Add examples to EVP_EncryptInit manual page.

[openssl.git] / doc / crypto / EVP_EncryptInit.pod

diff --git a/doc/crypto/EVP_EncryptInit.pod b/doc/crypto/EVP_EncryptInit.pod
index 9e8c16eb41cf6fc054cbf6ed9469f3d9a5728d23..e830a191ccaf04a598975433df814a829490b2e6 100644 (file)
--- a/doc/crypto/EVP_EncryptInit.pod
+++ b/doc/crypto/EVP_EncryptInit.pod
@@ -367,6 +367,95 @@ Set the effective key length used in RC2:
  int key_bits;
  EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_RC2_KEY_BITS, key_bits, NULL);
 
+Encrypt a string using blowfish:
+
+ int do_crypt(char *outfile)
+       {
+       unsigned char outbuf[1024];
+       int outlen, tmplen;
+       /* Bogus key and IV: we'd normally set these from
+        * another source.
+        */
+       unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
+       unsigned char iv[] = {1,2,3,4,5,6,7,8};
+       char intext[] = "Some Crypto Text";
+       EVP_CIPHER_CTX ctx;
+       FILE *out;
+       EVP_EncryptInit(&ctx, EVP_bf_cbc(), key, iv);
+
+       if(!EVP_EncryptUpdate(&ctx, outbuf, &outlen, intext, strlen(intext)))
+               {
+               /* Error */
+               return 0;
+               }
+       /* Buffer passed to EVP_EncryptFinal() must be after data just
+        * encrypted to avoid overwriting it.
+        */
+       if(!EVP_EncryptFinal(&ctx, outbuf + outlen, &tmplen))
+               {
+               /* Error */
+               return 0;
+               }
+       outlen += tmplen;
+       EVP_CIPHER_CTX_cleanup(&ctx);
+       /* Need binary mode for fopen because encrypted data is
+        * binary data. Also cannot use strlen() on it because
+         * it wont be null terminated and may contain embedded
+        * nulls.
+        */
+       out = fopen(outfile, "wb");
+       fwrite(outbuf, 1, outlen, out);
+       fclose(out);
+       return 1;
+       }
+
+The ciphertext from the above example can be decrypted using the B<openssl>
+utility with the command line:
+ 
+ S<openssl bf -in cipher.bin -K 000102030405060708090A0B0C0D0E0F -iv 0102030405060708 -d>
+
+General encryption, decryption function example using FILE I/O and RC2 with an
+80 bit key:
+
+ int do_crypt(FILE *in, FILE *out, int do_encrypt)
+       {
+       /* Allow enough space in output buffer for additional block */
+       inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];
+       int inlen, outlen;
+       /* Bogus key and IV: we'd normally set these from
+        * another source.
+        */
+       unsigned char key[] = "0123456789";
+       unsigned char iv[] = "12345678";
+       /* Don't set key or IV because we will modify the parameters */
+       EVP_CipherInit(&ctx, EVP_rc2(), NULL, NULL, do_encrypt);
+       EVP_CIPHER_CTX_set_key_length(&ctx, 10);
+       /* We finished modifying parameters so now we can set key and IV */
+       EVP_CipherInit(&ctx, NULL, key, iv, do_encrypt);
+
+       for(;;) 
+               {
+               inlen = fread(inbuf, 1, 1024, in);
+               if(inlen <= 0) break;
+               if(!EVP_CipherUpdate(&ctx, outbuf, &outlen, inbuf, inlen))
+                       {
+                       /* Error */
+                       return 0;
+                       }
+               fwrite(outbuf, 1, outlen, out);
+               }
+       if(!EVP_CipherFinal(&ctx, outbuf, &outlen))
+               {
+               /* Error */
+               return 0;
+               }
+       fwrite(outbuf, 1, outlen, out);
+
+       EVP_CIPHER_CTX_cleanup(&ctx);
+       return 1;
+       }
+
+
 =head1 SEE ALSO
 
 L<evp(3)|evp(3)>