X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=doc%2Fman3%2FEVP_EncryptInit.pod;h=030b01089896f27641c60bea0f11225516259131;hp=d9816209086e6654edabddde23519dcacd28a8e9;hb=16cfc2c90d9e7776965db07c1f31bbec2f6c41e3;hpb=99d63d4662e16afbeff49f29b48f1c87d5558ed0 diff --git a/doc/man3/EVP_EncryptInit.pod b/doc/man3/EVP_EncryptInit.pod index d981620908..030b010898 100644 --- a/doc/man3/EVP_EncryptInit.pod +++ b/doc/man3/EVP_EncryptInit.pod @@ -2,39 +2,56 @@ =head1 NAME -EVP_CIPHER_CTX_new, EVP_CIPHER_CTX_reset, EVP_CIPHER_CTX_free, -EVP_EncryptInit_ex, EVP_EncryptUpdate, EVP_EncryptFinal_ex, -EVP_DecryptInit_ex, EVP_DecryptUpdate, EVP_DecryptFinal_ex, -EVP_CipherInit_ex, EVP_CipherUpdate, EVP_CipherFinal_ex, -EVP_CIPHER_CTX_set_key_length, EVP_CIPHER_CTX_ctrl, EVP_EncryptInit, -EVP_EncryptFinal, EVP_DecryptInit, EVP_DecryptFinal, -EVP_CipherInit, EVP_CipherFinal, EVP_get_cipherbyname, -EVP_get_cipherbynid, EVP_get_cipherbyobj, EVP_CIPHER_nid, -EVP_CIPHER_block_size, EVP_CIPHER_key_length, EVP_CIPHER_iv_length, -EVP_CIPHER_flags, EVP_CIPHER_mode, EVP_CIPHER_type, EVP_CIPHER_CTX_cipher, -EVP_CIPHER_CTX_nid, EVP_CIPHER_CTX_block_size, EVP_CIPHER_CTX_key_length, -EVP_CIPHER_CTX_iv_length, EVP_CIPHER_CTX_get_app_data, -EVP_CIPHER_CTX_set_app_data, EVP_CIPHER_CTX_type, EVP_CIPHER_CTX_flags, -EVP_CIPHER_CTX_mode, EVP_CIPHER_param_to_asn1, EVP_CIPHER_asn1_to_param, -EVP_CIPHER_CTX_set_padding, EVP_enc_null, EVP_des_cbc, EVP_des_ecb, -EVP_des_cfb, EVP_des_ofb, EVP_des_ede_cbc, EVP_des_ede, EVP_des_ede_ofb, -EVP_des_ede_cfb, EVP_des_ede3_cbc, EVP_des_ede3, EVP_des_ede3_ofb, -EVP_des_ede3_cfb, EVP_desx_cbc, EVP_rc4, EVP_rc4_40, EVP_idea_cbc, -EVP_idea_ecb, EVP_idea_cfb, EVP_idea_ofb, EVP_rc2_cbc, -EVP_rc2_ecb, EVP_rc2_cfb, EVP_rc2_ofb, EVP_rc2_40_cbc, EVP_rc2_64_cbc, -EVP_bf_cbc, EVP_bf_ecb, EVP_bf_cfb, EVP_bf_ofb, EVP_cast5_cbc, -EVP_cast5_ecb, EVP_cast5_cfb, EVP_cast5_ofb, EVP_rc5_32_12_16_cbc, -EVP_rc5_32_12_16_ecb, EVP_rc5_32_12_16_cfb, EVP_rc5_32_12_16_ofb, -EVP_aes_128_cbc, EVP_aes_128_ecb, EVP_aes_128_cfb, EVP_aes_128_ofb, -EVP_aes_192_cbc, EVP_aes_192_ecb, EVP_aes_192_cfb, EVP_aes_192_ofb, -EVP_aes_256_cbc, EVP_aes_256_ecb, EVP_aes_256_cfb, EVP_aes_256_ofb, -EVP_aes_128_gcm, EVP_aes_192_gcm, EVP_aes_256_gcm, -EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm - EVP cipher routines - -=for comment generic +EVP_CIPHER_CTX_new, +EVP_CIPHER_CTX_reset, +EVP_CIPHER_CTX_free, +EVP_EncryptInit_ex, +EVP_EncryptUpdate, +EVP_EncryptFinal_ex, +EVP_DecryptInit_ex, +EVP_DecryptUpdate, +EVP_DecryptFinal_ex, +EVP_CipherInit_ex, +EVP_CipherUpdate, +EVP_CipherFinal_ex, +EVP_CIPHER_CTX_set_key_length, +EVP_CIPHER_CTX_ctrl, +EVP_EncryptInit, +EVP_EncryptFinal, +EVP_DecryptInit, +EVP_DecryptFinal, +EVP_CipherInit, +EVP_CipherFinal, +EVP_get_cipherbyname, +EVP_get_cipherbynid, +EVP_get_cipherbyobj, +EVP_CIPHER_nid, +EVP_CIPHER_block_size, +EVP_CIPHER_key_length, +EVP_CIPHER_iv_length, +EVP_CIPHER_flags, +EVP_CIPHER_mode, +EVP_CIPHER_type, +EVP_CIPHER_CTX_cipher, +EVP_CIPHER_CTX_nid, +EVP_CIPHER_CTX_block_size, +EVP_CIPHER_CTX_key_length, +EVP_CIPHER_CTX_iv_length, +EVP_CIPHER_CTX_get_app_data, +EVP_CIPHER_CTX_set_app_data, +EVP_CIPHER_CTX_type, +EVP_CIPHER_CTX_flags, +EVP_CIPHER_CTX_mode, +EVP_CIPHER_param_to_asn1, +EVP_CIPHER_asn1_to_param, +EVP_CIPHER_CTX_set_padding, +EVP_enc_null +- EVP cipher routines =head1 SYNOPSIS +=for comment generic + #include EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void); @@ -42,44 +59,39 @@ EVP_aes_128_ccm, EVP_aes_192_ccm, EVP_aes_256_ccm - EVP cipher routines void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *ctx); int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, - ENGINE *impl, unsigned char *key, unsigned char *iv); + ENGINE *impl, const unsigned char *key, const unsigned char *iv); int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, - int *outl, unsigned char *in, int inl); - int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, - int *outl); + int *outl, const unsigned char *in, int inl); + int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl); int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, - ENGINE *impl, unsigned char *key, unsigned char *iv); + ENGINE *impl, const unsigned char *key, const unsigned char *iv); int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, - int *outl, unsigned char *in, int inl); - int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, - int *outl); + int *outl, const unsigned char *in, int inl); + int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl); int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, - ENGINE *impl, unsigned char *key, unsigned char *iv, int enc); + ENGINE *impl, const unsigned char *key, const unsigned char *iv, int enc); int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, - int *outl, unsigned char *in, int inl); - int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, - int *outl); + int *outl, const unsigned char *in, int inl); + int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl); int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, - unsigned char *key, unsigned char *iv); - int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, - int *outl); + const unsigned char *key, const unsigned char *iv); + int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl); int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, - unsigned char *key, unsigned char *iv); - int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, - int *outl); + const unsigned char *key, const unsigned char *iv); + int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl); int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, - unsigned char *key, unsigned char *iv, int enc); - int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, - int *outl); + const unsigned char *key, const unsigned char *iv, int enc); + int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl); int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding); int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen); int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr); + int EVP_CIPHER_CTX_rand_key(EVP_CIPHER_CTX *ctx, unsigned char *key); const EVP_CIPHER *EVP_get_cipherbyname(const char *name); const EVP_CIPHER *EVP_get_cipherbynid(int nid); @@ -178,8 +190,7 @@ series of calls. EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit() behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and -EVP_CipherInit_ex() except the B parameter does not need to be -initialized and they always use the default cipher implementation. +EVP_CipherInit_ex() except they always use the default cipher implementation. EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal() are identical to EVP_EncryptFinal_ex(), EVP_DecryptFinal_ex() and @@ -237,8 +248,9 @@ EVP_CIPHER_CTX_cipher() returns the B structure when passed an B structure. EVP_CIPHER_mode() and EVP_CIPHER_CTX_mode() return the block cipher mode: -EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE or -EVP_CIPH_OFB_MODE. If the cipher is a stream cipher then +EVP_CIPH_ECB_MODE, EVP_CIPH_CBC_MODE, EVP_CIPH_CFB_MODE, EVP_CIPH_OFB_MODE, +EVP_CIPH_CTR_MODE, EVP_CIPH_GCM_MODE, EVP_CIPH_CCM_MODE, EVP_CIPH_XTS_MODE, +EVP_CIPH_WRAP_MODE or EVP_CIPH_OCB_MODE. If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned. EVP_CIPHER_param_to_asn1() sets the AlgorithmIdentifier "parameter" based @@ -262,6 +274,11 @@ is not supported. EVP_CIPHER_CTX_ctrl() allows various cipher specific parameters to be determined and set. +EVP_CIPHER_CTX_rand_key() generates a random key of the appropriate length +based on the cipher context. The EVP_CIPHER can provide its own random key +generation routine to support keys of a specific form. B must point to a +buffer at least as big as the value returned by EVP_CIPHER_CTX_key_length(). + =head1 RETURN VALUES EVP_CIPHER_CTX_new() returns a pointer to a newly created @@ -302,179 +319,143 @@ EVP_CIPHER_CTX_cipher() returns an B structure. EVP_CIPHER_param_to_asn1() and EVP_CIPHER_asn1_to_param() return greater than zero for success and zero or a negative number. +EVP_CIPHER_CTX_rand_key() returns 1 for success. + =head1 CIPHER LISTING All algorithms have a fixed key length unless otherwise stated. +Refer to L for the full list of ciphers available through the EVP +interface. + =over 4 =item EVP_enc_null() Null cipher: does nothing. -=item EVP_aes_128_cbc(), EVP_aes_128_ecb(), EVP_aes_128_cfb(), EVP_aes_128_ofb() - -AES with a 128-bit key in CBC, ECB, CFB and OFB modes respectively. - -=item EVP_aes_192_cbc(), EVP_aes_192_ecb(), EVP_aes_192_cfb(), EVP_aes_192_ofb() - -AES with a 192-bit key in CBC, ECB, CFB and OFB modes respectively. - -=item EVP_aes_256_cbc(), EVP_aes_256_ecb(), EVP_aes_256_cfb(), EVP_aes_256_ofb() +=back -AES with a 256-bit key in CBC, ECB, CFB and OFB modes respectively. +=head1 AEAD Interface -=item EVP_des_cbc(), EVP_des_ecb(), EVP_des_cfb(), EVP_des_ofb() +The EVP interface for Authenticated Encryption with Associated Data (AEAD) +modes are subtly altered and several additional I operations are supported +depending on the mode specified. -DES in CBC, ECB, CFB and OFB modes respectively. +To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(), +EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output +parameter B set to B. -=item EVP_des_ede_cbc(), EVP_des_ede(), EVP_des_ede_ofb(), EVP_des_ede_cfb() +When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal() +indicates whether the operation was successful. If it does not indicate success, +the authentication operation has failed and any output data B be used +as it is corrupted. -Two key triple DES in CBC, ECB, CFB and OFB modes respectively. +=head2 GCM and OCB Modes -=item EVP_des_ede3_cbc(), EVP_des_ede3(), EVP_des_ede3_ofb(), EVP_des_ede3_cfb() +The following Is are supported in GCM and OCB modes. -Three key triple DES in CBC, ECB, CFB and OFB modes respectively. +=over 4 -=item EVP_desx_cbc() +=item EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL) -DESX algorithm in CBC mode. +Sets the IV length. This call can only be made before specifying an IV. If +not called a default IV length is used. -=item EVP_rc4() +For GCM AES and OCB AES the default is 12 (i.e. 96 bits). For OCB mode the +maximum is 15. -RC4 stream cipher. This is a variable key length cipher with default key length 128 bits. +=item EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag) -=item EVP_rc4_40() +Writes C bytes of the tag value to the buffer indicated by C. +This call can only be made when encrypting data and B all data has been +processed (e.g. after an EVP_EncryptFinal() call). -RC4 stream cipher with 40 bit key length. -This is obsolete and new code should use EVP_rc4() -and the EVP_CIPHER_CTX_set_key_length() function. +For OCB, C must either be 16 or the value previously set via +B. -=item EVP_idea_cbc() EVP_idea_ecb(), EVP_idea_cfb(), EVP_idea_ofb() +=item EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag) -IDEA encryption algorithm in CBC, ECB, CFB and OFB modes respectively. +Sets the expected tag to C bytes from C. +The tag length can only be set before specifying an IV. +C must be between 1 and 16 inclusive. -=item EVP_rc2_cbc(), EVP_rc2_ecb(), EVP_rc2_cfb(), EVP_rc2_ofb() +For GCM, this call is only valid when decrypting data. -RC2 encryption algorithm in CBC, ECB, CFB and OFB modes respectively. This is a variable key -length cipher with an additional parameter called "effective key bits" or "effective key length". -By default both are set to 128 bits. +For OCB, this call is valid when decrypting data to set the expected tag, +and before encryption to set the desired tag length. -=item EVP_rc2_40_cbc(), EVP_rc2_64_cbc() +In OCB mode, calling this before encryption with C set to C sets the +tag length. If this is not called prior to encryption, a default tag length is +used. -RC2 algorithm in CBC mode with a default key length and effective key length of 40 and 64 bits. -These are obsolete and new code should use EVP_rc2_cbc(), EVP_CIPHER_CTX_set_key_length() and -EVP_CIPHER_CTX_ctrl() to set the key length and effective key length. +For OCB AES, the default tag length is 16 (i.e. 128 bits). It is also the +maximum tag length for OCB. -=item EVP_bf_cbc(), EVP_bf_ecb(), EVP_bf_cfb(), EVP_bf_ofb() +=back -Blowfish encryption algorithm in CBC, ECB, CFB and OFB modes respectively. This is a variable key -length cipher. +=head2 CCM Mode -=item EVP_cast5_cbc(), EVP_cast5_ecb(), EVP_cast5_cfb(), EVP_cast5_ofb() +The EVP interface for CCM mode is similar to that of the GCM mode but with a +few additional requirements and different I values. -CAST encryption algorithm in CBC, ECB, CFB and OFB modes respectively. This is a variable key -length cipher. +For CCM mode, the total plaintext or ciphertext length B be passed to +EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output +and input parameters (B and B) set to B and the length passed in +the B parameter. -=item EVP_rc5_32_12_16_cbc(), EVP_rc5_32_12_16_ecb(), EVP_rc5_32_12_16_cfb(), EVP_rc5_32_12_16_ofb() +The following Is are supported in CCM mode. -RC5 encryption algorithm in CBC, ECB, CFB and OFB modes respectively. This is a variable key length -cipher with an additional "number of rounds" parameter. By default the key length is set to 128 -bits and 12 rounds. +=over 4 -=item EVP_aes_128_gcm(), EVP_aes_192_gcm(), EVP_aes_256_gcm() +=item EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag) -AES Galois Counter Mode (GCM) for 128, 192 and 256 bit keys respectively. -These ciphers require additional control operations to function correctly: see -the L section below for details. +This call is made to set the expected B tag value when decrypting or +the length of the tag (with the C parameter set to NULL) when encrypting. +The tag length is often referred to as B. If not set a default value is +used (12 for AES). -=item EVP_aes_128_ocb(void), EVP_aes_192_ocb(void), EVP_aes_256_ocb(void) +=item EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL) -Offset Codebook Mode (OCB) for 128, 192 and 256 bit keys respectively. -These ciphers require additional control operations to function correctly: see -the L section below for details. +Sets the CCM B value. If not set a default is used (8 for AES). -=item EVP_aes_128_ccm(), EVP_aes_192_ccm(), EVP_aes_256_ccm() +=item EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL) -AES Counter with CBC-MAC Mode (CCM) for 128, 192 and 256 bit keys respectively. -These ciphers require additional control operations to function correctly: see -CCM mode section below for details. +Sets the CCM nonce (IV) length. This call can only be made before specifying an +nonce value. The nonce length is given by B<15 - L> so it is 7 by default for +AES. =back -=head1 GCM and OCB Modes +=head2 ChaCha20-Poly1305 -For GCM and OCB mode ciphers the behaviour of the EVP interface is subtly -altered and several additional ctrl operations are supported. +The following Is are supported for the ChaCha20-Poly1305 AEAD algorithm. -To specify any additional authenticated data (AAD) a call to EVP_CipherUpdate(), -EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output -parameter B set to B. - -When decrypting the return value of EVP_DecryptFinal() or EVP_CipherFinal() -indicates if the operation was successful. If it does not indicate success -the authentication operation has failed and any output data B -be used as it is corrupted. - -The following ctrls are supported in both GCM and OCB modes: +=over 4 - EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL); +=item EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL) -Sets the IV length: this call can only be made before specifying an IV. If -not called a default IV length is used. For GCM AES and OCB AES the default is -12 (i.e. 96 bits). For OCB mode the maximum is 15. +Sets the nonce length. This call can only be made before specifying the nonce. +If not called a default nonce length of 12 (i.e. 96 bits) is used. The maximum +nonce length is 16 (B, i.e. 128-bits). - EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag); +=item EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag) -Writes B bytes of the tag value to the buffer indicated by B. +Writes C bytes of the tag value to the buffer indicated by C. This call can only be made when encrypting data and B all data has been -processed (e.g. after an EVP_EncryptFinal() call). For OCB mode the taglen must -either be 16 or the value previously set via EVP_CTRL_OCB_SET_TAGLEN. - - EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag); +processed (e.g. after an EVP_EncryptFinal() call). -Sets the expected tag to B bytes from B. This call is only legal -when decrypting data and must be made B any data is processed (e.g. -before any EVP_DecryptUpdate() call). For OCB mode the taglen must -either be 16 or the value previously set via EVP_CTRL_AEAD_SET_TAG. +C specified here must be 16 (B, i.e. 128-bits) or +less. -In OCB mode calling this with B set to NULL sets the tag length. The tag -length can only be set before specifying an IV. If not called a default tag -length is used. For OCB AES the default is 16 (i.e. 128 bits). This is also the -maximum tag length for OCB. - -See L below for an example of the use of GCM mode. - -=head1 CCM Mode - -The behaviour of CCM mode ciphers is similar to GCM mode but with a few -additional requirements and different ctrl values. - -Like GCM and OCB modes any additional authenticated data (AAD) is passed by calling -EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output -parameter B set to B. Additionally the total plaintext or ciphertext -length B be passed to EVP_CipherUpdate(), EVP_EncryptUpdate() or -EVP_DecryptUpdate() with the output and input parameters (B and B) -set to B and the length passed in the B parameter. +=item EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag) -The following ctrls are supported in CCM mode: +Sets the expected tag to C bytes from C. +The tag length can only be set before specifying an IV. +C must be between 1 and 16 (B) inclusive. +This call is only valid when decrypting data. - EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag); - -This call is made to set the expected B tag value when decrypting or -the length of the tag (with the B parameter set to NULL) when encrypting. -The tag length is often referred to as B. If not set a default value is -used (12 for AES). - - EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, ivlen, NULL); - -Sets the CCM B value. If not set a default is used (8 for AES). - - EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_IVLEN, ivlen, NULL); - -Sets the CCM nonce (IV) length: this call can only be made before specifying -an nonce value. The nonce length is given by B<15 - L> so it is 7 by default -for AES. +=back =head1 NOTES @@ -512,13 +493,11 @@ EVP_get_cipherbynid(), and EVP_get_cipherbyobj() are implemented as macros. =head1 BUGS -For RC5 the number of rounds can currently only be set to 8, 12 or 16. This is -a limitation of the current RC5 code rather than the EVP interface. - -EVP_MAX_KEY_LENGTH and EVP_MAX_IV_LENGTH only refer to the internal ciphers with -default key lengths. If custom ciphers exceed these values the results are -unpredictable. This is because it has become standard practice to define a -generic key as a fixed unsigned char array containing EVP_MAX_KEY_LENGTH bytes. +B and B only refer to the internal +ciphers with default key lengths. If custom ciphers exceed these values the +results are unpredictable. This is because it has become standard practice to +define a generic key as a fixed unsigned char array containing +B bytes. The ASN1 code is incomplete (and sometimes inaccurate) it has only been tested for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode. @@ -528,106 +507,129 @@ for certain common S/MIME ciphers (RC2, DES, triple DES) in CBC mode. Encrypt a string using IDEA: int do_crypt(char *outfile) - { - unsigned char outbuf[1024]; - int outlen, tmplen; - /* Bogus key and IV: we'd normally set these from - * another source. - */ - unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15}; - unsigned char iv[] = {1,2,3,4,5,6,7,8}; - char intext[] = "Some Crypto Text"; - EVP_CIPHER_CTX ctx; - FILE *out; - - ctx = EVP_CIPHER_CTX_new(); - EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv); - - if(!EVP_EncryptUpdate(ctx, outbuf, &outlen, intext, strlen(intext))) - { - /* Error */ - return 0; - } - /* Buffer passed to EVP_EncryptFinal() must be after data just - * encrypted to avoid overwriting it. - */ - if(!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &tmplen)) - { - /* Error */ - return 0; - } - outlen += tmplen; - EVP_CIPHER_CTX_free(ctx); - /* Need binary mode for fopen because encrypted data is - * binary data. Also cannot use strlen() on it because - * it won't be null terminated and may contain embedded - * nulls. - */ - out = fopen(outfile, "wb"); - fwrite(outbuf, 1, outlen, out); - fclose(out); - return 1; - } + { + unsigned char outbuf[1024]; + int outlen, tmplen; + /* + * Bogus key and IV: we'd normally set these from + * another source. + */ + unsigned char key[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15}; + unsigned char iv[] = {1,2,3,4,5,6,7,8}; + char intext[] = "Some Crypto Text"; + EVP_CIPHER_CTX *ctx; + FILE *out; + + ctx = EVP_CIPHER_CTX_new(); + EVP_EncryptInit_ex(ctx, EVP_idea_cbc(), NULL, key, iv); + + if (!EVP_EncryptUpdate(ctx, outbuf, &outlen, intext, strlen(intext))) { + /* Error */ + EVP_CIPHER_CTX_free(ctx); + return 0; + } + /* + * Buffer passed to EVP_EncryptFinal() must be after data just + * encrypted to avoid overwriting it. + */ + if (!EVP_EncryptFinal_ex(ctx, outbuf + outlen, &tmplen)) { + /* Error */ + EVP_CIPHER_CTX_free(ctx); + return 0; + } + outlen += tmplen; + EVP_CIPHER_CTX_free(ctx); + /* + * Need binary mode for fopen because encrypted data is + * binary data. Also cannot use strlen() on it because + * it won't be NUL terminated and may contain embedded + * NULs. + */ + out = fopen(outfile, "wb"); + if (out == NULL) { + /* Error */ + return 0; + } + fwrite(outbuf, 1, outlen, out); + fclose(out); + return 1; + } The ciphertext from the above example can be decrypted using the B utility with the command line (shown on two lines for clarity): - openssl idea -d +L + +Supported ciphers are listed in: + +L, +L, +L, +L, +L, +L, +L, +L, +L, +L, +L, +L, +L, +L =head1 HISTORY @@ -640,7 +642,7 @@ EVP_CIPHER_CTX_reset(). =head1 COPYRIGHT -Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy