1e71b7053SJung-uk Kim=pod 2e71b7053SJung-uk Kim 3e71b7053SJung-uk Kim=head1 NAME 4e71b7053SJung-uk Kim 5e71b7053SJung-uk KimEVP_OpenInit, EVP_OpenUpdate, EVP_OpenFinal - EVP envelope decryption 6e71b7053SJung-uk Kim 7e71b7053SJung-uk Kim=head1 SYNOPSIS 8e71b7053SJung-uk Kim 9e71b7053SJung-uk Kim #include <openssl/evp.h> 10e71b7053SJung-uk Kim 11e71b7053SJung-uk Kim int EVP_OpenInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char *ek, 12e71b7053SJung-uk Kim int ekl, unsigned char *iv, EVP_PKEY *priv); 13e71b7053SJung-uk Kim int EVP_OpenUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, 14e71b7053SJung-uk Kim int *outl, unsigned char *in, int inl); 15e71b7053SJung-uk Kim int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl); 16e71b7053SJung-uk Kim 17e71b7053SJung-uk Kim=head1 DESCRIPTION 18e71b7053SJung-uk Kim 1958f35182SJung-uk KimThe EVP envelope routines are a high-level interface to envelope 20e71b7053SJung-uk Kimdecryption. They decrypt a public key encrypted symmetric key and 21e71b7053SJung-uk Kimthen decrypt data using it. 22e71b7053SJung-uk Kim 23e71b7053SJung-uk KimEVP_OpenInit() initializes a cipher context B<ctx> for decryption 24e71b7053SJung-uk Kimwith cipher B<type>. It decrypts the encrypted symmetric key of length 25e71b7053SJung-uk KimB<ekl> bytes passed in the B<ek> parameter using the private key B<priv>. 26e71b7053SJung-uk KimThe IV is supplied in the B<iv> parameter. 27e71b7053SJung-uk Kim 28e71b7053SJung-uk KimEVP_OpenUpdate() and EVP_OpenFinal() have exactly the same properties 29e71b7053SJung-uk Kimas the EVP_DecryptUpdate() and EVP_DecryptFinal() routines, as 30e71b7053SJung-uk Kimdocumented on the L<EVP_EncryptInit(3)> manual 31e71b7053SJung-uk Kimpage. 32e71b7053SJung-uk Kim 33e71b7053SJung-uk Kim=head1 NOTES 34e71b7053SJung-uk Kim 35e71b7053SJung-uk KimIt is possible to call EVP_OpenInit() twice in the same way as 36e71b7053SJung-uk KimEVP_DecryptInit(). The first call should have B<priv> set to NULL 37e71b7053SJung-uk Kimand (after setting any cipher parameters) it should be called again 38e71b7053SJung-uk Kimwith B<type> set to NULL. 39e71b7053SJung-uk Kim 40e71b7053SJung-uk KimIf the cipher passed in the B<type> parameter is a variable length 41e71b7053SJung-uk Kimcipher then the key length will be set to the value of the recovered 42e71b7053SJung-uk Kimkey length. If the cipher is a fixed length cipher then the recovered 43e71b7053SJung-uk Kimkey length must match the fixed cipher length. 44e71b7053SJung-uk Kim 45e71b7053SJung-uk Kim=head1 RETURN VALUES 46e71b7053SJung-uk Kim 47e71b7053SJung-uk KimEVP_OpenInit() returns 0 on error or a non zero integer (actually the 48e71b7053SJung-uk Kimrecovered secret key size) if successful. 49e71b7053SJung-uk Kim 50e71b7053SJung-uk KimEVP_OpenUpdate() returns 1 for success or 0 for failure. 51e71b7053SJung-uk Kim 52e71b7053SJung-uk KimEVP_OpenFinal() returns 0 if the decrypt failed or 1 for success. 53e71b7053SJung-uk Kim 54e71b7053SJung-uk Kim=head1 SEE ALSO 55e71b7053SJung-uk Kim 56e71b7053SJung-uk KimL<evp(7)>, L<RAND_bytes(3)>, 57e71b7053SJung-uk KimL<EVP_EncryptInit(3)>, 58e71b7053SJung-uk KimL<EVP_SealInit(3)> 59e71b7053SJung-uk Kim 60e71b7053SJung-uk Kim=head1 COPYRIGHT 61e71b7053SJung-uk Kim 6258f35182SJung-uk KimCopyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. 63e71b7053SJung-uk Kim 64*b077aed3SPierre ProncheryLicensed under the Apache License 2.0 (the "License"). You may not use 65e71b7053SJung-uk Kimthis file except in compliance with the License. You can obtain a copy 66e71b7053SJung-uk Kimin the file LICENSE in the source distribution or at 67e71b7053SJung-uk KimL<https://www.openssl.org/source/license.html>. 68e71b7053SJung-uk Kim 69e71b7053SJung-uk Kim=cut 70