EVP_PBE_CIPHERINIT
Section: OpenSSL (3SSL)
Updated: 2024-03-03
Index
Return to Main Contents
NAME
EVP_PBE_CipherInit, EVP_PBE_CipherInit_ex,
EVP_PBE_find, EVP_PBE_find_ex,
EVP_PBE_alg_add_type, EVP_PBE_alg_add - Password based encryption routines
SYNOPSIS
#include <openssl/evp.h>
int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de);
int EVP_PBE_CipherInit_ex(ASN1_OBJECT *pbe_obj, const char *pass, int passlen,
ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de,
OSSL_LIB_CTX *libctx, const char *propq);
int EVP_PBE_find(int type, int pbe_nid, int *pcnid, int *pmnid,
EVP_PBE_KEYGEN **pkeygen);
int EVP_PBE_find_ex(int type, int pbe_nid, int *pcnid, int *pmnid,
EVP_PBE_KEYGEN **pkeygen, EVP_PBE_KEYGEN_EX **keygen_ex);
int EVP_PBE_alg_add_type(int pbe_type, int pbe_nid, int cipher_nid,
int md_nid, EVP_PBE_KEYGEN *keygen);
int EVP_PBE_alg_add(int nid, const EVP_CIPHER *cipher, const EVP_MD *md,
EVP_PBE_KEYGEN *keygen);
DESCRIPTION
PBE operations
EVP_PBE_CipherInit() and EVP_PBE_CipherInit_ex() initialise an EVP_CIPHER_CTX
ctx for encryption (en_de=1) or decryption (en_de=0) using the password
pass of length passlen. The PBE algorithm type and parameters are extracted
from an OID pbe_obj and parameters param.
EVP_PBE_CipherInit_ex() also allows the application to specify a library context
libctx and property query propq to select appropriate algorithm
implementations.
PBE algorithm search
EVP_PBE_find() and EVP_PBE_find_ex() search for a matching algorithm using two parameters:
1. An algorithm type type which can be:
- •
-
EVP_PBE_TYPE_OUTER - A PBE algorithm
- •
-
EVP_PBE_TYPE_PRF - A pseudo-random function
- •
-
EVP_PBE_TYPE_KDF - A key derivation function
2. A pbe_nid which can represent the algorithm identifier with parameters e.g.
NID_pbeWithSHA1AndRC2_CBC or an algorithm class e.g. NID_pbes2.
They return the algorithm's cipher ID pcnid, digest ID pmnid and a key
generation function for the algorithm pkeygen. EVP_PBE_CipherInit_ex() also
returns an extended key generation function keygen_ex which takes a library
context and property query.
If a NULL is supplied for any of pcnid, pmnid, pkeygen or pkeygen_ex
then this parameter is not returned.
PBE algorithm add
EVP_PBE_alg_add_type() and EVP_PBE_alg_add() add an algorithm to the list
of known algorithms. Their parameters have the same meaning as for
EVP_PBE_find() and EVP_PBE_find_ex() functions.
NOTES
The arguments pbe_obj and param to EVP_PBE_CipherInit() and EVP_PBE_CipherInit_ex()
together form an X509_ALGOR and can often be extracted directly from this structure.
RETURN VALUES
Return value is 1 for success and 0 if an error occurred.
SEE ALSO
PKCS5_PBE_keyivgen(3),
PKCS12_PBE_keyivgen_ex(3),
PKCS5_v2_PBE_keyivgen_ex(3),
PKCS12_pbe_crypt_ex(3),
PKCS12_create_ex(3)
HISTORY
EVP_PBE_CipherInit_ex() and EVP_PBE_find_ex() were added in OpenSSL 3.0.
COPYRIGHT
Copyright 2021-2022 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the ``License''). You may not use
this file except in compliance with the License. You can obtain a copy
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.
Index
- NAME
-
- SYNOPSIS
-
- DESCRIPTION
-
- PBE operations
-
- PBE algorithm search
-
- PBE algorithm add
-
- NOTES
-
- RETURN VALUES
-
- SEE ALSO
-
- HISTORY
-
- COPYRIGHT
-
This document was created by
man2html,
using the manual pages.
Time: 14:20:33 GMT, May 19, 2024