[thirdparty/openssl.git] / doc / man3 / EVP_PKEY_encrypt.pod

=pod

=head1 NAME

EVP_PKEY_encrypt_init_ex, 
EVP_PKEY_encrypt_init, EVP_PKEY_encrypt - encrypt using a public key algorithm

=head1 SYNOPSIS

 #include <openssl/evp.h>

 int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx);
 int EVP_PKEY_encrypt_init_ex(EVP_PKEY_CTX *ctx, const OSSL_PARAM params[]);
 int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx,
                      unsigned char *out, size_t *outlen,
                      const unsigned char *in, size_t inlen);

=head1 DESCRIPTION

The EVP_PKEY_encrypt_init() function initializes a public key algorithm
context using key B<pkey> for an encryption operation.

The EVP_PKEY_encrypt_init_ex() function initializes a public key algorithm
context using key B<pkey> for an encryption operation and sets the
algorithm specific B<params>.

The EVP_PKEY_encrypt() function performs a public key encryption operation
using B<ctx>. The data to be encrypted is specified using the B<in> and
B<inlen> parameters. If B<out> is B<NULL> then the maximum size of the output
buffer is written to the B<outlen> parameter. If B<out> is not B<NULL> then
before the call the B<outlen> parameter should contain the length of the
B<out> buffer, if the call is successful the encrypted data is written to
B<out> and the amount of data written to B<outlen>.

=head1 NOTES

After the call to EVP_PKEY_encrypt_init() algorithm specific control
operations can be performed to set any appropriate parameters for the
operation.  These operations can be included in the EVP_PKEY_encrypt_init_ex()
call.

The function EVP_PKEY_encrypt() can be called more than once on the same
context if several operations are performed using the same parameters.

=head1 RETURN VALUES

EVP_PKEY_encrypt_init(), EVP_PKEY_encrypt_init_ex() and EVP_PKEY_encrypt()
return 1 for success and 0 or a negative value for failure. In particular a
return value of -2 indicates the operation is not supported by the public key
algorithm.

=head1 EXAMPLES

Encrypt data using OAEP (for RSA keys). See also L<PEM_read_PUBKEY(3)> or
L<d2i_X509(3)> for means to load a public key. You may also simply
set 'eng = NULL;' to start with the default OpenSSL RSA implementation:

 #include <openssl/evp.h>
 #include <openssl/rsa.h>
 #include <openssl/engine.h>

 EVP_PKEY_CTX *ctx;
 ENGINE *eng;
 unsigned char *out, *in;
 size_t outlen, inlen;
 EVP_PKEY *key;

 /*
  * NB: assumes eng, key, in, inlen are already set up,
  * and that key is an RSA public key
  */
 ctx = EVP_PKEY_CTX_new(key, eng);
 if (!ctx)
     /* Error occurred */
 if (EVP_PKEY_encrypt_init(ctx) <= 0)
     /* Error */
 if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_OAEP_PADDING) <= 0)
     /* Error */

 /* Determine buffer length */
 if (EVP_PKEY_encrypt(ctx, NULL, &outlen, in, inlen) <= 0)
     /* Error */

 out = OPENSSL_malloc(outlen);

 if (!out)
     /* malloc failure */

 if (EVP_PKEY_encrypt(ctx, out, &outlen, in, inlen) <= 0)
     /* Error */

 /* Encrypted data is outlen bytes written to buffer out */

=head1 SEE ALSO

L<d2i_X509(3)>,
L<ENGINE_by_id(3)>,
L<EVP_PKEY_CTX_new(3)>,
L<EVP_PKEY_decrypt(3)>,
L<EVP_PKEY_sign(3)>,
L<EVP_PKEY_verify(3)>,
L<EVP_PKEY_verify_recover(3)>,
L<EVP_PKEY_derive(3)>

=head1 HISTORY

These functions were added in OpenSSL 1.0.0.

=head1 COPYRIGHT

Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License").  You may not use
this file except in compliance with the License.  You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.

=cut
Commit	Line	Data
5165148f DSH	1	=pod
	2
	3	=head1 NAME
	4
8ea34a6e	5	EVP_PKEY_encrypt_init_ex,
5165148f DSH	6	EVP_PKEY_encrypt_init, EVP_PKEY_encrypt - encrypt using a public key algorithm
	7
	8	=head1 SYNOPSIS
	9
	10	#include <openssl/evp.h>
	11
	12	int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx);
8ea34a6e	13	int EVP_PKEY_encrypt_init_ex(EVP_PKEY_CTX *ctx, const OSSL_PARAM params[]);
5165148f	14	int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx,
e9b77246 BB	15	unsigned char out, size_t outlen,
e9b77246 BB	16	const unsigned char *in, size_t inlen);
5165148f DSH	17
	18	=head1 DESCRIPTION
	19
	20	The EVP_PKEY_encrypt_init() function initializes a public key algorithm
	21	context using key B<pkey> for an encryption operation.
	22
8ea34a6e P	23	The EVP_PKEY_encrypt_init_ex() function initializes a public key algorithm
	24	context using key B<pkey> for an encryption operation and sets the
	25	algorithm specific B<params>.
	26
5165148f DSH	27	The EVP_PKEY_encrypt() function performs a public key encryption operation
	28	using B<ctx>. The data to be encrypted is specified using the B<in> and
	29	B<inlen> parameters. If B<out> is B<NULL> then the maximum size of the output
	30	buffer is written to the B<outlen> parameter. If B<out> is not B<NULL> then
	31	before the call the B<outlen> parameter should contain the length of the
	32	B<out> buffer, if the call is successful the encrypted data is written to
	33	B<out> and the amount of data written to B<outlen>.
	34
	35	=head1 NOTES
	36
	37	After the call to EVP_PKEY_encrypt_init() algorithm specific control
	38	operations can be performed to set any appropriate parameters for the
8ea34a6e P	39	operation. These operations can be included in the EVP_PKEY_encrypt_init_ex()
8ea34a6e P	40	call.
5165148f DSH	41
	42	The function EVP_PKEY_encrypt() can be called more than once on the same
	43	context if several operations are performed using the same parameters.
	44
	45	=head1 RETURN VALUES
	46
8ea34a6e P	47	EVP_PKEY_encrypt_init(), EVP_PKEY_encrypt_init_ex() and EVP_PKEY_encrypt()
	48	return 1 for success and 0 or a negative value for failure. In particular a
	49	return value of -2 indicates the operation is not supported by the public key
	50	algorithm.
5165148f	51
cda77422	52	=head1 EXAMPLES
5165148f	53
8162f6f5	54	Encrypt data using OAEP (for RSA keys). See also L<PEM_read_PUBKEY(3)> or
9b86974e	55	L<d2i_X509(3)> for means to load a public key. You may also simply
34890ac1	56	set 'eng = NULL;' to start with the default OpenSSL RSA implementation:
5165148f	57
43636910 DSH	58	#include <openssl/evp.h>
43636910 DSH	59	#include <openssl/rsa.h>
34890ac1	60	#include <openssl/engine.h>
43636910 DSH	61
43636910 DSH	62	EVP_PKEY_CTX *ctx;
34890ac1	63	ENGINE *eng;
43636910	64	unsigned char out, in;
1bc74519	65	size_t outlen, inlen;
43636910	66	EVP_PKEY *key;
e9b77246	67
2947af32 BB	68	/*
2947af32 BB	69	* NB: assumes eng, key, in, inlen are already set up,
43636910 DSH	70	* and that key is an RSA public key
43636910 DSH	71	*/
aebb9aac	72	ctx = EVP_PKEY_CTX_new(key, eng);
43636910	73	if (!ctx)
2947af32	74	/* Error occurred */
43636910	75	if (EVP_PKEY_encrypt_init(ctx) <= 0)
2947af32	76	/* Error */
43636910	77	if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_OAEP_PADDING) <= 0)
2947af32	78	/* Error */
43636910 DSH	79
	80	/* Determine buffer length */
	81	if (EVP_PKEY_encrypt(ctx, NULL, &outlen, in, inlen) <= 0)
2947af32	82	/* Error */
43636910 DSH	83
	84	out = OPENSSL_malloc(outlen);
	85
	86	if (!out)
2947af32	87	/* malloc failure */
1bc74519	88
43636910	89	if (EVP_PKEY_encrypt(ctx, out, &outlen, in, inlen) <= 0)
2947af32	90	/* Error */
43636910 DSH	91
43636910 DSH	92	/* Encrypted data is outlen bytes written to buffer out */
5165148f DSH	93
	94	=head1 SEE ALSO
	95
9b86974e	96	L<d2i_X509(3)>,
b97fdb57	97	L<ENGINE_by_id(3)>,
9b86974e RS	98	L<EVP_PKEY_CTX_new(3)>,
	99	L<EVP_PKEY_decrypt(3)>,
	100	L<EVP_PKEY_sign(3)>,
	101	L<EVP_PKEY_verify(3)>,
	102	L<EVP_PKEY_verify_recover(3)>,
1bc74519	103	L<EVP_PKEY_derive(3)>
5165148f DSH	104
	105	=head1 HISTORY
	106
fc5ecadd	107	These functions were added in OpenSSL 1.0.0.
5165148f	108
e2f92610 RS	109	=head1 COPYRIGHT
e2f92610 RS	110
3c2bdd7d	111	Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved.
e2f92610	112
4746f25a	113	Licensed under the Apache License 2.0 (the "License"). You may not use
e2f92610 RS	114	this file except in compliance with the License. You can obtain a copy
	115	in the file LICENSE in the source distribution or at
	116	L<https://www.openssl.org/source/license.html>.
	117
	118	=cut