Lines Matching full:cipher

105 - EVP cipher routines
115  int EVP_CIPHER_up_ref(EVP_CIPHER *cipher);
116  void EVP_CIPHER_free(EVP_CIPHER *cipher);
146  int EVP_CipherInit_SKEY(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,
168  int EVP_CIPHER_can_pipeline(const EVP_CIPHER *cipher, int enc);
170                                    const EVP_CIPHER *cipher,
175                                    const EVP_CIPHER *cipher,
200  int EVP_CIPHER_is_a(const EVP_CIPHER *cipher, const char *name);
201  int EVP_CIPHER_names_do_all(const EVP_CIPHER *cipher,
204  const char *EVP_CIPHER_get0_name(const EVP_CIPHER *cipher);
205  const char *EVP_CIPHER_get0_description(const EVP_CIPHER *cipher);
206  const OSSL_PROVIDER *EVP_CIPHER_get0_provider(const EVP_CIPHER *cipher);
212  int EVP_CIPHER_get_type(const EVP_CIPHER *cipher);
219  int EVP_CIPHER_get_params(EVP_CIPHER *cipher, OSSL_PARAM params[]);
222  const OSSL_PARAM *EVP_CIPHER_gettable_params(const EVP_CIPHER *cipher);
223  const OSSL_PARAM *EVP_CIPHER_settable_ctx_params(const EVP_CIPHER *cipher);
224  const OSSL_PARAM *EVP_CIPHER_gettable_ctx_params(const EVP_CIPHER *cipher);
243                                  void (*fn)(EVP_CIPHER *cipher, void *arg),
278 The EVP cipher routines are a high-level interface to certain
281 The B<EVP_CIPHER> type is a structure for cipher method implementation.
287 Fetches the cipher implementation for the given I<algorithm> from any provider
307 Allocates and returns a cipher context.
311 Clears all information from a cipher context and frees any allocated memory
313 after all operations using a cipher are complete so sensitive information does
318 Can be used to duplicate the cipher state from I<in>.  This is useful
324 Can be used to copy the cipher state from I<in> to I<out>.
332 Performs cipher-specific control actions on context I<ctx>. The control command
335 may apply depending on the control type and cipher implementation.
347 Retrieves the requested list of algorithm I<params> from a CIPHER I<cipher>.
352 Retrieves the requested list of I<params> from CIPHER context I<ctx>.
357 Sets the list of I<params> into a CIPHER context I<ctx>.
383 Sets up cipher context I<ctx> for encryption with cipher I<type>. I<ctx> B<MUST NOT> be NULL.
388 on the cipher. The parameters I<params> will be set on the context after
391 which have I<type> set to NULL. This is done when the default cipher parameters
419 For wrap cipher modes, the amount of data written can be anything
432 one cipher block. The number of bytes written is placed in I<outl>. After
463 Clears all information from a cipher context and free up any allocated memory
471 EVP_CipherInit_ex() except if the I<type> is not a fetched cipher they use the
486 For legacy ciphers - If the cipher doesn't have the flag
488 EVP_CIPHER_get_block_size().  If it isn't, the result is undefined.  If the cipher
498 cipher pipelining. If the cipher supports pipelining, it returns 1, otherwise 0.
502 Cipher pipelining support allows an application to submit multiple chunks of
516 cipher supports pipelining. These functions are analogous to
542 Returns an B<EVP_CIPHER> structure when passed a cipher name, a cipher B<NID> or
551 since it does not attempt to "fetch" an implementation of the cipher.
556 When the cipher objects returned by these functions are used (such as in a call
557 to EVP_EncryptInit_ex()) an implementation of the cipher will be implicitly
564 The cipher objects returned from these functions do not need to be freed with
569 Return the NID of a cipher when passed an B<EVP_CIPHER> or B<EVP_CIPHER_CTX>
572 nid is unknown or if the cipher has not been properly initialized via a call to
580 fetched cipher has been assigned to the I<ctx>. It is recommended to use
596 Return the key length of a cipher when passed an B<EVP_CIPHER> or
599 a given cipher, the value of EVP_CIPHER_CTX_get_key_length() may be different for
604 Sets the key length of the cipher context.
605 If the cipher is a fixed length cipher then attempting to set the key
610 Return the IV length of a cipher when passed an B<EVP_CIPHER> or
611 B<EVP_CIPHER_CTX>. It will return zero if the cipher does not use an IV, if
612 the cipher has not yet been initialized within the B<EVP_CIPHER_CTX>, or if the
613 passed cipher is NULL.  The constant B<EVP_MAX_IV_LENGTH> is the maximum IV
618 Returns the tag length of an AEAD cipher when passed a B<EVP_CIPHER_CTX>. It will
619 return zero if the cipher does not support a tag. It returns a default value if
624 Return the block size of a cipher when passed an B<EVP_CIPHER> or
627 A value of 0 is returned if, with B<EVP_CIPHER_get_block_size()>, the cipher
634 Return the type of the passed cipher or context. This "type" is the actual NID
635 of the cipher OBJECT IDENTIFIER and as such it ignores the cipher parameters
636 (40 bit RC2 and 128 bit RC2 have the same NID). If the cipher does not have an
642 Returns 1 if I<cipher> is an implementation of an algorithm that's identifiable
643 with I<name>, otherwise 0. If I<cipher> is a legacy cipher (it's the return
645 EVP_CIPHER_fetch()), only cipher names registered with the default library
650 Return the name of the passed cipher or context.  For fetched ciphers with
652 I<cipher> B<MUST NOT> be NULL.
656 Traverses all names for the I<cipher>, and calls I<fn> with each name and
661 Returns a description of the cipher, meant for display and human consumption.
662 The description is at the discretion of the cipher implementation.
677 Return the block cipher mode:
681 If the cipher is a stream cipher then EVP_CIPH_STREAM_CIPHER is returned.
685 Returns any flags associated with the cipher. See L</FLAGS>
690 Gets or sets the cipher specific "num" parameter for the associated I<ctx>.
705 Sets the AlgorithmIdentifier "parameter" based on the passed cipher. This will
706 typically include any parameters and an IV. The cipher IV (if any) must be set
707 when this call is made. This call should be made before the cipher is actually
709 This function may fail if the cipher does not have any ASN1 support, or if an
710 uninitialized cipher is passed to it.
714 Sets the cipher parameters based on an ASN1 AlgorithmIdentifier "parameter".
715 The precise effect depends on the cipher. In the case of B<RC2>, for example,
717 This function should be called after the base cipher type is set but before
721 possible for this function to fail if the cipher does not have any ASN1 support
727 Generates a random key of the appropriate length based on the cipher context.
755 Gets the mode for the associated cipher algorithm I<cipher>.
761 Gets the key length for the associated cipher algorithm I<cipher>.
766 Gets the IV length for the associated cipher algorithm I<cipher>.
771 Gets the block size for the associated cipher algorithm I<cipher>.
773 Note that the block size for a cipher may be different to the block size for
776 stream cipher), even though AES has a block size of 16.
781 Gets 1 if this is an AEAD cipher algorithm, otherwise it gets 0.
782 Use (EVP_CIPHER_get_flags(cipher) & EVP_CIPH_FLAG_AEAD_CIPHER) to retrieve the
787 Gets 1 if the cipher algorithm I<cipher> has a custom IV, otherwise it gets 0.
790 Use (EVP_CIPHER_get_flags(cipher) & EVP_CIPH_CUSTOM_IV) to retrieve the
795 Gets 1 if the cipher algorithm I<cipher> uses ciphertext stealing,
797 This is currently used to indicate that the cipher is a one shot that only
799 Use (EVP_CIPHER_get_flags(cipher) & EVP_CIPH_FLAG_CTS) to retrieve the
804 Gets 1 if the cipher algorithm I<cipher> supports interleaving of crypto blocks,
807 Use (EVP_CIPHER_get_flags(cipher) & EVP_CIPH_FLAG_TLS1_1_MULTIBLOCK) to retrieve the
812 Gets 1 if the cipher algorithm I<cipher> supports the gettable EVP_CIPHER_CTX
818 Gets 1 if the cipher algorithm I<cipher> implementation supports only
833 Gets or sets the padding mode for the cipher context I<ctx>.
839 Gets or sets the cipher specific "num" parameter for the cipher context I<ctx>.
846 Gets or sets the key length for the cipher context I<ctx>.
852 Gets or sets the AEAD tag for the associated cipher context I<ctx>.
857 Gets or sets the AEAD tag when using cipher pipelining. The pointer must 
864 Gets or sets the effective keybits used for a RC2 cipher.
869 Gets or sets the number of rounds to be used for a cipher.
870 This is used by the RC5 cipher.
874 Used to get the DER encoded AlgorithmIdentifier from the cipher
881 the cipher implementation.
892 Gets or sets the cipher text stealing mode. For all modes the output size is the
902 The NIST variant of cipher text stealing.
904 using a "AES-XXX-CBC" or "CAMELLIA-XXX-CBC" cipher otherwise the second last
905 cipher text block is a partial block.
910 using a "AES-XXX-CBC" or "CAMELLIA-XXX-CBC" cipher, otherwise it is the same as
915 The Kerberos5 variant of cipher text stealing which always swaps the last
916 cipher text block with the previous block (which may be a partial or full block
918 then this is equivalent to using a "AES-XXX-CBC" or "CAMELLIA-XXX-CBC" cipher.
929 cipher operation (either 4 or 8 records).
941 Gets the IV length for the cipher context I<ctx>.
947 Gets the IV used to initialize the associated cipher context I<ctx>.
952 Gets the updated pseudo-IV state for the associated cipher context, e.g.,
961 cipher context I<ctx>. This is currently only supported by DES and 3DES (which set
966 Gets the tag length to be used for an AEAD cipher for the associated cipher
974 tag for the associated cipher context I<ctx>.
989 Gets the maximum record length for a TLS1 multiblock cipher operation.
1005 This may be used after calling a cipher final operation such as
1012 This may be used by GCM ciphers after calling a cipher final operation such
1015 cipher initialisation call such as EVP_CipherInit_ex().
1032 Sets the speed option for the associated cipher context. This is only supported
1056 Sets TLSv1.2 AAD information for the associated cipher context I<ctx>.
1062 Sets the fixed portion of an IV for an AEAD cipher used in a TLS record
1063 encryption/ decryption for the associated cipher context.
1068 Setting a TLS fixed IV changes a cipher to encrypt/decrypt TLS records.
1074 cipher in use and will be defined in the RFC for the relevant ciphersuite.
1084 The cipher implementation should generate the explicit IV and write it to the
1101 Triggers a multiblock TLS1 encrypt operation for a TLS1 aware cipher that
1103 The cipher performs both the MAC and encrypt stages and constructs the record
1111 Supplies the data to encrypt for a TLS1 multiblock cipher operation.
1115 Sets the maximum send fragment size for a TLS1 multiblock cipher operation.
1121 Sets the authenticated additional data used by a TLS1 multiblock cipher operation.
1168 If required this parameter should be set early via an cipher encrypt init
1319 cipher handled wrapping.
1399 B<EVP_CIPH_FLAG_CUSTOM_CIPHER> is not set for the cipher, or if the cipher has
1403 AAD for an AEAD cipher, if the flag B<EVP_CIPH_FLAG_CUSTOM_CIPHER> is set for
1404 the cipher.
1406 EVP_CIPHER_can_pipeline() returns 1 if the cipher can be used in a pipeline, 0 otherwise.
1430 length, zero if the cipher does not use an IV and a negative value on error.
1432 EVP_CIPHER_CTX_get_tag_length() return the tag length or zero if the cipher
1436 cipher's OBJECT IDENTIFIER or NID_undef if it has no defined
1460 =head1 CIPHER LISTING
1471 Null cipher: does nothing.
1492 EVP_CipherUpdate() depends on the cipher used. Stream ciphers, such as ChaCha20
1600 the cipher text. Instead, it is stored as the tag within the EVP_CIPHER_CTX.
1604 This differs from RFC5297 in that the cipher output from encryption, and
1605 the cipher input to decryption, does not contain the SIV. This also means
1606 that the plain text and cipher text lengths are identical.
1670 transparent to the cipher used and much more flexible. Additionally, the
1860      EVP_CIPHER *cipher = NULL;
1864      cipher = EVP_CIPHER_fetch(NULL, "AES-256-CBC-CTS", NULL);
1865      if (ctx == NULL || cipher == NULL)
1876      if (!EVP_CipherInit_ex2(ctx, cipher, key, iv, encrypt, params))
1886      EVP_CIPHER_free(cipher);
1896 L<provider-cipher(7)>,
1897 L<life_cycle-cipher(7)>