diff options
Diffstat (limited to 'src/lib/libcrypto/doc/EVP_SealInit.pod')
| -rw-r--r-- | src/lib/libcrypto/doc/EVP_SealInit.pod | 78 |
1 files changed, 0 insertions, 78 deletions
diff --git a/src/lib/libcrypto/doc/EVP_SealInit.pod b/src/lib/libcrypto/doc/EVP_SealInit.pod deleted file mode 100644 index 25ef07f7c7..0000000000 --- a/src/lib/libcrypto/doc/EVP_SealInit.pod +++ /dev/null | |||
| @@ -1,78 +0,0 @@ | |||
| 1 | =pod | ||
| 2 | |||
| 3 | =head1 NAME | ||
| 4 | |||
| 5 | EVP_SealInit, EVP_SealUpdate, EVP_SealFinal - EVP envelope encryption | ||
| 6 | |||
| 7 | =head1 SYNOPSIS | ||
| 8 | |||
| 9 | #include <openssl/evp.h> | ||
| 10 | |||
| 11 | int EVP_SealInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char **ek, | ||
| 12 | int *ekl, unsigned char *iv,EVP_PKEY **pubk, int npubk); | ||
| 13 | int EVP_SealUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, | ||
| 14 | int *outl, unsigned char *in, int inl); | ||
| 15 | int EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, | ||
| 16 | int *outl); | ||
| 17 | |||
| 18 | =head1 DESCRIPTION | ||
| 19 | |||
| 20 | The EVP envelope routines are a high level interface to envelope | ||
| 21 | encryption. They generate a random key and then "envelope" it by | ||
| 22 | using public key encryption. Data can then be encrypted using this | ||
| 23 | key. | ||
| 24 | |||
| 25 | EVP_SealInit() initializes a cipher context B<ctx> for encryption | ||
| 26 | with cipher B<type> using a random secret key and IV supplied in | ||
| 27 | the B<iv> parameter. B<type> is normally supplied by a function such | ||
| 28 | as EVP_des_cbc(). The secret key is encrypted using one or more public | ||
| 29 | keys, this allows the same encrypted data to be decrypted using any | ||
| 30 | of the corresponding private keys. B<ek> is an array of buffers where | ||
| 31 | the public key encrypted secret key will be written, each buffer must | ||
| 32 | contain enough room for the corresponding encrypted key: that is | ||
| 33 | B<ek[i]> must have room for B<EVP_PKEY_size(pubk[i])> bytes. The actual | ||
| 34 | size of each encrypted secret key is written to the array B<ekl>. B<pubk> is | ||
| 35 | an array of B<npubk> public keys. | ||
| 36 | |||
| 37 | EVP_SealUpdate() and EVP_SealFinal() have exactly the same properties | ||
| 38 | as the EVP_EncryptUpdate() and EVP_EncryptFinal() routines, as | ||
| 39 | documented on the L<EVP_EncryptInit(3)|EVP_EncryptInit(3)> manual | ||
| 40 | page. | ||
| 41 | |||
| 42 | =head1 RETURN VALUES | ||
| 43 | |||
| 44 | EVP_SealInit() returns 0 on error or B<npubk> if successful. | ||
| 45 | |||
| 46 | EVP_SealUpdate() and EVP_SealFinal() return 1 for success and 0 for | ||
| 47 | failure. | ||
| 48 | |||
| 49 | =head1 NOTES | ||
| 50 | |||
| 51 | Because a random secret key is generated the random number generator | ||
| 52 | must be seeded before calling EVP_SealInit(). | ||
| 53 | |||
| 54 | The public key must be RSA because it is the only OpenSSL public key | ||
| 55 | algorithm that supports key transport. | ||
| 56 | |||
| 57 | Envelope encryption is the usual method of using public key encryption | ||
| 58 | on large amounts of data, this is because public key encryption is slow | ||
| 59 | but symmetric encryption is fast. So symmetric encryption is used for | ||
| 60 | bulk encryption and the small random symmetric key used is transferred | ||
| 61 | using public key encryption. | ||
| 62 | |||
| 63 | It is possible to call EVP_SealInit() twice in the same way as | ||
| 64 | EVP_EncryptInit(). The first call should have B<npubk> set to 0 | ||
| 65 | and (after setting any cipher parameters) it should be called again | ||
| 66 | with B<type> set to NULL. | ||
| 67 | |||
| 68 | =head1 SEE ALSO | ||
| 69 | |||
| 70 | L<evp(3)|evp(3)>, L<rand(3)|rand(3)>, | ||
| 71 | L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>, | ||
| 72 | L<EVP_OpenInit(3)|EVP_OpenInit(3)> | ||
| 73 | |||
| 74 | =head1 HISTORY | ||
| 75 | |||
| 76 | EVP_SealFinal() did not return a value before OpenSSL 0.9.7. | ||
| 77 | |||
| 78 | =cut | ||