113d40330Schristos=pod 213d40330Schristos 313d40330Schristos=head1 NAME 413d40330Schristos 513d40330SchristosEVP_OpenInit, EVP_OpenUpdate, EVP_OpenFinal - EVP envelope decryption 613d40330Schristos 713d40330Schristos=head1 SYNOPSIS 813d40330Schristos 913d40330Schristos #include <openssl/evp.h> 1013d40330Schristos 1113d40330Schristos int EVP_OpenInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char *ek, 1213d40330Schristos int ekl, unsigned char *iv, EVP_PKEY *priv); 1313d40330Schristos int EVP_OpenUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, 1413d40330Schristos int *outl, unsigned char *in, int inl); 1513d40330Schristos int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl); 1613d40330Schristos 1713d40330Schristos=head1 DESCRIPTION 1813d40330Schristos 19f30e0929SchristosThe EVP envelope routines are a high-level interface to envelope 2013d40330Schristosdecryption. They decrypt a public key encrypted symmetric key and 2113d40330Schristosthen decrypt data using it. 2213d40330Schristos 2313d40330SchristosEVP_OpenInit() initializes a cipher context B<ctx> for decryption 2413d40330Schristoswith cipher B<type>. It decrypts the encrypted symmetric key of length 2513d40330SchristosB<ekl> bytes passed in the B<ek> parameter using the private key B<priv>. 2613d40330SchristosThe IV is supplied in the B<iv> parameter. 2713d40330Schristos 2813d40330SchristosEVP_OpenUpdate() and EVP_OpenFinal() have exactly the same properties 2913d40330Schristosas the EVP_DecryptUpdate() and EVP_DecryptFinal() routines, as 3013d40330Schristosdocumented on the L<EVP_EncryptInit(3)> manual 3113d40330Schristospage. 3213d40330Schristos 3313d40330Schristos=head1 NOTES 3413d40330Schristos 3513d40330SchristosIt is possible to call EVP_OpenInit() twice in the same way as 3613d40330SchristosEVP_DecryptInit(). The first call should have B<priv> set to NULL 3713d40330Schristosand (after setting any cipher parameters) it should be called again 3813d40330Schristoswith B<type> set to NULL. 3913d40330Schristos 4013d40330SchristosIf the cipher passed in the B<type> parameter is a variable length 4113d40330Schristoscipher then the key length will be set to the value of the recovered 4213d40330Schristoskey length. If the cipher is a fixed length cipher then the recovered 4313d40330Schristoskey length must match the fixed cipher length. 4413d40330Schristos 4513d40330Schristos=head1 RETURN VALUES 4613d40330Schristos 4713d40330SchristosEVP_OpenInit() returns 0 on error or a non zero integer (actually the 4813d40330Schristosrecovered secret key size) if successful. 4913d40330Schristos 5013d40330SchristosEVP_OpenUpdate() returns 1 for success or 0 for failure. 5113d40330Schristos 5213d40330SchristosEVP_OpenFinal() returns 0 if the decrypt failed or 1 for success. 5313d40330Schristos 5413d40330Schristos=head1 SEE ALSO 5513d40330Schristos 5613d40330SchristosL<evp(7)>, L<RAND_bytes(3)>, 5713d40330SchristosL<EVP_EncryptInit(3)>, 5813d40330SchristosL<EVP_SealInit(3)> 5913d40330Schristos 6013d40330Schristos=head1 COPYRIGHT 6113d40330Schristos 62f30e0929SchristosCopyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved. 6313d40330Schristos 64*b0d17251SchristosLicensed under the Apache License 2.0 (the "License"). You may not use 6513d40330Schristosthis file except in compliance with the License. You can obtain a copy 6613d40330Schristosin the file LICENSE in the source distribution or at 6713d40330SchristosL<https://www.openssl.org/source/license.html>. 6813d40330Schristos 6913d40330Schristos=cut 70