1 files changed, 98 insertions, 0 deletions
diff --git a/src/lib/libcrypto/man/EVP_OpenInit.3 b/src/lib/libcrypto/man/EVP_OpenInit.3
new file mode 100644
index 0000000000..92873ac453
--- /dev/null
+++ b/src/lib/libcrypto/man/EVP_OpenInit.3
@@ -0,0 +1,98 @@
+.Dd $Mdocdate: November 3 2016 $
+.Dt EVP_OPENINIT 3
+.Os
+.Sh NAME
+.Nm EVP_OpenInit ,
+.Nm EVP_OpenUpdate ,
+.Nm EVP_OpenFinal
+.Nd EVP envelope decryption
+.Sh SYNOPSIS
+.In openssl/evp.h
+.Ft int
+.Fo EVP_OpenInit
+.Fa "EVP_CIPHER_CTX *ctx"
+.Fa "EVP_CIPHER *type"
+.Fa "unsigned char *ek"
+.Fa "int ekl"
+.Fa "unsigned char *iv"
+.Fa "EVP_PKEY *priv"
+.Fc
+.Ft int
+.Fo EVP_OpenUpdate
+.Fa "EVP_CIPHER_CTX *ctx"
+.Fa "unsigned char *out"
+.Fa "int *outl"
+.Fa "unsigned char *in"
+.Fa "int inl"
+.Fc
+.Ft int
+.Fo EVP_OpenFinal
+.Fa "EVP_CIPHER_CTX *ctx"
+.Fa "unsigned char *out"
+.Fa "int *outl"
+.Fc
+.Sh DESCRIPTION
+The EVP envelope routines are a high level interface to envelope
+decryption.
+They decrypt a public key encrypted symmetric key and then decrypt data
+using it.
+.Pp
+.Fn EVP_OpenInit
+initializes a cipher context
+.Fa ctx
+for decryption with cipher
+.Fa type .
+It decrypts the encrypted symmetric key of length
+.Fa ekl
+bytes passed in the
+.Fa ek
+parameter using the private key
+.Fa priv .
+The IV is supplied in the
+.Fa iv
+parameter.
+.Pp
+.Fn EVP_OpenUpdate
+and
+.Fn EVP_OpenFinal
+have exactly the same properties as the
+.Xr EVP_DecryptUpdate 3
+and
+.Xr EVP_DecryptFinal 3
+routines.
+.Pp
+It is possible to call
+.Fn EVP_OpenInit
+twice in the same way as
+.Xr EVP_DecryptInit 3 .
+The first call should have
+.Fa priv
+set to
+.Dv NULL
+and (after setting any cipher parameters) it should be
+called again with
+.Fa type
+set to
+.Dv NULL .
+.Pp
+If the cipher passed in the
+.Fa type
+parameter is a variable length cipher then the key length will be set to
+the value of the recovered key length.
+If the cipher is a fixed length cipher then the recovered key length
+must match the fixed cipher length.
+.Sh RETURN VALUES
+.Fn EVP_OpenInit
+returns 0 on error or a non zero integer (actually the recovered secret
+key size) if successful.
+.Pp
+.Fn EVP_OpenUpdate
+returns 1 for success or 0 for failure.
+.Pp
+.Fn EVP_OpenFinal
+returns 0 if the decrypt failed or 1 for success.
+.Sh SEE ALSO
+.Xr evp 3 ,
+.Xr EVP_EncryptInit 3 ,
+.Xr EVP_SealInit 3 ,
+.Xr rand 3

diff --git a/src/lib/libcrypto/man/EVP_OpenInit.3 b/src/lib/libcrypto/man/EVP_OpenInit.3 new file mode 100644 index 0000000000..92873ac453 --- /dev/null +++ b/src/lib/libcrypto/man/EVP_OpenInit.3
@@ -0,0 +1,98 @@
	1	.Dd $Mdocdate: November 3 2016 $
	2	.Dt EVP_OPENINIT 3
	3	.Os
	4	.Sh NAME
	5	.Nm EVP_OpenInit ,
	6	.Nm EVP_OpenUpdate ,
	7	.Nm EVP_OpenFinal
	8	.Nd EVP envelope decryption
	9	.Sh SYNOPSIS
	10	.In openssl/evp.h
	11	.Ft int
	12	.Fo EVP_OpenInit
	13	.Fa "EVP_CIPHER_CTX *ctx"
	14	.Fa "EVP_CIPHER *type"
	15	.Fa "unsigned char *ek"
	16	.Fa "int ekl"
	17	.Fa "unsigned char *iv"
	18	.Fa "EVP_PKEY *priv"
	19	.Fc
	20	.Ft int
	21	.Fo EVP_OpenUpdate
	22	.Fa "EVP_CIPHER_CTX *ctx"
	23	.Fa "unsigned char *out"
	24	.Fa "int *outl"
	25	.Fa "unsigned char *in"
	26	.Fa "int inl"
	27	.Fc
	28	.Ft int
	29	.Fo EVP_OpenFinal
	30	.Fa "EVP_CIPHER_CTX *ctx"
	31	.Fa "unsigned char *out"
	32	.Fa "int *outl"
	33	.Fc
	34	.Sh DESCRIPTION
	35	The EVP envelope routines are a high level interface to envelope
	36	decryption.
	37	They decrypt a public key encrypted symmetric key and then decrypt data
	38	using it.
	39	.Pp
	40	.Fn EVP_OpenInit
	41	initializes a cipher context
	42	.Fa ctx
	43	for decryption with cipher
	44	.Fa type .
	45	It decrypts the encrypted symmetric key of length
	46	.Fa ekl
	47	bytes passed in the
	48	.Fa ek
	49	parameter using the private key
	50	.Fa priv .
	51	The IV is supplied in the
	52	.Fa iv
	53	parameter.
	54	.Pp
	55	.Fn EVP_OpenUpdate
	56	and
	57	.Fn EVP_OpenFinal
	58	have exactly the same properties as the
	59	.Xr EVP_DecryptUpdate 3
	60	and
	61	.Xr EVP_DecryptFinal 3
	62	routines.
	63	.Pp
	64	It is possible to call
	65	.Fn EVP_OpenInit
	66	twice in the same way as
	67	.Xr EVP_DecryptInit 3 .
	68	The first call should have
	69	.Fa priv
	70	set to
	71	.Dv NULL
	72	and (after setting any cipher parameters) it should be
	73	called again with
	74	.Fa type
	75	set to
	76	.Dv NULL .
	77	.Pp
	78	If the cipher passed in the
	79	.Fa type
	80	parameter is a variable length cipher then the key length will be set to
	81	the value of the recovered key length.
	82	If the cipher is a fixed length cipher then the recovered key length
	83	must match the fixed cipher length.
	84	.Sh RETURN VALUES
	85	.Fn EVP_OpenInit
	86	returns 0 on error or a non zero integer (actually the recovered secret
	87	key size) if successful.
	88	.Pp
	89	.Fn EVP_OpenUpdate
	90	returns 1 for success or 0 for failure.
	91	.Pp
	92	.Fn EVP_OpenFinal
	93	returns 0 if the decrypt failed or 1 for success.
	94	.Sh SEE ALSO
	95	.Xr evp 3 ,
	96	.Xr EVP_EncryptInit 3 ,
	97	.Xr EVP_SealInit 3 ,
	98	.Xr rand 3