Add some examples.

[openssl.git] / doc / crypto / EVP_PKEY_decrypt.pod

diff --git a/doc/crypto/EVP_PKEY_decrypt.pod b/doc/crypto/EVP_PKEY_decrypt.pod
index 989247bf09f368a16e1757f6c4fd4bba72134b02..640dfe7513d5ece238120f74313bdd6f0a646fee 100644 (file)
--- a/doc/crypto/EVP_PKEY_decrypt.pod
+++ b/doc/crypto/EVP_PKEY_decrypt.pod
@@ -45,7 +45,37 @@ indicates the operation is not supported by the public key algorithm.
 
 Decrypt data using OAEP (for RSA keys):
 
-[to be added]
+ #include <openssl/evp.h>
+ #include <openssl/rsa.h>
+
+ EVP_PKEY_CTX *ctx;
+ unsigned char *out, *in;
+ size_t outlen, inlen; 
+ EVP_PKEY *key;
+ /* NB: assumes key in, inlen are already set up
+  * and that key is an RSA private key
+  */
+ ctx = EVP_PKEY_CTX_new(key);
+ if (!ctx)
+       /* Error occurred */
+ if (EVP_PKEY_decrypt_init(ctx) <= 0)
+       /* Error */
+ if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_OAEP_PADDING) <= 0)
+       /* Error */
+
+ /* Determine buffer length */
+ if (EVP_PKEY_decrypt(ctx, NULL, &outlen, in, inlen) <= 0)
+       /* Error */
+
+ out = OPENSSL_malloc(outlen);
+
+ if (!out)
+       /* malloc failure */
+ 
+ if (EVP_PKEY_decrypt(ctx, out, &outlen, in, inlen) <= 0)
+       /* Error */
+
+ /* Decrypted data is outlen bytes written to buffer out */
 
 =head1 SEE ALSO