diff options
author | Jung-uk Kim <jkim@FreeBSD.org> | 2015-10-30 20:51:33 +0000 |
---|---|---|
committer | Jung-uk Kim <jkim@FreeBSD.org> | 2015-10-30 20:51:33 +0000 |
commit | 7bded2db17780f5b59bc532689d8a9541f06901e (patch) | |
tree | e8d8b5ada49f5cdbf70d1e455c13f2625fdcdd45 /secure/lib/libcrypto/man/evp.3 | |
parent | 50657fd342bcf1886e5b6d2c74605bbdd6b91bed (diff) | |
parent | e9fcefce9bb70f20c272a996443928c5f6ab8cd8 (diff) | |
download | src-7bded2db17780f5b59bc532689d8a9541f06901e.tar.gz src-7bded2db17780f5b59bc532689d8a9541f06901e.zip |
Merge OpenSSL 1.0.2d.
Notes
Notes:
svn path=/head/; revision=290207
Diffstat (limited to 'secure/lib/libcrypto/man/evp.3')
-rw-r--r-- | secure/lib/libcrypto/man/evp.3 | 49 |
1 files changed, 43 insertions, 6 deletions
diff --git a/secure/lib/libcrypto/man/evp.3 b/secure/lib/libcrypto/man/evp.3 index a7cb86a8d6f4..69c9fdfc4467 100644 --- a/secure/lib/libcrypto/man/evp.3 +++ b/secure/lib/libcrypto/man/evp.3 @@ -133,7 +133,7 @@ .\" ======================================================================== .\" .IX Title "evp 3" -.TH evp 3 "2015-07-09" "1.0.1p" "OpenSSL" +.TH evp 3 "2015-07-09" "1.0.2d" "OpenSSL" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -150,17 +150,42 @@ evp \- high\-level cryptographic functions The \s-1EVP\s0 library provides a high-level interface to cryptographic functions. .PP -\&\fBEVP_Seal\fR\fI...\fR and \fBEVP_Open\fR\fI...\fR provide public key encryption -and decryption to implement digital \*(L"envelopes\*(R". +\&\fBEVP_Seal\fR\fI...\fR and \fBEVP_Open\fR\fI...\fR +provide public key encryption and decryption to implement digital \*(L"envelopes\*(R". .PP -The \fBEVP_Sign\fR\fI...\fR and \fBEVP_Verify\fR\fI...\fR functions implement -digital signatures. +The \fBEVP_DigestSign\fR\fI...\fR and +\&\fBEVP_DigestVerify\fR\fI...\fR functions implement +digital signatures and Message Authentication Codes (MACs). Also see the older +\&\fBEVP_Sign\fR\fI...\fR and \fBEVP_Verify\fR\fI...\fR +functions. .PP Symmetric encryption is available with the \fBEVP_Encrypt\fR\fI...\fR functions. The \fBEVP_Digest\fR\fI...\fR functions provide message digests. .PP The \fB\s-1EVP_PKEY\s0\fR\fI...\fR functions provide a high level interface to -asymmetric algorithms. +asymmetric algorithms. To create a new \s-1EVP_PKEY\s0 see +\&\fIEVP_PKEY_new\fR\|(3). EVP_PKEYs can be associated +with a private key of a particular algorithm by using the functions +described on the \fIEVP_PKEY_set1_RSA\fR\|(3) page, or +new keys can be generated using \fIEVP_PKEY_keygen\fR\|(3). +EVP_PKEYs can be compared using \fIEVP_PKEY_cmp\fR\|(3), or printed using +\&\fIEVP_PKEY_print_private\fR\|(3). +.PP +The \s-1EVP_PKEY\s0 functions support the full range of asymmetric algorithm operations: +.IP "For key agreement see \fIEVP_PKEY_derive\fR\|(3)" 4 +.IX Item "For key agreement see EVP_PKEY_derive" +.PD 0 +.IP "For signing and verifying see \fIEVP_PKEY_sign\fR\|(3), \fIEVP_PKEY_verify\fR\|(3) and \fIEVP_PKEY_verify_recover\fR\|(3). However, note that these functions do not perform a digest of the data to be signed. Therefore normally you would use the \fBEVP_DigestSign\fR\fI...\fR functions for this purpose." 4 +.IX Item "For signing and verifying see EVP_PKEY_sign, EVP_PKEY_verify and EVP_PKEY_verify_recover. However, note that these functions do not perform a digest of the data to be signed. Therefore normally you would use the EVP_DigestSign... functions for this purpose." +.ie n .IP "For encryption and decryption see \fIEVP_PKEY_encrypt\fR\|(3) and \fIEVP_PKEY_decrypt\fR\|(3) respectively. However, note that these functions perform encryption and decryption only. As public key encryption is an expensive operation, normally you would wrap an encrypted message in a ""digital envelope"" using the \fBEVP_Seal\fR\fI...\fR and \fBEVP_Open\fR\fI...\fR functions." 4 +.el .IP "For encryption and decryption see \fIEVP_PKEY_encrypt\fR\|(3) and \fIEVP_PKEY_decrypt\fR\|(3) respectively. However, note that these functions perform encryption and decryption only. As public key encryption is an expensive operation, normally you would wrap an encrypted message in a ``digital envelope'' using the \fBEVP_Seal\fR\fI...\fR and \fBEVP_Open\fR\fI...\fR functions." 4 +.IX Item "For encryption and decryption see EVP_PKEY_encrypt and EVP_PKEY_decrypt respectively. However, note that these functions perform encryption and decryption only. As public key encryption is an expensive operation, normally you would wrap an encrypted message in a digital envelope using the EVP_Seal... and EVP_Open... functions." +.PD +.PP +The \fIEVP_BytesToKey\fR\|(3) function provides some limited support for password +based encryption. Careful selection of the parameters will provide a PKCS#5 \s-1PBKDF1\s0 compatible +implementation. However, new applications should not typically use this (preferring, for example, +\&\s-1PBKDF2\s0 from PCKS#5). .PP Algorithms are loaded with \fIOpenSSL_add_all_algorithms\fR\|(3). .PP @@ -183,7 +208,19 @@ using the high level interface. \&\fIEVP_EncryptInit\fR\|(3), \&\fIEVP_OpenInit\fR\|(3), \&\fIEVP_SealInit\fR\|(3), +\&\fIEVP_DigestSignInit\fR\|(3), \&\fIEVP_SignInit\fR\|(3), \&\fIEVP_VerifyInit\fR\|(3), +\&\fIEVP_PKEY_new\fR\|(3), +\&\fIEVP_PKEY_set1_RSA\fR\|(3), +\&\fIEVP_PKEY_keygen\fR\|(3), +\&\fIEVP_PKEY_print_private\fR\|(3), +\&\fIEVP_PKEY_decrypt\fR\|(3), +\&\fIEVP_PKEY_encrypt\fR\|(3), +\&\fIEVP_PKEY_sign\fR\|(3), +\&\fIEVP_PKEY_verify\fR\|(3), +\&\fIEVP_PKEY_verify_recover\fR\|(3), +\&\fIEVP_PKEY_derive\fR\|(3), +\&\fIEVP_BytesToKey\fR\|(3), \&\fIOpenSSL_add_all_algorithms\fR\|(3), \&\fIengine\fR\|(3) |