From eb8dd9dca1228af0cd132f515509051ecfabf6f6 Mon Sep 17 00:00:00 2001 From: cvs2svn Date: Mon, 14 Apr 2025 17:32:06 +0000 Subject: This commit was manufactured by cvs2git to create tag 'tb_20250414'. --- src/lib/libcrypto/man/EVP_SealInit.3 | 191 ----------------------------------- 1 file changed, 191 deletions(-) delete mode 100644 src/lib/libcrypto/man/EVP_SealInit.3 (limited to 'src/lib/libcrypto/man/EVP_SealInit.3') diff --git a/src/lib/libcrypto/man/EVP_SealInit.3 b/src/lib/libcrypto/man/EVP_SealInit.3 deleted file mode 100644 index da53535274..0000000000 --- a/src/lib/libcrypto/man/EVP_SealInit.3 +++ /dev/null @@ -1,191 +0,0 @@ -.\" $OpenBSD: EVP_SealInit.3,v 1.9 2023/11/16 20:27:43 schwarze Exp $ -.\" OpenSSL b97fdb57 Nov 11 09:33:09 2016 +0100 -.\" -.\" This file was written by Dr. Stephen Henson . -.\" Copyright (c) 2000, 2002, 2003, 2005, 2015 The OpenSSL Project. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in -.\" the documentation and/or other materials provided with the -.\" distribution. -.\" -.\" 3. All advertising materials mentioning features or use of this -.\" software must display the following acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" -.\" -.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to -.\" endorse or promote products derived from this software without -.\" prior written permission. For written permission, please contact -.\" openssl-core@openssl.org. -.\" -.\" 5. Products derived from this software may not be called "OpenSSL" -.\" nor may "OpenSSL" appear in their names without prior written -.\" permission of the OpenSSL Project. -.\" -.\" 6. Redistributions of any form whatsoever must retain the following -.\" acknowledgment: -.\" "This product includes software developed by the OpenSSL Project -.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY -.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR -.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, -.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED -.\" OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd $Mdocdate: November 16 2023 $ -.Dt EVP_SEALINIT 3 -.Os -.Sh NAME -.Nm EVP_SealInit , -.Nm EVP_SealUpdate , -.Nm EVP_SealFinal -.Nd EVP envelope encryption -.Sh SYNOPSIS -.In openssl/evp.h -.Ft int -.Fo EVP_SealInit -.Fa "EVP_CIPHER_CTX *ctx" -.Fa "const EVP_CIPHER *type" -.Fa "unsigned char **ek" -.Fa "int *ekl" -.Fa "unsigned char *iv" -.Fa "EVP_PKEY **pubk" -.Fa "int npubk" -.Fc -.Ft int -.Fo EVP_SealUpdate -.Fa "EVP_CIPHER_CTX *ctx" -.Fa "unsigned char *out" -.Fa "int *outl" -.Fa "unsigned char *in" -.Fa "int inl" -.Fc -.Ft int -.Fo EVP_SealFinal -.Fa "EVP_CIPHER_CTX *ctx" -.Fa "unsigned char *out" -.Fa "int *outl" -.Fc -.Sh DESCRIPTION -The EVP envelope routines are a high level interface to envelope -encryption. -They generate a random key and IV (if required) then "envelope" it by -using public key encryption. -Data can then be encrypted using this key. -.Pp -.Fn EVP_SealInit -initializes a cipher context -.Fa ctx -for encryption with cipher -.Fa type -using a random secret key and IV. -.Fa type -is normally supplied by a function such as -.Xr EVP_aes_256_cbc 3 ; -see -.Xr EVP_EncryptInit 3 -for details. -The secret key is encrypted using one or more public keys. -This allows the same encrypted data to be decrypted using any of -the corresponding private keys. -.Fa ek -is an array of buffers where the public key encrypted secret key will be -written. -Each buffer must contain enough room for the corresponding encrypted -key: that is -.Fa ek[i] -must have room for -.Fn EVP_PKEY_size pubk[i] -bytes. -The actual size of each encrypted secret key is written to the array -.Fa ekl . -.Fa pubk -is an array of -.Fa npubk -public keys. -.Pp -The -.Fa iv -parameter is a buffer where the generated IV is written to. -It must contain enough room for the corresponding cipher's IV, as -determined by (for example) -.Fn EVP_CIPHER_iv_length type . -.Pp -If the cipher does not require an IV then the -.Fa iv -parameter is ignored and can be -.Dv NULL . -.Pp -.Fn EVP_SealUpdate -and -.Fn EVP_SealFinal -have exactly the same properties as the -.Xr EVP_EncryptUpdate 3 -and -.Xr EVP_EncryptFinal 3 -routines. -.Pp -The public key must be RSA because it is the only OpenSSL public key -algorithm that supports key transport. -.Pp -Envelope encryption is the usual method of using public key encryption -on large amounts of data. -This is because public key encryption is slow but symmetric encryption -is fast. -So symmetric encryption is used for bulk encryption and the small random -symmetric key used is transferred using public key encryption. -.Pp -It is possible to call -.Fn EVP_SealInit -twice in the same way as -.Xr EVP_EncryptInit 3 . -The first call should have -.Fa npubk -set to 0 and (after setting any cipher parameters) it should be called -again with -.Fa type -set to NULL. -.Pp -.Fn EVP_SealUpdate -is implemented as a macro. -.Sh RETURN VALUES -.Fn EVP_SealInit -returns 0 on error or -.Fa npubk -if successful. -.Pp -.Fn EVP_SealUpdate -and -.Fn EVP_SealFinal -return 1 for success and 0 for failure. -.Sh SEE ALSO -.Xr evp 3 , -.Xr EVP_EncryptInit 3 , -.Xr EVP_OpenInit 3 -.Sh HISTORY -.Fn EVP_SealInit , -.Fn EVP_SealUpdate , -and -.Fn EVP_SealFinal -first appeared in SSLeay 0.5.1 and have been available since -.Ox 2.4 . -.Pp -.Fn EVP_SealFinal -did not return a value before OpenSSL 0.9.7. -- cgit v1.2.3-55-g6feb