diff options
Diffstat (limited to 'lib/libcrypto/man')
-rw-r--r-- | lib/libcrypto/man/EVP_EncryptInit.3 | 46 | ||||
-rw-r--r-- | lib/libcrypto/man/EVP_aes_128_cbc.3 | 29 |
2 files changed, 71 insertions, 4 deletions
diff --git a/lib/libcrypto/man/EVP_EncryptInit.3 b/lib/libcrypto/man/EVP_EncryptInit.3 index 10d30c4cf0c..bb2457d9e0a 100644 --- a/lib/libcrypto/man/EVP_EncryptInit.3 +++ b/lib/libcrypto/man/EVP_EncryptInit.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: EVP_EncryptInit.3,v 1.28 2019/03/18 11:38:16 schwarze Exp $ +.\" $OpenBSD: EVP_EncryptInit.3,v 1.29 2019/03/19 19:50:03 schwarze Exp $ .\" full merge up to: OpenSSL 5211e094 Nov 11 14:39:11 2014 -0800 .\" selective merge up to: OpenSSL 16cfc2c9 Mar 8 22:30:28 2018 +0100 .\" @@ -51,7 +51,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: March 18 2019 $ +.Dd $Mdocdate: March 19 2019 $ .Dt EVP_ENCRYPTINIT 3 .Os .Sh NAME @@ -75,6 +75,9 @@ .Nm EVP_DecryptFinal , .Nm EVP_CipherInit , .Nm EVP_CipherFinal , +.Nm EVP_CIPHER_CTX_set_flags , +.Nm EVP_CIPHER_CTX_clear_flags , +.Nm EVP_CIPHER_CTX_test_flags , .Nm EVP_CIPHER_CTX_set_padding , .Nm EVP_CIPHER_CTX_set_key_length , .Nm EVP_CIPHER_CTX_ctrl , @@ -267,6 +270,21 @@ .Fa "unsigned char *outm" .Fa "int *outl" .Fc +.Ft void +.Fo EVP_CIPHER_CTX_set_flags +.Fa "EVP_CIPHER_CTX *ctx" +.Fa "int flags" +.Fc +.Ft void +.Fo EVP_CIPHER_CTX_clear_flags +.Fa "EVP_CIPHER_CTX *ctx" +.Fa "int flags" +.Fc +.Ft int +.Fo EVP_CIPHER_CTX_test_flags +.Fa "EVP_CIPHER_CTX *ctx" +.Fa "int flags" +.Fc .Ft int .Fo EVP_CIPHER_CTX_set_padding .Fa "EVP_CIPHER_CTX *x" @@ -595,6 +613,30 @@ structure. The actual NID value is an internal value which may not have a corresponding OBJECT IDENTIFIER. .Pp +.Fn EVP_CIPHER_CTX_set_flags +enables the given +.Fa flags +in +.Fa ctx . +.Fn EVP_CIPHER_CTX_clear_flags +disables the given +.Fa flags +in +.Fa ctx . +.Fn EVP_CIPHER_CTX_test_flags +checks whether any of the given +.Fa flags +are currently set in +.Fa ctx , +returning the subset of the +.Fa flags +that are set, or 0 if none of them are set. +Currently, the only supported cipher context flag is +.Dv EVP_CIPHER_CTX_FLAG_WRAP_ALLOW ; +see +.Xr EVP_aes_128_wrap 3 +for details. +.Pp .Fn EVP_CIPHER_CTX_set_padding enables or disables padding. This function should be called after the context is set up for diff --git a/lib/libcrypto/man/EVP_aes_128_cbc.3 b/lib/libcrypto/man/EVP_aes_128_cbc.3 index 8c01f07f55e..be8e5ff75bf 100644 --- a/lib/libcrypto/man/EVP_aes_128_cbc.3 +++ b/lib/libcrypto/man/EVP_aes_128_cbc.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: EVP_aes_128_cbc.3,v 1.1 2019/03/18 11:38:16 schwarze Exp $ +.\" $OpenBSD: EVP_aes_128_cbc.3,v 1.2 2019/03/19 19:50:03 schwarze Exp $ .\" selective merge up to: OpenSSL 7c6d372a Nov 20 13:20:01 2018 +0000 .\" .\" This file was written by Ronald Tse <ronald.tse@ribose.com> @@ -48,7 +48,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: March 18 2019 $ +.Dd $Mdocdate: March 19 2019 $ .Dt EVP_AES_128_CBC 3 .Os .Sh NAME @@ -237,6 +237,31 @@ and .Fn EVP_aes_256_wrap provide AES key wrap with 128, 192 and 256 bit keys according to RFC 3394 section 2.2.1 ("wrap"). +When the returned +.Vt EVP_CIPHER +object is later passed to +.Xr EVP_CipherInit_ex 3 , +.Xr EVP_EncryptInit_ex 3 , +or +.Xr EVP_DecryptInit_ex 3 +together with an +.Vt EVP_CIPHER_CTX +object, the flag +.Dv EVP_CIPHER_CTX_FLAG_WRAP_ALLOW +must have been set in the +.Vt EVP_CIPHER_CTX +using +.Xr EVP_CIPHER_CTX_set_flags 3 . +Otherwise, or when passing the returned +.Vt EVP_CIPHER +object to +.Xr EVP_CipherInit 3 , +.Xr EVP_EncryptInit 3 , +or +.Xr EVP_DecryptInit 3 , +initialization fails with a +.Dq wrap not allowed +error. .Pp .Fn EVP_aes_128_xts and |