]>
Commit | Line | Data |
---|---|---|
5165148f DSH |
1 | =pod |
2 | ||
3 | =head1 NAME | |
4 | ||
5 | EVP_PKEY_encrypt_init, EVP_PKEY_encrypt - encrypt using a public key algorithm | |
6 | ||
7 | =head1 SYNOPSIS | |
8 | ||
9 | #include <openssl/evp.h> | |
10 | ||
11 | int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx); | |
12 | int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx, | |
e9b77246 BB |
13 | unsigned char *out, size_t *outlen, |
14 | const unsigned char *in, size_t inlen); | |
5165148f DSH |
15 | |
16 | =head1 DESCRIPTION | |
17 | ||
18 | The EVP_PKEY_encrypt_init() function initializes a public key algorithm | |
19 | context using key B<pkey> for an encryption operation. | |
20 | ||
21 | The EVP_PKEY_encrypt() function performs a public key encryption operation | |
22 | using B<ctx>. The data to be encrypted is specified using the B<in> and | |
23 | B<inlen> parameters. If B<out> is B<NULL> then the maximum size of the output | |
24 | buffer is written to the B<outlen> parameter. If B<out> is not B<NULL> then | |
25 | before the call the B<outlen> parameter should contain the length of the | |
26 | B<out> buffer, if the call is successful the encrypted data is written to | |
27 | B<out> and the amount of data written to B<outlen>. | |
28 | ||
29 | =head1 NOTES | |
30 | ||
31 | After the call to EVP_PKEY_encrypt_init() algorithm specific control | |
32 | operations can be performed to set any appropriate parameters for the | |
33 | operation. | |
34 | ||
35 | The function EVP_PKEY_encrypt() can be called more than once on the same | |
36 | context if several operations are performed using the same parameters. | |
37 | ||
38 | =head1 RETURN VALUES | |
39 | ||
40 | EVP_PKEY_encrypt_init() and EVP_PKEY_encrypt() return 1 for success and 0 | |
ba544377 DSH |
41 | or a negative value for failure. In particular a return value of -2 |
42 | indicates the operation is not supported by the public key algorithm. | |
5165148f DSH |
43 | |
44 | =head1 EXAMPLE | |
45 | ||
8162f6f5 | 46 | Encrypt data using OAEP (for RSA keys). See also L<PEM_read_PUBKEY(3)> or |
9b86974e | 47 | L<d2i_X509(3)> for means to load a public key. You may also simply |
34890ac1 | 48 | set 'eng = NULL;' to start with the default OpenSSL RSA implementation: |
5165148f | 49 | |
43636910 DSH |
50 | #include <openssl/evp.h> |
51 | #include <openssl/rsa.h> | |
34890ac1 | 52 | #include <openssl/engine.h> |
43636910 DSH |
53 | |
54 | EVP_PKEY_CTX *ctx; | |
34890ac1 | 55 | ENGINE *eng; |
43636910 | 56 | unsigned char *out, *in; |
1bc74519 | 57 | size_t outlen, inlen; |
43636910 | 58 | EVP_PKEY *key; |
e9b77246 | 59 | |
2947af32 BB |
60 | /* |
61 | * NB: assumes eng, key, in, inlen are already set up, | |
43636910 DSH |
62 | * and that key is an RSA public key |
63 | */ | |
aebb9aac | 64 | ctx = EVP_PKEY_CTX_new(key, eng); |
43636910 | 65 | if (!ctx) |
2947af32 | 66 | /* Error occurred */ |
43636910 | 67 | if (EVP_PKEY_encrypt_init(ctx) <= 0) |
2947af32 | 68 | /* Error */ |
43636910 | 69 | if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_OAEP_PADDING) <= 0) |
2947af32 | 70 | /* Error */ |
43636910 DSH |
71 | |
72 | /* Determine buffer length */ | |
73 | if (EVP_PKEY_encrypt(ctx, NULL, &outlen, in, inlen) <= 0) | |
2947af32 | 74 | /* Error */ |
43636910 DSH |
75 | |
76 | out = OPENSSL_malloc(outlen); | |
77 | ||
78 | if (!out) | |
2947af32 | 79 | /* malloc failure */ |
1bc74519 | 80 | |
43636910 | 81 | if (EVP_PKEY_encrypt(ctx, out, &outlen, in, inlen) <= 0) |
2947af32 | 82 | /* Error */ |
43636910 DSH |
83 | |
84 | /* Encrypted data is outlen bytes written to buffer out */ | |
5165148f DSH |
85 | |
86 | =head1 SEE ALSO | |
87 | ||
9b86974e | 88 | L<d2i_X509(3)>, |
b97fdb57 | 89 | L<ENGINE_by_id(3)>, |
9b86974e RS |
90 | L<EVP_PKEY_CTX_new(3)>, |
91 | L<EVP_PKEY_decrypt(3)>, | |
92 | L<EVP_PKEY_sign(3)>, | |
93 | L<EVP_PKEY_verify(3)>, | |
94 | L<EVP_PKEY_verify_recover(3)>, | |
1bc74519 | 95 | L<EVP_PKEY_derive(3)> |
5165148f DSH |
96 | |
97 | =head1 HISTORY | |
98 | ||
fc5ecadd | 99 | These functions were added in OpenSSL 1.0.0. |
5165148f | 100 | |
e2f92610 RS |
101 | =head1 COPYRIGHT |
102 | ||
103 | Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved. | |
104 | ||
4746f25a | 105 | Licensed under the Apache License 2.0 (the "License"). You may not use |
e2f92610 RS |
106 | this file except in compliance with the License. You can obtain a copy |
107 | in the file LICENSE in the source distribution or at | |
108 | L<https://www.openssl.org/source/license.html>. | |
109 | ||
110 | =cut |