diff options
Diffstat (limited to 'lib/libcrypto')
| -rw-r--r-- | lib/libcrypto/doc/EVP_EncryptInit.pod | 16 | ||||
| -rw-r--r-- | lib/libcrypto/doc/EVP_SealInit.pod | 2 | ||||
| -rw-r--r-- | lib/libcrypto/doc/PKCS7_encrypt.pod | 7 |
3 files changed, 15 insertions, 10 deletions
diff --git a/lib/libcrypto/doc/EVP_EncryptInit.pod b/lib/libcrypto/doc/EVP_EncryptInit.pod index d42445cf104..a876ac789cf 100644 --- a/lib/libcrypto/doc/EVP_EncryptInit.pod +++ b/lib/libcrypto/doc/EVP_EncryptInit.pod @@ -101,7 +101,7 @@ EVP_CIPHER_CTX_init() initializes cipher contex B<ctx>. EVP_EncryptInit_ex() sets up cipher context B<ctx> for encryption with cipher B<type> from ENGINE B<impl>. B<ctx> must be initialized before calling this function. B<type> is normally supplied -by a function such as EVP_des_cbc(). If B<impl> is NULL then the +by a function such as EVP_aes_256_cbc(). If B<impl> is NULL then the default implementation is used. B<key> is the symmetric key to use and B<iv> is the IV to use (if necessary), the actual number of bytes used for the key and IV depends on the cipher. It is possible to set @@ -279,10 +279,22 @@ All algorithms have a fixed key length unless otherwise stated. =over 4 -=item EVP_enc_null() +=item EVP_enc_null(void) Null cipher: does nothing. +=item EVP_aes_128_cbc(void), EVP_aes_128_ecb(void), EVP_aes_128_cfb(void), EVP_aes_128_ofb(void) + +128-bit AES in CBC, ECB, CFB and OFB modes respectively. + +=item EVP_aes_192_cbc(void), EVP_aes_192_ecb(void), EVP_aes_192_cfb(void), EVP_aes_192_ofb(void) + +192-bit AES in CBC, ECB, CFB and OFB modes respectively. + +=item EVP_aes_256_cbc(void), EVP_aes_256_ecb(void), EVP_aes_256_cfb(void), EVP_aes_256_ofb(void) + +256-bit AES in CBC, ECB, CFB and OFB modes respectively. + =item EVP_des_cbc(void), EVP_des_ecb(void), EVP_des_cfb(void), EVP_des_ofb(void) DES in CBC, ECB, CFB and OFB modes respectively. diff --git a/lib/libcrypto/doc/EVP_SealInit.pod b/lib/libcrypto/doc/EVP_SealInit.pod index ff73a04fd96..76eebb72a97 100644 --- a/lib/libcrypto/doc/EVP_SealInit.pod +++ b/lib/libcrypto/doc/EVP_SealInit.pod @@ -25,7 +25,7 @@ encrypted using this key. EVP_SealInit() initializes a cipher context B<ctx> for encryption with cipher B<type> using a random secret key and IV. B<type> is normally -supplied by a function such as EVP_des_cbc(). The secret key is encrypted +supplied by a function such as EVP_aes_256_cbc(). The secret key is encrypted using one or more public keys, this allows the same encrypted data to be decrypted using any of the corresponding private keys. B<ek> is an array of buffers where the public key encrypted secret key will be written, each buffer diff --git a/lib/libcrypto/doc/PKCS7_encrypt.pod b/lib/libcrypto/doc/PKCS7_encrypt.pod index e2066843846..8bc77407b9e 100644 --- a/lib/libcrypto/doc/PKCS7_encrypt.pod +++ b/lib/libcrypto/doc/PKCS7_encrypt.pod @@ -22,13 +22,6 @@ Only RSA keys are supported in PKCS#7 and envelopedData so the recipient certificates supplied to this function must all contain RSA public keys, though they do not have to be signed using the RSA algorithm. -EVP_des_ede3_cbc() (triple DES) is the algorithm of choice for S/MIME use -because most clients will support it. - -Some old "export grade" clients may only support weak encryption using 40 or 64 -bit RC2. These can be used by passing EVP_rc2_40_cbc() and EVP_rc2_64_cbc() -respectively. - The algorithm passed in the B<cipher> parameter must support ASN1 encoding of its parameters. |