[thirdparty/openssl.git] / doc / man3 / EVP_PKEY_encrypt.pod

=pod

=head1 NAME

EVP_PKEY_encrypt_init, EVP_PKEY_encrypt - encrypt using a public key algorithm

=head1 SYNOPSIS

 #include <openssl/evp.h>

 int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx);
 int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx,
                      unsigned char *out, size_t *outlen,
                      const unsigned char *in, size_t inlen);

=head1 DESCRIPTION

The EVP_PKEY_encrypt_init() function initializes a public key algorithm
context using key B<pkey> for an encryption operation.

The EVP_PKEY_encrypt() function performs a public key encryption operation
using B<ctx>. The data to be encrypted is specified using the B<in> and
B<inlen> parameters. If B<out> is B<NULL> then the maximum size of the output
buffer is written to the B<outlen> parameter. If B<out> is not B<NULL> then
before the call the B<outlen> parameter should contain the length of the
B<out> buffer, if the call is successful the encrypted data is written to
B<out> and the amount of data written to B<outlen>.

=head1 NOTES

After the call to EVP_PKEY_encrypt_init() algorithm specific control
operations can be performed to set any appropriate parameters for the
operation.

The function EVP_PKEY_encrypt() can be called more than once on the same
context if several operations are performed using the same parameters.

=head1 RETURN VALUES

EVP_PKEY_encrypt_init() and EVP_PKEY_encrypt() return 1 for success and 0
or a negative value for failure. In particular a return value of -2
indicates the operation is not supported by the public key algorithm.

=head1 EXAMPLES

Encrypt data using OAEP (for RSA keys). See also L<PEM_read_PUBKEY(3)> or
L<d2i_X509(3)> for means to load a public key. You may also simply
set 'eng = NULL;' to start with the default OpenSSL RSA implementation:

 #include <openssl/evp.h>
 #include <openssl/rsa.h>
 #include <openssl/engine.h>

 EVP_PKEY_CTX *ctx;
 ENGINE *eng;
 unsigned char *out, *in;
 size_t outlen, inlen;
 EVP_PKEY *key;

 /*
  * NB: assumes eng, key, in, inlen are already set up,
  * and that key is an RSA public key
  */
 ctx = EVP_PKEY_CTX_new(key, eng);
 if (!ctx)
     /* Error occurred */
 if (EVP_PKEY_encrypt_init(ctx) <= 0)
     /* Error */
 if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_OAEP_PADDING) <= 0)
     /* Error */

 /* Determine buffer length */
 if (EVP_PKEY_encrypt(ctx, NULL, &outlen, in, inlen) <= 0)
     /* Error */

 out = OPENSSL_malloc(outlen);

 if (!out)
     /* malloc failure */

 if (EVP_PKEY_encrypt(ctx, out, &outlen, in, inlen) <= 0)
     /* Error */

 /* Encrypted data is outlen bytes written to buffer out */

=head1 SEE ALSO

L<d2i_X509(3)>,
L<ENGINE_by_id(3)>,
L<EVP_PKEY_CTX_new(3)>,
L<EVP_PKEY_decrypt(3)>,
L<EVP_PKEY_sign(3)>,
L<EVP_PKEY_verify(3)>,
L<EVP_PKEY_verify_recover(3)>,
L<EVP_PKEY_derive(3)>

=head1 HISTORY

These functions were added in OpenSSL 1.0.0.

=head1 COPYRIGHT

Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License").  You may not use
this file except in compliance with the License.  You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.

=cut
Commit	Line	Data
5165148f DSH	1	=pod
	2
	3	=head1 NAME
	4
	5	EVP_PKEY_encrypt_init, EVP_PKEY_encrypt - encrypt using a public key algorithm
	6
	7	=head1 SYNOPSIS
	8
	9	#include <openssl/evp.h>
	10
	11	int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx);
	12	int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx,
e9b77246 BB	13	unsigned char out, size_t outlen,
e9b77246 BB	14	const unsigned char *in, size_t inlen);
5165148f DSH	15
	16	=head1 DESCRIPTION
	17
	18	The EVP_PKEY_encrypt_init() function initializes a public key algorithm
	19	context using key B<pkey> for an encryption operation.
	20
	21	The EVP_PKEY_encrypt() function performs a public key encryption operation
	22	using B<ctx>. The data to be encrypted is specified using the B<in> and
	23	B<inlen> parameters. If B<out> is B<NULL> then the maximum size of the output
	24	buffer is written to the B<outlen> parameter. If B<out> is not B<NULL> then
	25	before the call the B<outlen> parameter should contain the length of the
	26	B<out> buffer, if the call is successful the encrypted data is written to
	27	B<out> and the amount of data written to B<outlen>.
	28
	29	=head1 NOTES
	30
	31	After the call to EVP_PKEY_encrypt_init() algorithm specific control
	32	operations can be performed to set any appropriate parameters for the
	33	operation.
	34
	35	The function EVP_PKEY_encrypt() can be called more than once on the same
	36	context if several operations are performed using the same parameters.
	37
	38	=head1 RETURN VALUES
	39
	40	EVP_PKEY_encrypt_init() and EVP_PKEY_encrypt() return 1 for success and 0
ba544377 DSH	41	or a negative value for failure. In particular a return value of -2
ba544377 DSH	42	indicates the operation is not supported by the public key algorithm.
5165148f	43
cda77422	44	=head1 EXAMPLES
5165148f	45
8162f6f5	46	Encrypt data using OAEP (for RSA keys). See also L<PEM_read_PUBKEY(3)> or
9b86974e	47	L<d2i_X509(3)> for means to load a public key. You may also simply
34890ac1	48	set 'eng = NULL;' to start with the default OpenSSL RSA implementation:
5165148f	49
43636910 DSH	50	#include <openssl/evp.h>
43636910 DSH	51	#include <openssl/rsa.h>
34890ac1	52	#include <openssl/engine.h>
43636910 DSH	53
43636910 DSH	54	EVP_PKEY_CTX *ctx;
34890ac1	55	ENGINE *eng;
43636910	56	unsigned char out, in;
1bc74519	57	size_t outlen, inlen;
43636910	58	EVP_PKEY *key;
e9b77246	59
2947af32 BB	60	/*
2947af32 BB	61	* NB: assumes eng, key, in, inlen are already set up,
43636910 DSH	62	* and that key is an RSA public key
43636910 DSH	63	*/
aebb9aac	64	ctx = EVP_PKEY_CTX_new(key, eng);
43636910	65	if (!ctx)
2947af32	66	/* Error occurred */
43636910	67	if (EVP_PKEY_encrypt_init(ctx) <= 0)
2947af32	68	/* Error */
43636910	69	if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_OAEP_PADDING) <= 0)
2947af32	70	/* Error */
43636910 DSH	71
	72	/* Determine buffer length */
	73	if (EVP_PKEY_encrypt(ctx, NULL, &outlen, in, inlen) <= 0)
2947af32	74	/* Error */
43636910 DSH	75
	76	out = OPENSSL_malloc(outlen);
	77
	78	if (!out)
2947af32	79	/* malloc failure */
1bc74519	80
43636910	81	if (EVP_PKEY_encrypt(ctx, out, &outlen, in, inlen) <= 0)
2947af32	82	/* Error */
43636910 DSH	83
43636910 DSH	84	/* Encrypted data is outlen bytes written to buffer out */
5165148f DSH	85
	86	=head1 SEE ALSO
	87
9b86974e	88	L<d2i_X509(3)>,
b97fdb57	89	L<ENGINE_by_id(3)>,
9b86974e RS	90	L<EVP_PKEY_CTX_new(3)>,
	91	L<EVP_PKEY_decrypt(3)>,
	92	L<EVP_PKEY_sign(3)>,
	93	L<EVP_PKEY_verify(3)>,
	94	L<EVP_PKEY_verify_recover(3)>,
1bc74519	95	L<EVP_PKEY_derive(3)>
5165148f DSH	96
	97	=head1 HISTORY
	98
fc5ecadd	99	These functions were added in OpenSSL 1.0.0.
5165148f	100
e2f92610 RS	101	=head1 COPYRIGHT
	102
	103	Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
	104
4746f25a	105	Licensed under the Apache License 2.0 (the "License"). You may not use
e2f92610 RS	106	this file except in compliance with the License. You can obtain a copy
	107	in the file LICENSE in the source distribution or at
	108	L<https://www.openssl.org/source/license.html>.
	109
	110	=cut