]>
Commit | Line | Data |
---|---|---|
5165148f DSH |
1 | =pod |
2 | ||
3 | =head1 NAME | |
4 | ||
5 | EVP_PKEY_decrypt_init, EVP_PKEY_decrypt - decrypt using a public key algorithm | |
6 | ||
7 | =head1 SYNOPSIS | |
8 | ||
9 | #include <openssl/evp.h> | |
10 | ||
11 | int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *ctx); | |
12 | int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx, | |
e9b77246 BB |
13 | unsigned char *out, size_t *outlen, |
14 | const unsigned char *in, size_t inlen); | |
5165148f DSH |
15 | |
16 | =head1 DESCRIPTION | |
17 | ||
18 | The EVP_PKEY_decrypt_init() function initializes a public key algorithm | |
19 | context using key B<pkey> for a decryption operation. | |
20 | ||
21 | The EVP_PKEY_decrypt() function performs a public key decryption operation | |
22 | using B<ctx>. The data to be decrypted is specified using the B<in> and | |
23 | B<inlen> parameters. If B<out> is B<NULL> then the maximum size of the output | |
24 | buffer is written to the B<outlen> parameter. If B<out> is not B<NULL> then | |
25 | before the call the B<outlen> parameter should contain the length of the | |
26 | B<out> buffer, if the call is successful the decrypted data is written to | |
27 | B<out> and the amount of data written to B<outlen>. | |
28 | ||
29 | =head1 NOTES | |
30 | ||
31 | After the call to EVP_PKEY_decrypt_init() algorithm specific control | |
32 | operations can be performed to set any appropriate parameters for the | |
33 | operation. | |
34 | ||
35 | The function EVP_PKEY_decrypt() can be called more than once on the same | |
36 | context if several operations are performed using the same parameters. | |
37 | ||
38 | =head1 RETURN VALUES | |
39 | ||
40 | EVP_PKEY_decrypt_init() and EVP_PKEY_decrypt() return 1 for success and 0 | |
ba544377 DSH |
41 | or a negative value for failure. In particular a return value of -2 |
42 | indicates the operation is not supported by the public key algorithm. | |
5165148f DSH |
43 | |
44 | =head1 EXAMPLE | |
45 | ||
46 | Decrypt data using OAEP (for RSA keys): | |
47 | ||
43636910 DSH |
48 | #include <openssl/evp.h> |
49 | #include <openssl/rsa.h> | |
50 | ||
51 | EVP_PKEY_CTX *ctx; | |
9db6673e | 52 | ENGINE *eng; |
43636910 | 53 | unsigned char *out, *in; |
1bc74519 | 54 | size_t outlen, inlen; |
43636910 | 55 | EVP_PKEY *key; |
e9b77246 | 56 | |
2947af32 | 57 | /* |
9db6673e | 58 | * NB: assumes key, eng, in, inlen are already set up |
43636910 DSH |
59 | * and that key is an RSA private key |
60 | */ | |
9db6673e | 61 | ctx = EVP_PKEY_CTX_new(key, eng); |
43636910 | 62 | if (!ctx) |
2947af32 | 63 | /* Error occurred */ |
43636910 | 64 | if (EVP_PKEY_decrypt_init(ctx) <= 0) |
2947af32 | 65 | /* Error */ |
43636910 | 66 | if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_OAEP_PADDING) <= 0) |
2947af32 | 67 | /* Error */ |
43636910 DSH |
68 | |
69 | /* Determine buffer length */ | |
70 | if (EVP_PKEY_decrypt(ctx, NULL, &outlen, in, inlen) <= 0) | |
2947af32 | 71 | /* Error */ |
43636910 DSH |
72 | |
73 | out = OPENSSL_malloc(outlen); | |
74 | ||
75 | if (!out) | |
2947af32 | 76 | /* malloc failure */ |
1bc74519 | 77 | |
43636910 | 78 | if (EVP_PKEY_decrypt(ctx, out, &outlen, in, inlen) <= 0) |
2947af32 | 79 | /* Error */ |
43636910 DSH |
80 | |
81 | /* Decrypted data is outlen bytes written to buffer out */ | |
5165148f DSH |
82 | |
83 | =head1 SEE ALSO | |
84 | ||
9b86974e RS |
85 | L<EVP_PKEY_CTX_new(3)>, |
86 | L<EVP_PKEY_encrypt(3)>, | |
87 | L<EVP_PKEY_sign(3)>, | |
88 | L<EVP_PKEY_verify(3)>, | |
89 | L<EVP_PKEY_verify_recover(3)>, | |
1bc74519 | 90 | L<EVP_PKEY_derive(3)> |
5165148f DSH |
91 | |
92 | =head1 HISTORY | |
93 | ||
fb552ac6 | 94 | These functions were first added to OpenSSL 1.0.0. |
5165148f | 95 | |
e2f92610 RS |
96 | =head1 COPYRIGHT |
97 | ||
48e5119a | 98 | Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved. |
e2f92610 | 99 | |
4746f25a | 100 | Licensed under the Apache License 2.0 (the "License"). You may not use |
e2f92610 RS |
101 | this file except in compliance with the License. You can obtain a copy |
102 | in the file LICENSE in the source distribution or at | |
103 | L<https://www.openssl.org/source/license.html>. | |
104 | ||
105 | =cut |