]>
Commit | Line | Data |
---|---|---|
5165148f DSH |
1 | =pod |
2 | ||
3 | =head1 NAME | |
4 | ||
8ea34a6e | 5 | EVP_PKEY_encrypt_init_ex, |
5165148f DSH |
6 | EVP_PKEY_encrypt_init, EVP_PKEY_encrypt - encrypt using a public key algorithm |
7 | ||
8 | =head1 SYNOPSIS | |
9 | ||
10 | #include <openssl/evp.h> | |
11 | ||
12 | int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx); | |
8ea34a6e | 13 | int EVP_PKEY_encrypt_init_ex(EVP_PKEY_CTX *ctx, const OSSL_PARAM params[]); |
5165148f | 14 | int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx, |
e9b77246 BB |
15 | unsigned char *out, size_t *outlen, |
16 | const unsigned char *in, size_t inlen); | |
5165148f DSH |
17 | |
18 | =head1 DESCRIPTION | |
19 | ||
20 | The EVP_PKEY_encrypt_init() function initializes a public key algorithm | |
21 | context using key B<pkey> for an encryption operation. | |
22 | ||
8ea34a6e P |
23 | The EVP_PKEY_encrypt_init_ex() function initializes a public key algorithm |
24 | context using key B<pkey> for an encryption operation and sets the | |
25 | algorithm specific B<params>. | |
26 | ||
5165148f DSH |
27 | The EVP_PKEY_encrypt() function performs a public key encryption operation |
28 | using B<ctx>. The data to be encrypted is specified using the B<in> and | |
29 | B<inlen> parameters. If B<out> is B<NULL> then the maximum size of the output | |
30 | buffer is written to the B<outlen> parameter. If B<out> is not B<NULL> then | |
31 | before the call the B<outlen> parameter should contain the length of the | |
32 | B<out> buffer, if the call is successful the encrypted data is written to | |
33 | B<out> and the amount of data written to B<outlen>. | |
34 | ||
35 | =head1 NOTES | |
36 | ||
37 | After the call to EVP_PKEY_encrypt_init() algorithm specific control | |
38 | operations can be performed to set any appropriate parameters for the | |
8ea34a6e P |
39 | operation. These operations can be included in the EVP_PKEY_encrypt_init_ex() |
40 | call. | |
5165148f DSH |
41 | |
42 | The function EVP_PKEY_encrypt() can be called more than once on the same | |
43 | context if several operations are performed using the same parameters. | |
44 | ||
45 | =head1 RETURN VALUES | |
46 | ||
8ea34a6e P |
47 | EVP_PKEY_encrypt_init(), EVP_PKEY_encrypt_init_ex() and EVP_PKEY_encrypt() |
48 | return 1 for success and 0 or a negative value for failure. In particular a | |
49 | return value of -2 indicates the operation is not supported by the public key | |
50 | algorithm. | |
5165148f | 51 | |
cda77422 | 52 | =head1 EXAMPLES |
5165148f | 53 | |
8162f6f5 | 54 | Encrypt data using OAEP (for RSA keys). See also L<PEM_read_PUBKEY(3)> or |
9b86974e | 55 | L<d2i_X509(3)> for means to load a public key. You may also simply |
34890ac1 | 56 | set 'eng = NULL;' to start with the default OpenSSL RSA implementation: |
5165148f | 57 | |
43636910 DSH |
58 | #include <openssl/evp.h> |
59 | #include <openssl/rsa.h> | |
34890ac1 | 60 | #include <openssl/engine.h> |
43636910 DSH |
61 | |
62 | EVP_PKEY_CTX *ctx; | |
34890ac1 | 63 | ENGINE *eng; |
43636910 | 64 | unsigned char *out, *in; |
1bc74519 | 65 | size_t outlen, inlen; |
43636910 | 66 | EVP_PKEY *key; |
e9b77246 | 67 | |
2947af32 BB |
68 | /* |
69 | * NB: assumes eng, key, in, inlen are already set up, | |
43636910 DSH |
70 | * and that key is an RSA public key |
71 | */ | |
aebb9aac | 72 | ctx = EVP_PKEY_CTX_new(key, eng); |
43636910 | 73 | if (!ctx) |
2947af32 | 74 | /* Error occurred */ |
43636910 | 75 | if (EVP_PKEY_encrypt_init(ctx) <= 0) |
2947af32 | 76 | /* Error */ |
43636910 | 77 | if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_OAEP_PADDING) <= 0) |
2947af32 | 78 | /* Error */ |
43636910 DSH |
79 | |
80 | /* Determine buffer length */ | |
81 | if (EVP_PKEY_encrypt(ctx, NULL, &outlen, in, inlen) <= 0) | |
2947af32 | 82 | /* Error */ |
43636910 DSH |
83 | |
84 | out = OPENSSL_malloc(outlen); | |
85 | ||
86 | if (!out) | |
2947af32 | 87 | /* malloc failure */ |
1bc74519 | 88 | |
43636910 | 89 | if (EVP_PKEY_encrypt(ctx, out, &outlen, in, inlen) <= 0) |
2947af32 | 90 | /* Error */ |
43636910 DSH |
91 | |
92 | /* Encrypted data is outlen bytes written to buffer out */ | |
5165148f DSH |
93 | |
94 | =head1 SEE ALSO | |
95 | ||
9b86974e | 96 | L<d2i_X509(3)>, |
b97fdb57 | 97 | L<ENGINE_by_id(3)>, |
9b86974e RS |
98 | L<EVP_PKEY_CTX_new(3)>, |
99 | L<EVP_PKEY_decrypt(3)>, | |
100 | L<EVP_PKEY_sign(3)>, | |
101 | L<EVP_PKEY_verify(3)>, | |
102 | L<EVP_PKEY_verify_recover(3)>, | |
1bc74519 | 103 | L<EVP_PKEY_derive(3)> |
5165148f DSH |
104 | |
105 | =head1 HISTORY | |
106 | ||
fc5ecadd | 107 | These functions were added in OpenSSL 1.0.0. |
5165148f | 108 | |
e2f92610 RS |
109 | =head1 COPYRIGHT |
110 | ||
3c2bdd7d | 111 | Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved. |
e2f92610 | 112 | |
4746f25a | 113 | Licensed under the Apache License 2.0 (the "License"). You may not use |
e2f92610 RS |
114 | this file except in compliance with the License. You can obtain a copy |
115 | in the file LICENSE in the source distribution or at | |
116 | L<https://www.openssl.org/source/license.html>. | |
117 | ||
118 | =cut |