From d48be4f4a3d22b54e6cbfd01b2a9dbbccbef2a91 Mon Sep 17 00:00:00 2001 From: schwarze Date: Wed, 14 Feb 2018 00:19:03 +0000 Subject: [PATCH] Mention two more block cipher modes that actually exist in our tree; from Patrick dot Steuer at de dot ibm dot com via OpenSSL commit 338ead0f Oct 9 12:16:34 2017 +0200. Correct the EVP_EncryptUpdate(3) and EVP_DecryptUpdate(3) prototypes; from FdaSilvaYY at gmail dot com via OpenSSL commit 7bbb0050 Nov 22 22:00:29 2017 +0100. Document the additional public function EVP_CIPHER_CTX_rand_key(3); from Patrick dot Steuer at de dot ibm dot com via OpenSSL commit 5c5eb286 Dec 5 00:36:43 2017 +0100. --- lib/libcrypto/man/EVP_EncryptInit.3 | 38 +++++++++++++++++++++++------ 1 file changed, 30 insertions(+), 8 deletions(-) diff --git a/lib/libcrypto/man/EVP_EncryptInit.3 b/lib/libcrypto/man/EVP_EncryptInit.3 index 478e80839ee..f883d1ce2a5 100644 --- a/lib/libcrypto/man/EVP_EncryptInit.3 +++ b/lib/libcrypto/man/EVP_EncryptInit.3 @@ -1,6 +1,6 @@ -.\" $OpenBSD: EVP_EncryptInit.3,v 1.6 2017/08/20 18:41:39 schwarze Exp $ -.\" OpenSSL EVP_EncryptInit.pod 519a5d1e Jun 27 17:38:25 2017 -0700 -.\" OpenSSL EVP_EncryptInit.pod 5211e094 Nov 11 14:39:11 2014 -0800 +.\" $OpenBSD: EVP_EncryptInit.3,v 1.7 2018/02/14 00:19:03 schwarze Exp $ +.\" full merge up to: OpenSSL 5211e094 Nov 11 14:39:11 2014 -0800 +.\" selective merge up to: OpenSSL 5c5eb286 Dec 5 00:36:43 2017 +0100 .\" .\" This file was written by Dr. Stephen Henson . .\" Copyright (c) 2000-2002, 2005, 2012-2016 The OpenSSL Project. @@ -50,7 +50,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: August 20 2017 $ +.Dd $Mdocdate: February 14 2018 $ .Dt EVP_ENCRYPTINIT 3 .Os .Sh NAME @@ -75,6 +75,7 @@ .Nm EVP_CIPHER_CTX_set_padding , .Nm EVP_CIPHER_CTX_set_key_length , .Nm EVP_CIPHER_CTX_ctrl , +.Nm EVP_CIPHER_CTX_rand_key , .Nm EVP_CIPHER_CTX_cleanup , .Nm EVP_get_cipherbyname , .Nm EVP_get_cipherbynid , @@ -184,7 +185,7 @@ .Fa "EVP_CIPHER_CTX *ctx" .Fa "unsigned char *out" .Fa "int *outl" -.Fa "unsigned char *in" +.Fa "const unsigned char *in" .Fa "int inl" .Fc .Ft int @@ -206,7 +207,7 @@ .Fa "EVP_CIPHER_CTX *ctx" .Fa "unsigned char *out" .Fa "int *outl" -.Fa "unsigned char *in" +.Fa "const unsigned char *in" .Fa "int inl" .Fc .Ft int @@ -296,6 +297,11 @@ .Fa "void *ptr" .Fc .Ft int +.Fo EVP_CIPHER_CTX_rand_key +.Fa "EVP_CIPHER_CTX *ctx" +.Fa "unsigned char *key" +.Fc +.Ft int .Fo EVP_CIPHER_CTX_cleanup .Fa "EVP_CIPHER_CTX *ctx" .Fc @@ -661,8 +667,10 @@ return the block cipher mode: .Dv EVP_CIPH_ECB_MODE , .Dv EVP_CIPH_CBC_MODE , .Dv EVP_CIPH_CFB_MODE , +.Dv EVP_CIPH_OFB_MODE , +.Dv EVP_CIPH_CTR_MODE , or -.Dv EVP_CIPH_OFB_MODE . +.Dv EVP_CIPH_XTS_MODE . If the cipher is a stream cipher then .Dv EVP_CIPH_STREAM_CIPHER is returned. @@ -707,6 +715,18 @@ allows various cipher specific parameters to be determined and set. Currently only the RC2 effective key length and the number of rounds of RC5 can be set. .Pp +.Fn EVP_CIPHER_CTX_rand_key +generates a random key of the appropriate length based on the cipher +context. +The +.Vt EVP_CIPHER +can provide its own random key generation routine to support keys +of a specific form. +The +.Fa key +argument must point to a buffer at least as big as the value returned by +.Fn EVP_CIPHER_CTX_key_length . +.Pp Where possible the EVP interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and @@ -782,8 +802,10 @@ return 1 for success and 0 for failure. .Fn EVP_CipherFinal_ex returns 0 for a decryption failure or 1 for success. .Pp +.Fn EVP_CIPHER_CTX_rand_key +and .Fn EVP_CIPHER_CTX_cleanup -returns 1 for success and 0 for failure. +return 1 for success or 0 for failure. .Pp .Fn EVP_get_cipherbyname , .Fn EVP_get_cipherbynid , -- 2.20.1