Fa key .
567	.Fn EVP_idea_cfb	568	.Fn EVP_idea_cfb
568	is an alias for	569	is an alias for
569	.Fn EVP_idea_cfb64 ,	570	.Fn EVP_idea_cfb64 ,
@@ -575,7 +576,9 @@ implemented as a macro.
575	.Fn EVP_rc2_ofb	576	.Fn EVP_rc2_ofb
576	.Xc	577	.Xc
577	RC2 encryption algorithm in CBC, ECB, CFB and OFB modes respectively.	578	RC2 encryption algorithm in CBC, ECB, CFB and OFB modes respectively.
578	This is a variable key length cipher with an additional parameter called	579	RC2 is a block cipher operating on 64 bit blocks using a variable
		580	.Fa key
		581	length with an additional parameter called
579	"effective key bits" or "effective key length".	582	"effective key bits" or "effective key length".
580	By default both are set to 128 bits.	583	By default both are set to 128 bits.
581	.Fn EVP_rc2_cfb	584	.Fn EVP_rc2_cfb
@@ -602,7 +605,10 @@ to set the key length and effective key length.
602	.Xc	605	.Xc
603	Blowfish encryption algorithm in CBC, ECB, CFB and OFB modes	606	Blowfish encryption algorithm in CBC, ECB, CFB and OFB modes
604	respectively.	607	respectively.
605	This is a variable key length cipher.	608	Blowfish is a block cipher operating on 64 bit blocks using a variable
		609	.Fa key
		610	length.
		611	The default key length is 128 bits.
606	.Fn EVP_bf_cfb	612	.Fn EVP_bf_cfb
607	is an alias for	613	is an alias for
608	.Fn EVP_bf_cfb64 ,	614	.Fn EVP_bf_cfb64 ,
@@ -613,21 +619,28 @@ implemented as a macro.
613	.Fn EVP_cast5_cfb64 ,	619	.Fn EVP_cast5_cfb64 ,
614	.Fn EVP_cast5_ofb	620	.Fn EVP_cast5_ofb
615	.Xc	621	.Xc
616	CAST encryption algorithm in CBC, ECB, CFB and OFB modes respectively.	622	CAST-128 encryption algorithm in CBC, ECB, CFB and OFB modes respectively.
617	This is a variable key length cipher.	623	CAST-128 is a block cipher operating on 64 bit blocks using a variable
		624	.Fa key
		625	length.
		626	The default and maximum key length is 128 bits.
618	.Fn EVP_cast5_cfb	627	.Fn EVP_cast5_cfb
619	is an alias for	628	is an alias for
620	.Fn EVP_cast5_cfb64 ,	629	.Fn EVP_cast5_cfb64 ,
621	implemented as a macro.	630	implemented as a macro.
622	.El	631	.El
623	.Pp	632	.Pp
624	See also	633	Some algorithms are documented in separate manual pages:
625	.Xr EVP_aes_128_cbc 3 ,	634	.Pp
626	.Xr EVP_camellia_128_cbc 3 ,	635	.Bl -column "EVP_camellia_128_cbc(3)" "block size" -compact
627	.Xr EVP_des_cbc 3 ,	636	.It manual page Ta block size Ta Fa key No size Pq in bits
628	.Xr EVP_rc4 3 ,	637	.It Xr EVP_aes_128_cbc 3 Ta 128 Ta 128, 192, 256
629	and	638	.It Xr EVP_camellia_128_cbc 3 Ta 128 Ta 128, 192, 256
630	.Xr EVP_sm4_cbc 3 .	639	.It Xr EVP_chacha20 3 Ta stream Ta 256
		640	.It Xr EVP_des_cbc 3 Ta 64 Ta 64
		641	.It Xr EVP_rc4 3 Ta stream Ta variable, default 128
		642	.It Xr EVP_sm4_cbc 3 Ta 128 Ta 128
		643	.El
631	.Ss GCM mode	644	.Ss GCM mode
632	For GCM mode ciphers, the behaviour of the EVP interface	645	For GCM mode ciphers, the behaviour of the EVP interface
633	is subtly altered and several additional ctrl operations are	646	is subtly altered and several additional ctrl operations are


diff --git a/src/lib/libcrypto/man/EVP_aes_128_cbc.3 b/src/lib/libcrypto/man/EVP_aes_128_cbc.3 index 4d153e5cbd..6249bf7348 100644 --- a/src/lib/libcrypto/man/EVP_aes_128_cbc.3 +++ b/src/lib/libcrypto/man/EVP_aes_128_cbc.3
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: EVP_aes_128_cbc.3,v 1.5 2023/11/16 20:27:43 schwarze Exp $	1	.\" $OpenBSD: EVP_aes_128_cbc.3,v 1.6 2024/11/09 22:03:49 schwarze Exp $
2	.\" selective merge up to: OpenSSL 7c6d372a Nov 20 13:20:01 2018 +0000	2	.\" selective merge up to: OpenSSL 7c6d372a Nov 20 13:20:01 2018 +0000
3	.\"	3	.\"
4	.\" This file was written by Ronald Tse <ronald.tse@ribose.com>	4	.\" This file was written by Ronald Tse <ronald.tse@ribose.com>
@@ -48,7 +48,7 @@
48	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	48	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	49	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50	.\"	50	.\"
51	.Dd $Mdocdate: November 16 2023 $	51	.Dd $Mdocdate: November 9 2024 $
52	.Dt EVP_AES_128_CBC 3	52	.Dt EVP_AES_128_CBC 3
53	.Os	53	.Os
54	.Sh NAME	54	.Sh NAME
@@ -170,6 +170,8 @@
170	These functions provide the AES encryption algorithm in the	170	These functions provide the AES encryption algorithm in the
171	.Xr evp 3	171	.Xr evp 3
172	framework.	172	framework.
		173	AES is a family of block ciphers operating on 128 bit blocks
		174	using key lengths of 128, 192, and 256 bits.
173	.Pp	175	.Pp
174	.Fn EVP_aes_128_cbc ,	176	.Fn EVP_aes_128_cbc ,
175	.Fn EVP_aes_192_cbc ,	177	.Fn EVP_aes_192_cbc ,


diff --git a/src/lib/libcrypto/man/EVP_camellia_128_cbc.3 b/src/lib/libcrypto/man/EVP_camellia_128_cbc.3 index 190247a68b..6f15a85f7f 100644 --- a/src/lib/libcrypto/man/EVP_camellia_128_cbc.3 +++ b/src/lib/libcrypto/man/EVP_camellia_128_cbc.3
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: EVP_camellia_128_cbc.3,v 1.2 2020/06/24 18:15:00 jmc Exp $	1	.\" $OpenBSD: EVP_camellia_128_cbc.3,v 1.3 2024/11/09 22:03:49 schwarze Exp $
2	.\" selective merge up to: OpenSSL 7c6d372a Nov 20 13:20:01 2018 +0000	2	.\" selective merge up to: OpenSSL 7c6d372a Nov 20 13:20:01 2018 +0000
3	.\"	3	.\"
4	.\" This file was written by Ronald Tse <ronald.tse@ribose.com>	4	.\" This file was written by Ronald Tse <ronald.tse@ribose.com>
@@ -48,7 +48,7 @@
48	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	48	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
49	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	49	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
50	.\"	50	.\"
51	.Dd $Mdocdate: June 24 2020 $	51	.Dd $Mdocdate: November 9 2024 $
52	.Dt EVP_CAMELLIA_128_CBC 3	52	.Dt EVP_CAMELLIA_128_CBC 3
53	.Os	53	.Os
54	.Sh NAME	54	.Sh NAME
@@ -122,7 +122,9 @@
122	These functions provide the Camellia encryption algorithm in the	122	These functions provide the Camellia encryption algorithm in the
123	.Xr evp 3	123	.Xr evp 3
124	framework.	124	framework.
125	They use 128, 192, and 256-bit keys in the following modes, respectively:	125	Camellia is a block cipher operating on 128 bit blocks.
		126	These functions use 128, 192, and 256-bit keys
		127	in the following modes, respectively:
126	CBC, CFB with 1-bit shift, CFB with 8-bit shift, CFB with 128-bit shift,	128	CBC, CFB with 1-bit shift, CFB with 8-bit shift, CFB with 128-bit shift,
127	ECB, and OFB.	129	ECB, and OFB.
128	.Pp	130	.Pp


diff --git a/src/lib/libcrypto/man/EVP_des_cbc.3 b/src/lib/libcrypto/man/EVP_des_cbc.3 index 759e03fac0..7c8a08c7db 100644 --- a/src/lib/libcrypto/man/EVP_des_cbc.3 +++ b/src/lib/libcrypto/man/EVP_des_cbc.3
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: EVP_des_cbc.3,v 1.1 2019/03/21 12:54:37 schwarze Exp $	1	.\" $OpenBSD: EVP_des_cbc.3,v 1.2 2024/11/09 22:03:49 schwarze Exp $
2	.\" full merge up to:	2	.\" full merge up to:
3	.\" OpenSSL EVP_desx_cbc.pod 8fa4d95e Oct 21 11:59:09 2017 +0900	3	.\" OpenSSL EVP_desx_cbc.pod 8fa4d95e Oct 21 11:59:09 2017 +0900
4	.\" selective merge up to:	4	.\" selective merge up to:
@@ -51,7 +51,7 @@
51	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED	51	.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
52	.\" OF THE POSSIBILITY OF SUCH DAMAGE.	52	.\" OF THE POSSIBILITY OF SUCH DAMAGE.
53	.\"	53	.\"
54	.Dd $Mdocdate: March 21 2019 $	54	.Dd $Mdocdate: November 9 2024 $
55	.Dt EVP_DES_CBC 3	55	.Dt EVP_DES_CBC 3
56	.Os	56	.Os
57	.Sh NAME	57	.Sh NAME
@@ -128,6 +128,15 @@
128	These functions provide the DES encryption algorithm in the	128	These functions provide the DES encryption algorithm in the
129	.Xr evp 3	129	.Xr evp 3
130	framework.	130	framework.
		131	DES is a block cipher operating on 64 bit blocks.
		132	The key length to be used for
		133	.Xr EVP_EncryptInit 3
		134	is 64 bits.
		135	However, only 56 of these bits are used in the encryption algorithm.
		136	The least significant bit in each of the eight bytes is only used
		137	for checking parity.
		138	Using this algorithm is discouraged because the short key length
		139	makes it vulnerable to brute force attacks.
131	.Pp	140	.Pp
132	.Fn EVP_des_cbc ,	141	.Fn EVP_des_cbc ,
133	.Fn EVP_des_cfb1 ,	142	.Fn EVP_des_cfb1 ,