[thirdparty/openssl.git] / doc / man3 / EVP_OpenInit.pod

=pod

=head1 NAME

EVP_OpenInit, EVP_OpenUpdate, EVP_OpenFinal - EVP envelope decryption

=head1 SYNOPSIS

 #include <openssl/evp.h>

 int EVP_OpenInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char *ek,
                  int ekl, unsigned char *iv, EVP_PKEY *priv);
 int EVP_OpenUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
                    int *outl, unsigned char *in, int inl);
 int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);

=head1 DESCRIPTION

The EVP envelope routines are a high level interface to envelope
decryption. They decrypt a public key encrypted symmetric key and
then decrypt data using it.

EVP_OpenInit() initializes a cipher context B<ctx> for decryption
with cipher B<type>. It decrypts the encrypted symmetric key of length
B<ekl> bytes passed in the B<ek> parameter using the private key B<priv>.
The IV is supplied in the B<iv> parameter.

EVP_OpenUpdate() and EVP_OpenFinal() have exactly the same properties
as the EVP_DecryptUpdate() and EVP_DecryptFinal() routines, as
documented on the L<EVP_EncryptInit(3)> manual
page.

=head1 NOTES

It is possible to call EVP_OpenInit() twice in the same way as
EVP_DecryptInit(). The first call should have B<priv> set to NULL
and (after setting any cipher parameters) it should be called again
with B<type> set to NULL.

If the cipher passed in the B<type> parameter is a variable length
cipher then the key length will be set to the value of the recovered
key length. If the cipher is a fixed length cipher then the recovered
key length must match the fixed cipher length.

=head1 RETURN VALUES

EVP_OpenInit() returns 0 on error or a non zero integer (actually the
recovered secret key size) if successful.

EVP_OpenUpdate() returns 1 for success or 0 for failure.

EVP_OpenFinal() returns 0 if the decrypt failed or 1 for success.

=head1 SEE ALSO

L<evp(7)>, L<RAND_bytes(3)>,
L<EVP_EncryptInit(3)>,
L<EVP_SealInit(3)>

=head1 COPYRIGHT

Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License").  You may not use
this file except in compliance with the License.  You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.

=cut
Commit	Line	Data
9886f420 DSH	1	=pod
	2
	3	=head1 NAME
	4
	5	EVP_OpenInit, EVP_OpenUpdate, EVP_OpenFinal - EVP envelope decryption
	6
	7	=head1 SYNOPSIS
	8
	9	#include <openssl/evp.h>
	10
aebb9aac	11	int EVP_OpenInit(EVP_CIPHER_CTX ctx, EVP_CIPHER type, unsigned char *ek,
e9b77246	12	int ekl, unsigned char iv, EVP_PKEY priv);
e366f2b8	13	int EVP_OpenUpdate(EVP_CIPHER_CTX ctx, unsigned char out,
e9b77246 BB	14	int outl, unsigned char in, int inl);
e9b77246 BB	15	int EVP_OpenFinal(EVP_CIPHER_CTX ctx, unsigned char out, int *outl);
9886f420 DSH	16
	17	=head1 DESCRIPTION
	18
	19	The EVP envelope routines are a high level interface to envelope
	20	decryption. They decrypt a public key encrypted symmetric key and
	21	then decrypt data using it.
	22
c8973693	23	EVP_OpenInit() initializes a cipher context B<ctx> for decryption
9886f420 DSH	24	with cipher B<type>. It decrypts the encrypted symmetric key of length
	25	B<ekl> bytes passed in the B<ek> parameter using the private key B<priv>.
	26	The IV is supplied in the B<iv> parameter.
	27
	28	EVP_OpenUpdate() and EVP_OpenFinal() have exactly the same properties
1bc74519	29	as the EVP_DecryptUpdate() and EVP_DecryptFinal() routines, as
9b86974e	30	documented on the L<EVP_EncryptInit(3)> manual
a91dedca DSH	31	page.
	32
	33	=head1 NOTES
	34
	35	It is possible to call EVP_OpenInit() twice in the same way as
	36	EVP_DecryptInit(). The first call should have B<priv> set to NULL
c8973693	37	and (after setting any cipher parameters) it should be called again
a91dedca DSH	38	with B<type> set to NULL.
	39
	40	If the cipher passed in the B<type> parameter is a variable length
	41	cipher then the key length will be set to the value of the recovered
	42	key length. If the cipher is a fixed length cipher then the recovered
	43	key length must match the fixed cipher length.
9886f420 DSH	44
	45	=head1 RETURN VALUES
	46
e366f2b8	47	EVP_OpenInit() returns 0 on error or a non zero integer (actually the
9886f420 DSH	48	recovered secret key size) if successful.
9886f420 DSH	49
e366f2b8	50	EVP_OpenUpdate() returns 1 for success or 0 for failure.
9886f420	51
a91dedca	52	EVP_OpenFinal() returns 0 if the decrypt failed or 1 for success.
9886f420 DSH	53
	54	=head1 SEE ALSO
	55
b97fdb57	56	L<evp(7)>, L<RAND_bytes(3)>,
9b86974e RS	57	L<EVP_EncryptInit(3)>,
9b86974e RS	58	L<EVP_SealInit(3)>
9886f420	59
e2f92610 RS	60	=head1 COPYRIGHT
	61
	62	Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
	63
4746f25a	64	Licensed under the Apache License 2.0 (the "License"). You may not use
e2f92610 RS	65	this file except in compliance with the License. You can obtain a copy
	66	in the file LICENSE in the source distribution or at
	67	L<https://www.openssl.org/source/license.html>.
	68
	69	=cut