summaryrefslogtreecommitdiff
path: root/lib/libcrypto
diff options
context:
space:
mode:
Diffstat (limited to 'lib/libcrypto')
-rw-r--r--lib/libcrypto/man/EVP_EncryptInit.346
-rw-r--r--lib/libcrypto/man/EVP_aes_128_cbc.329
2 files changed, 71 insertions, 4 deletions
diff --git a/lib/libcrypto/man/EVP_EncryptInit.3 b/lib/libcrypto/man/EVP_EncryptInit.3
index 10d30c4cf0c..bb2457d9e0a 100644
--- a/lib/libcrypto/man/EVP_EncryptInit.3
+++ b/lib/libcrypto/man/EVP_EncryptInit.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: EVP_EncryptInit.3,v 1.28 2019/03/18 11:38:16 schwarze Exp $
+.\" $OpenBSD: EVP_EncryptInit.3,v 1.29 2019/03/19 19:50:03 schwarze Exp $
.\" full merge up to: OpenSSL 5211e094 Nov 11 14:39:11 2014 -0800
.\" selective merge up to: OpenSSL 16cfc2c9 Mar 8 22:30:28 2018 +0100
.\"
@@ -51,7 +51,7 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd $Mdocdate: March 18 2019 $
+.Dd $Mdocdate: March 19 2019 $
.Dt EVP_ENCRYPTINIT 3
.Os
.Sh NAME
@@ -75,6 +75,9 @@
.Nm EVP_DecryptFinal ,
.Nm EVP_CipherInit ,
.Nm EVP_CipherFinal ,
+.Nm EVP_CIPHER_CTX_set_flags ,
+.Nm EVP_CIPHER_CTX_clear_flags ,
+.Nm EVP_CIPHER_CTX_test_flags ,
.Nm EVP_CIPHER_CTX_set_padding ,
.Nm EVP_CIPHER_CTX_set_key_length ,
.Nm EVP_CIPHER_CTX_ctrl ,
@@ -267,6 +270,21 @@
.Fa "unsigned char *outm"
.Fa "int *outl"
.Fc
+.Ft void
+.Fo EVP_CIPHER_CTX_set_flags
+.Fa "EVP_CIPHER_CTX *ctx"
+.Fa "int flags"
+.Fc
+.Ft void
+.Fo EVP_CIPHER_CTX_clear_flags
+.Fa "EVP_CIPHER_CTX *ctx"
+.Fa "int flags"
+.Fc
+.Ft int
+.Fo EVP_CIPHER_CTX_test_flags
+.Fa "EVP_CIPHER_CTX *ctx"
+.Fa "int flags"
+.Fc
.Ft int
.Fo EVP_CIPHER_CTX_set_padding
.Fa "EVP_CIPHER_CTX *x"
@@ -595,6 +613,30 @@ structure.
The actual NID value is an internal value which may not have a
corresponding OBJECT IDENTIFIER.
.Pp
+.Fn EVP_CIPHER_CTX_set_flags
+enables the given
+.Fa flags
+in
+.Fa ctx .
+.Fn EVP_CIPHER_CTX_clear_flags
+disables the given
+.Fa flags
+in
+.Fa ctx .
+.Fn EVP_CIPHER_CTX_test_flags
+checks whether any of the given
+.Fa flags
+are currently set in
+.Fa ctx ,
+returning the subset of the
+.Fa flags
+that are set, or 0 if none of them are set.
+Currently, the only supported cipher context flag is
+.Dv EVP_CIPHER_CTX_FLAG_WRAP_ALLOW ;
+see
+.Xr EVP_aes_128_wrap 3
+for details.
+.Pp
.Fn EVP_CIPHER_CTX_set_padding
enables or disables padding.
This function should be called after the context is set up for
diff --git a/lib/libcrypto/man/EVP_aes_128_cbc.3 b/lib/libcrypto/man/EVP_aes_128_cbc.3
index 8c01f07f55e..be8e5ff75bf 100644
--- a/lib/libcrypto/man/EVP_aes_128_cbc.3
+++ b/lib/libcrypto/man/EVP_aes_128_cbc.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: EVP_aes_128_cbc.3,v 1.1 2019/03/18 11:38:16 schwarze Exp $
+.\" $OpenBSD: EVP_aes_128_cbc.3,v 1.2 2019/03/19 19:50:03 schwarze Exp $
.\" selective merge up to: OpenSSL 7c6d372a Nov 20 13:20:01 2018 +0000
.\"
.\" This file was written by Ronald Tse <ronald.tse@ribose.com>
@@ -48,7 +48,7 @@
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.Dd $Mdocdate: March 18 2019 $
+.Dd $Mdocdate: March 19 2019 $
.Dt EVP_AES_128_CBC 3
.Os
.Sh NAME
@@ -237,6 +237,31 @@ and
.Fn EVP_aes_256_wrap
provide AES key wrap with 128, 192 and 256 bit keys
according to RFC 3394 section 2.2.1 ("wrap").
+When the returned
+.Vt EVP_CIPHER
+object is later passed to
+.Xr EVP_CipherInit_ex 3 ,
+.Xr EVP_EncryptInit_ex 3 ,
+or
+.Xr EVP_DecryptInit_ex 3
+together with an
+.Vt EVP_CIPHER_CTX
+object, the flag
+.Dv EVP_CIPHER_CTX_FLAG_WRAP_ALLOW
+must have been set in the
+.Vt EVP_CIPHER_CTX
+using
+.Xr EVP_CIPHER_CTX_set_flags 3 .
+Otherwise, or when passing the returned
+.Vt EVP_CIPHER
+object to
+.Xr EVP_CipherInit 3 ,
+.Xr EVP_EncryptInit 3 ,
+or
+.Xr EVP_DecryptInit 3 ,
+initialization fails with a
+.Dq wrap not allowed
+error.
.Pp
.Fn EVP_aes_128_xts
and