src - OpenBSD base system

diff options


context:
space:
mode:

author	Ingo Schwarze <schwarze@cvs.openbsd.org>	2019-03-18 11:38:17 +0000
committer	Ingo Schwarze <schwarze@cvs.openbsd.org>	2019-03-18 11:38:17 +0000
commit	7f9a6af1539a73333532bf25045845455b6638f1 (patch)
tree	1b4fa952f1a3e9862ba93fd1449933d07089ce8f /lib
parent	5a8eaa0a68c954bbda725f9c5cc7f79b878532a8 (diff)

Split EVP_aes_128_cbc(3) out of EVP_EncryptInit(3):

both resulting pages are still long. Mention a number of missing functions. Add some text from the OpenSSL 1.1.1 EVP_aes.pod manual page, which is still under a free license. Add missing HISTORY information. Triggered by tb@ providing EVP_aes_{128,192,256}_wrap(3) in evp.h rev. 1.74.

Diffstat (limited to 'lib')

-rw-r--r--

lib/libcrypto/man/EVP_EncryptInit.3

-rw-r--r--

lib/libcrypto/man/EVP_aes_128_cbc.3

311

-rw-r--r--

lib/libcrypto/man/Makefile

-rw-r--r--

lib/libcrypto/man/evp.3

4 files changed, 322 insertions, 74 deletions

diff --git a/lib/libcrypto/man/EVP_EncryptInit.3 b/lib/libcrypto/man/EVP_EncryptInit.3
index 704a2016ed6..10d30c4cf0c 100644
--- a/lib/libcrypto/man/EVP_EncryptInit.3
+++ b/lib/libcrypto/man/EVP_EncryptInit.3

@@ -1,4 +1,4 @@

-.\" $OpenBSD: EVP_EncryptInit.3,v 1.27 2019/03/18 05:56:24 schwarze Exp $

+.\" $OpenBSD: EVP_EncryptInit.3,v 1.28 2019/03/18 11:38:16 schwarze Exp $

.\" full merge up to: OpenSSL 5211e094 Nov 11 14:39:11 2014 -0800

.\" selective merge up to: OpenSSL 16cfc2c9 Mar 8 22:30:28 2018 +0100

.\"

@@ -138,26 +138,6 @@

.Nm EVP_cast5_ecb ,

.Nm EVP_cast5_cfb ,

.Nm EVP_cast5_ofb ,

-.Nm EVP_aes_128_cbc ,

-.Nm EVP_aes_128_ecb ,

-.Nm EVP_aes_128_cfb ,

-.Nm EVP_aes_128_ofb ,

-.Nm EVP_aes_192_cbc ,

-.Nm EVP_aes_192_ecb ,

-.Nm EVP_aes_192_cfb ,

-.Nm EVP_aes_192_ofb ,

-.Nm EVP_aes_256_cbc ,

-.Nm EVP_aes_256_ecb ,

-.Nm EVP_aes_256_cfb ,

-.Nm EVP_aes_256_ofb ,

-.Nm EVP_aes_128_gcm ,

-.Nm EVP_aes_192_gcm ,

-.Nm EVP_aes_256_gcm ,

-.Nm EVP_aes_128_ccm ,

-.Nm EVP_aes_192_ccm ,

-.Nm EVP_aes_256_ccm ,

-.Nm EVP_aes_128_cbc_hmac_sha1 ,

-.Nm EVP_aes_256_cbc_hmac_sha1 ,

.Nm EVP_chacha20

.Nd EVP cipher routines

.Sh SYNOPSIS

@@ -471,7 +451,7 @@ points to an unused object on the stack, it must be initialized with

before calling this function.

.Fa type

is normally supplied by a function such as

-.Fn EVP_aes_256_cbc .

+.Xr EVP_aes_256_cbc 3 .

.Fa impl

@@ -905,27 +885,6 @@ All algorithms have a fixed key length unless otherwise stated.

.It Fn EVP_enc_null

Null cipher: does nothing.

.It Xo

-.Fn EVP_aes_128_cbc ,

-.Fn EVP_aes_128_ecb ,

-.Fn EVP_aes_128_cfb ,

-.Fn EVP_aes_128_ofb

-.Xc

-AES with a 128-bit key in CBC, ECB, CFB and OFB modes respectively.

-.It Xo

-.Fn EVP_aes_192_cbc ,

-.Fn EVP_aes_192_ecb ,

-.Fn EVP_aes_192_cfb ,

-.Fn EVP_aes_192_ofb

-.Xc

-AES with a 192-bit key in CBC, ECB, CFB and OFB modes respectively.

-.It Xo

-.Fn EVP_aes_256_cbc ,

-.Fn EVP_aes_256_ecb ,

-.Fn EVP_aes_256_cfb ,

-.Fn EVP_aes_256_ofb

-.Xc

-AES with a 256-bit key in CBC, ECB, CFB and OFB modes respectively.

-.It Xo

.Fn EVP_des_cbc ,

.Fn EVP_des_ecb ,

.Fn EVP_des_cfb ,

@@ -1004,29 +963,13 @@ This is a variable key length cipher.

.Xc

CAST encryption algorithm in CBC, ECB, CFB and OFB modes respectively.

This is a variable key length cipher.

-.It Xo

-.Fn EVP_aes_128_gcm ,

-.Fn EVP_aes_192_gcm ,

-.Fn EVP_aes_256_gcm

-.Xc

-AES Galois Counter Mode (GCM) for 128, 192 and 256 bit keys respectively.

-These ciphers require additional control operations to function

-correctly: see the GCM mode section below for details.

-.It Xo

-.Fn EVP_aes_128_ccm ,

-.Fn EVP_aes_192_ccm ,

-.Fn EVP_aes_256_ccm

-.Xc

-AES Counter with CBC-MAC Mode (CCM) for 128, 192 and 256 bit keys

-respectively.

-These ciphers require additional control operations to function

-correctly: see CCM mode section below for details.

-.It Fn EVP_chacha20

The ChaCha20 stream cipher.

The key length is 256 bits, the IV is 96 bits long.

.El

.Pp

See also

+.Xr EVP_aes_128_cbc 3

+and

.Xr EVP_sm4_cbc 3 .

.Ss GCM mode

For GCM mode ciphers, the behaviour of the EVP interface

@@ -1231,6 +1174,7 @@ do_crypt(FILE *in, FILE *out, int do_encrypt)

.Ed

.Sh SEE ALSO

.Xr evp 3 ,

+.Xr EVP_aes_128_cbc 3 ,

.Xr EVP_sm4_cbc 3

.Sh HISTORY

.Fn EVP_EncryptInit ,

@@ -1343,17 +1287,8 @@ first appeared in OpenSSL 0.9.8b.

These functions have been available since

.Ox 4.5 .

.Pp

-.Fn EVP_rc4_hmac_md5 ,

-.Fn EVP_aes_128_gcm ,

-.Fn EVP_aes_192_gcm ,

-.Fn EVP_aes_256_gcm ,

-.Fn EVP_aes_128_ccm ,

-.Fn EVP_aes_192_ccm ,

-.Fn EVP_aes_256_ccm ,

-.Fn EVP_aes_128_cbc_hmac_sha1 ,

-and

-.Fn EVP_aes_256_cbc_hmac_sha1

-first appeared in OpenSSL 1.0.1 and have been available since

+.Fn EVP_rc4_hmac_md5

+first appeared in OpenSSL 1.0.1 and has been available since

.Ox 5.3 .

.Pp

.Fn EVP_CIPHER_CTX_reset

diff --git a/lib/libcrypto/man/EVP_aes_128_cbc.3 b/lib/libcrypto/man/EVP_aes_128_cbc.3
new file mode 100644
index 00000000000..8c01f07f55e
--- /dev/null
+++ b/lib/libcrypto/man/EVP_aes_128_cbc.3

@@ -0,0 +1,311 @@

+.\" $OpenBSD: EVP_aes_128_cbc.3,v 1.1 2019/03/18 11:38:16 schwarze Exp $

+.\" selective merge up to: OpenSSL 7c6d372a Nov 20 13:20:01 2018 +0000

+.\"

+.\" This file was written by Ronald Tse <ronald.tse@ribose.com>

+.\"

+.\" Redistribution and use in source and binary forms, with or without

+.\" modification, are permitted provided that the following conditions

+.\" are met:

+.\"

+.\" 1. Redistributions of source code must retain the above copyright

+.\" notice, this list of conditions and the following disclaimer.

+.\"

+.\" 2. Redistributions in binary form must reproduce the above copyright

+.\" notice, this list of conditions and the following disclaimer in

+.\" the documentation and/or other materials provided with the

+.\" distribution.

+.\"

+.\" 3. All advertising materials mentioning features or use of this

+.\" software must display the following acknowledgment:

+.\" "This product includes software developed by the OpenSSL Project

+.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)"

+.\"

+.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to

+.\" endorse or promote products derived from this software without

+.\" prior written permission. For written permission, please contact

+.\" openssl-core@openssl.org.

+.\"

+.\" 5. Products derived from this software may not be called "OpenSSL"

+.\" nor may "OpenSSL" appear in their names without prior written

+.\" permission of the OpenSSL Project.

+.\"

+.\" 6. Redistributions of any form whatsoever must retain the following

+.\" acknowledgment:

+.\" "This product includes software developed by the OpenSSL Project

+.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)"

+.\"

+.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY

+.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR

+.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR

+.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,

+.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT

+.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;

+.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,

+.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)

+.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED

+.\" OF THE POSSIBILITY OF SUCH DAMAGE.

+.\"

+.Dd $Mdocdate: March 18 2019 $

+.Dt EVP_AES_128_CBC 3

+.Os

+.Sh NAME

+.Nm EVP_aes_128_cbc ,

+.Nm EVP_aes_192_cbc ,

+.Nm EVP_aes_256_cbc ,

+.Nm EVP_aes_128_cfb1 ,

+.Nm EVP_aes_192_cfb1 ,

+.Nm EVP_aes_256_cfb1 ,

+.Nm EVP_aes_128_cfb8 ,

+.Nm EVP_aes_192_cfb8 ,

+.Nm EVP_aes_256_cfb8 ,

+.Nm EVP_aes_128_cfb128 ,

+.Nm EVP_aes_192_cfb128 ,

+.Nm EVP_aes_256_cfb128 ,

+.Nm EVP_aes_128_cfb ,

+.Nm EVP_aes_192_cfb ,

+.Nm EVP_aes_256_cfb ,

+.Nm EVP_aes_128_ctr ,

+.Nm EVP_aes_192_ctr ,

+.Nm EVP_aes_256_ctr ,

+.Nm EVP_aes_128_ecb ,

+.Nm EVP_aes_192_ecb ,

+.Nm EVP_aes_256_ecb ,

+.Nm EVP_aes_128_ofb ,

+.Nm EVP_aes_192_ofb ,

+.Nm EVP_aes_256_ofb ,

+.Nm EVP_aes_128_cbc_hmac_sha1 ,

+.Nm EVP_aes_256_cbc_hmac_sha1 ,

+.Nm EVP_aes_128_ccm ,

+.Nm EVP_aes_192_ccm ,

+.Nm EVP_aes_256_ccm ,

+.Nm EVP_aes_128_gcm ,

+.Nm EVP_aes_192_gcm ,

+.Nm EVP_aes_256_gcm ,

+.Nm EVP_aes_128_wrap ,

+.Nm EVP_aes_192_wrap ,

+.Nm EVP_aes_256_wrap ,

+.Nm EVP_aes_128_xts ,

+.Nm EVP_aes_256_xts

+.Nd EVP AES cipher

+.Sh SYNOPSIS

+.In openssl/evp.h

+.Ft const EVP_CIPHER *

+.Fn EVP_aes_128_cbc void

+.Ft const EVP_CIPHER *

+.Fn EVP_aes_192_cbc void

+.Ft const EVP_CIPHER *

+.Fn EVP_aes_256_cbc void

+.Ft const EVP_CIPHER *

+.Fn EVP_aes_128_cfb1 void

+.Ft const EVP_CIPHER *

+.Fn EVP_aes_192_cfb1 void

+.Ft const EVP_CIPHER *

+.Fn EVP_aes_256_cfb1 void

+.Ft const EVP_CIPHER *

+.Fn EVP_aes_128_cfb8 void

+.Ft const EVP_CIPHER *

+.Fn EVP_aes_192_cfb8 void

+.Ft const EVP_CIPHER *

+.Fn EVP_aes_256_cfb8 void

+.Ft const EVP_CIPHER *

+.Fn EVP_aes_128_cfb128 void

+.Ft const EVP_CIPHER *

+.Fn EVP_aes_192_cfb128 void

+.Ft const EVP_CIPHER *

+.Fn EVP_aes_256_cfb128 void

+.Ft const EVP_CIPHER *

+.Fn EVP_aes_128_cfb void

+.Ft const EVP_CIPHER *

+.Fn EVP_aes_192_cfb void

+.Ft const EVP_CIPHER *

+.Fn EVP_aes_256_cfb void

+.Ft const EVP_CIPHER *

+.Fn EVP_aes_128_ctr void

+.Ft const EVP_CIPHER *

+.Fn EVP_aes_192_ctr void

+.Ft const EVP_CIPHER *

+.Fn EVP_aes_256_ctr void

+.Ft const EVP_CIPHER *

+.Fn EVP_aes_128_ecb void

+.Ft const EVP_CIPHER *

+.Fn EVP_aes_192_ecb void

+.Ft const EVP_CIPHER *

+.Fn EVP_aes_256_ecb void

+.Ft const EVP_CIPHER *

+.Fn EVP_aes_128_ofb void

+.Ft const EVP_CIPHER *

+.Fn EVP_aes_192_ofb void

+.Ft const EVP_CIPHER *

+.Fn EVP_aes_256_ofb void

+.Ft const EVP_CIPHER *

+.Fn EVP_aes_128_cbc_hmac_sha1 void

+.Ft const EVP_CIPHER *

+.Fn EVP_aes_256_cbc_hmac_sha1 void

+.Ft const EVP_CIPHER *

+.Fn EVP_aes_128_ccm void

+.Ft const EVP_CIPHER *

+.Fn EVP_aes_192_ccm void

+.Ft const EVP_CIPHER *

+.Fn EVP_aes_256_ccm void

+.Ft const EVP_CIPHER *

+.Fn EVP_aes_128_gcm void

+.Ft const EVP_CIPHER *

+.Fn EVP_aes_192_gcm void

+.Ft const EVP_CIPHER *

+.Fn EVP_aes_256_gcm void

+.Ft const EVP_CIPHER *

+.Fn EVP_aes_128_wrap void

+.Ft const EVP_CIPHER *

+.Fn EVP_aes_192_wrap void

+.Ft const EVP_CIPHER *

+.Fn EVP_aes_256_wrap void

+.Ft const EVP_CIPHER *

+.Fn EVP_aes_128_xts void

+.Ft const EVP_CIPHER *

+.Fn EVP_aes_256_xts void

+.Sh DESCRIPTION

+These functions provide the AES encryption algorithm in the

+.Xr evp 3

+framework.

+.Pp

+.Fn EVP_aes_128_cbc ,

+.Fn EVP_aes_192_cbc ,

+.Fn EVP_aes_256_cbc ,

+.Fn EVP_aes_128_cfb1 ,

+.Fn EVP_aes_192_cfb1 ,

+.Fn EVP_aes_256_cfb1 ,

+.Fn EVP_aes_128_cfb8 ,

+.Fn EVP_aes_192_cfb8 ,

+.Fn EVP_aes_256_cfb8 ,

+.Fn EVP_aes_128_cfb128 ,

+.Fn EVP_aes_192_cfb128 ,

+.Fn EVP_aes_256_cfb128 ,

+.Fn EVP_aes_128_ctr ,

+.Fn EVP_aes_192_ctr ,

+.Fn EVP_aes_256_ctr ,

+.Fn EVP_aes_128_ecb ,

+.Fn EVP_aes_192_ecb ,

+.Fn EVP_aes_256_ecb ,

+.Fn EVP_aes_128_ofb ,

+.Fn EVP_aes_192_ofb ,

+and

+.Fn EVP_aes_256_ofb

+provide AES for 128, 192, and 256 bit keys in the following modes:

+CBC, CFB with 1-bit shift, CFB with 8-bit shift, CFB with 128-bit shift,

+CTR, ECB, and OFB.

+.Pp

+.Fn EVP_aes_128_cfb ,

+.Fn EVP_aes_192_cfb ,

+and

+.Fn EVP_aes_256_cfb

+are aliases for

+.Fn EVP_aes_128_cfb128 ,

+.Fn EVP_aes_192_cfb128 ,

+and

+.Fn EVP_aes_256_cfb128 .

+.Pp

+.Fn EVP_aes_128_cbc_hmac_sha1

+and

+.Fn EVP_aes_256_cbc_hmac_sha1

+provide authenticated encryption with AES in CBC mode using SHA-1 as HMAC,

+with keys of 128 and 256 bits length respectively.

+The authentication tag is 160 bits long.

+This is not intended for usage outside of TLS and requires

+calling of some undocumented control functions.

+These ciphers do not conform to the EVP AEAD interface.

+.Pp

+.Fn EVP_aes_128_ccm ,

+.Fn EVP_aes_192_ccm ,

+.Fn EVP_aes_256_ccm ,

+.Fn EVP_aes_128_gcm ,

+.Fn EVP_aes_192_gcm ,

+and

+.Fn EVP_aes_256_gcm

+provide AES for 128, 192 and 256 bit keys in CBC-MAC Mode (CCM)

+and Galois Counter Mode (GCM), respectively.

+These ciphers require additional control operations to function

+correctly; see

+.Xr EVP_EncryptInit 3

+for details.

+.Pp

+.Fn EVP_aes_128_wrap ,

+.Fn EVP_aes_192_wrap ,

+and

+.Fn EVP_aes_256_wrap

+provide AES key wrap with 128, 192 and 256 bit keys

+according to RFC 3394 section 2.2.1 ("wrap").

+.Pp

+.Fn EVP_aes_128_xts

+and

+.Fn EVP_aes_256_xts

+provide XEX-based tweaked-codebook mode with ciphertext stealing (XTS-AES)

+as specified in IEEE Std. 1619-2007 and described in NIST SP 800-38E.

+It was designed for encrypting data on a storage device,

+provides confidentiality but not authentication of data,

+and requires a key of double length for protection of a certain key size.

+In particular, XTS-AES-128 takes input of a 256-bit key to achieve

+AES 128-bit security, and XTS-AES-256 takes input of a 512-bit key

+to achieve AES 256-bit security.

+.Sh RETURN VALUES

+These functions return an

+.Vt EVP_CIPHER

+structure that provides the implementation of the symmetric cipher.

+.Sh SEE ALSO

+.Xr evp 3 ,

+.Xr EVP_EncryptInit 3

+.Sh HISTORY

+.Fn EVP_aes_128_cbc ,

+.Fn EVP_aes_192_cbc ,

+.Fn EVP_aes_256_cbc ,

+.Fn EVP_aes_128_cfb ,

+.Fn EVP_aes_192_cfb ,

+.Fn EVP_aes_256_cfb ,

+.Fn EVP_aes_128_ebc ,

+.Fn EVP_aes_192_ebc ,

+.Fn EVP_aes_256_ebc ,

+.Fn EVP_aes_128_ofb ,

+.Fn EVP_aes_192_ofb ,

+and

+.Fn EVP_aes_256_ofb

+first appeared in OpenSSL 0.9.7 and have been available since

+.Ox 3.2 .

+.Pp

+.Fn EVP_aes_128_cfb1 ,

+.Fn EVP_aes_192_cfb1 ,

+.Fn EVP_aes_256_cfb1 ,

+.Fn EVP_aes_128_cfb8 ,

+.Fn EVP_aes_192_cfb8 ,

+.Fn EVP_aes_256_cfb8 ,

+.Fn EVP_aes_128_cfb128 ,

+.Fn EVP_aes_192_cfb128 ,

+and

+.Fn EVP_aes_256_cfb128

+first appeared in OpenSSL 0.9.7e and have been available since

+.Ox 3.8 .

+.Pp

+.Fn EVP_aes_128_ctr ,

+.Fn EVP_aes_192_ctr ,

+.Fn EVP_aes_256_ctr ,

+.Fn EVP_aes_128_cbc_hmac_sha1 ,

+.Fn EVP_aes_256_cbc_hmac_sha1 ,

+.Fn EVP_aes_128_ccm ,

+.Fn EVP_aes_192_ccm ,

+.Fn EVP_aes_256_ccm ,

+.Fn EVP_aes_128_gcm ,

+.Fn EVP_aes_192_gcm ,

+.Fn EVP_aes_256_gcm ,

+.Fn EVP_aes_128_xts ,

+and

+.Fn EVP_aes_256_xts

+first appeared in OpenSSL 1.0.1 and have been available since

+.Ox 5.3 .

+.Pp

+.Fn EVP_aes_128_wrap ,

+.Fn EVP_aes_192_wrap ,

+and

+.Fn EVP_aes_256_wrap

+first appeared in OpenSSL 1.0.2 and have been available since

+.Ox 6.5 .

diff --git a/lib/libcrypto/man/Makefile b/lib/libcrypto/man/Makefile
index 79ada9713d1..884e5257ef5 100644
--- a/lib/libcrypto/man/Makefile
+++ b/lib/libcrypto/man/Makefile

@@ -1,4 +1,4 @@

-# $OpenBSD: Makefile,v 1.144 2019/03/18 05:56:24 schwarze Exp $

+# $OpenBSD: Makefile,v 1.145 2019/03/18 11:38:16 schwarze Exp $

.include <bsd.own.mk>

@@ -151,6 +151,7 @@ MAN= \

EVP_SealInit.3 \

EVP_SignInit.3 \

EVP_VerifyInit.3 \

+ EVP_aes_128_cbc.3 \

EVP_sm4_cbc.3 \

EXTENDED_KEY_USAGE_new.3 \

GENERAL_NAME_new.3 \

diff --git a/lib/libcrypto/man/evp.3 b/lib/libcrypto/man/evp.3
index a5a2a491645..6dbd884c72c 100644
--- a/lib/libcrypto/man/evp.3
+++ b/lib/libcrypto/man/evp.3

@@ -1,4 +1,4 @@

-.\" $OpenBSD: evp.3,v 1.6 2019/03/18 05:56:24 schwarze Exp $

+.\" $OpenBSD: evp.3,v 1.7 2019/03/18 11:38:16 schwarze Exp $

.\" OpenSSL a9c85cea Nov 11 09:33:55 2016 +0100

.\"

.\" This file was written by Ulf Moeller <ulf@openssl.org>,

@@ -182,6 +182,7 @@ operations are more efficient using the high level interfaces.

.Sh SEE ALSO

.Xr ENGINE_register_RSA 3 ,

.Xr EVP_AEAD_CTX_init 3 ,

+.Xr EVP_aes_128_cbc 3 ,

.Xr EVP_BytesToKey 3 ,

.Xr EVP_DigestInit 3 ,

.Xr EVP_DigestSignInit 3 ,