X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=doc%2Fcrypto%2FEVP_PKEY_decrypt.pod;h=640dfe7513d5ece238120f74313bdd6f0a646fee;hp=989247bf09f368a16e1757f6c4fd4bba72134b02;hb=436369100d360d9119f2f77ed935d0c1f8f49d09;hpb=6535bd42e670dfcedddef556e0614736bae18772

diff --git a/doc/crypto/EVP_PKEY_decrypt.pod b/doc/crypto/EVP_PKEY_decrypt.pod
index 989247bf09..640dfe7513 100644
--- a/doc/crypto/EVP_PKEY_decrypt.pod
+++ b/doc/crypto/EVP_PKEY_decrypt.pod
@@ -45,7 +45,37 @@ indicates the operation is not supported by the public key algorithm.
 
 Decrypt data using OAEP (for RSA keys):
 
-[to be added]
+ #include <openssl/evp.h>
+ #include <openssl/rsa.h>
+
+ EVP_PKEY_CTX *ctx;
+ unsigned char *out, *in;
+ size_t outlen, inlen; 
+ EVP_PKEY *key;
+ /* NB: assumes key in, inlen are already set up
+  * and that key is an RSA private key
+  */
+ ctx = EVP_PKEY_CTX_new(key);
+ if (!ctx)
+	/* Error occurred */
+ if (EVP_PKEY_decrypt_init(ctx) <= 0)
+	/* Error */
+ if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_OAEP_PADDING) <= 0)
+	/* Error */
+
+ /* Determine buffer length */
+ if (EVP_PKEY_decrypt(ctx, NULL, &outlen, in, inlen) <= 0)
+	/* Error */
+
+ out = OPENSSL_malloc(outlen);
+
+ if (!out)
+	/* malloc failure */
+ 
+ if (EVP_PKEY_decrypt(ctx, out, &outlen, in, inlen) <= 0)
+	/* Error */
+
+ /* Decrypted data is outlen bytes written to buffer out */
 
 =head1 SEE ALSO