1.\" $OpenBSD: crypto.3,v 1.29 2023/05/01 07:37:45 tb Exp $ 2.\" OpenSSL a9c85cea Nov 11 09:33:55 2016 +0100 3.\" 4.\" This file is a derived work. 5.\" The changes are covered by the following Copyright and license: 6.\" 7.\" Copyright (c) 2021 Ingo Schwarze <schwarze@openbsd.org> 8.\" 9.\" Permission to use, copy, modify, and distribute this software for any 10.\" purpose with or without fee is hereby granted, provided that the above 11.\" copyright notice and this permission notice appear in all copies. 12.\" 13.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 14.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 15.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 16.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 17.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 18.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 19.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 20.\" 21.\" The original file was written by Ulf Moeller <ulf@openssl.org> and 22.\" Dr. Stephen Henson <steve@openssl.org>. 23.\" Copyright (c) 2000, 2002 The OpenSSL Project. All rights reserved. 24.\" 25.\" Redistribution and use in source and binary forms, with or without 26.\" modification, are permitted provided that the following conditions 27.\" are met: 28.\" 29.\" 1. Redistributions of source code must retain the above copyright 30.\" notice, this list of conditions and the following disclaimer. 31.\" 32.\" 2. Redistributions in binary form must reproduce the above copyright 33.\" notice, this list of conditions and the following disclaimer in 34.\" the documentation and/or other materials provided with the 35.\" distribution. 36.\" 37.\" 3. All advertising materials mentioning features or use of this 38.\" software must display the following acknowledgment: 39.\" "This product includes software developed by the OpenSSL Project 40.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 41.\" 42.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 43.\" endorse or promote products derived from this software without 44.\" prior written permission. For written permission, please contact 45.\" openssl-core@openssl.org. 46.\" 47.\" 5. Products derived from this software may not be called "OpenSSL" 48.\" nor may "OpenSSL" appear in their names without prior written 49.\" permission of the OpenSSL Project. 50.\" 51.\" 6. Redistributions of any form whatsoever must retain the following 52.\" acknowledgment: 53.\" "This product includes software developed by the OpenSSL Project 54.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" 55.\" 56.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 57.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 58.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 59.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 60.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 61.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 62.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 63.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 64.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 65.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 66.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 67.\" OF THE POSSIBILITY OF SUCH DAMAGE. 68.\" 69.Dd $Mdocdate: May 1 2023 $ 70.Dt CRYPTO 3 71.Os 72.Sh NAME 73.Nm crypto 74.Nd OpenSSL cryptographic library 75.Sh DESCRIPTION 76The OpenSSL crypto library implements a wide range of cryptographic 77algorithms used in various Internet standards. 78The services provided by this library are used by the OpenSSL 79implementations of TLS and S/MIME, and they have also been used to 80implement SSH, OpenPGP, and other cryptographic standards. 81.Pp 82.Sy Symmetric ciphers 83including AES, Blowfish, CAST, ChaCha20, IDEA, DES, RC2, and RC4 84are provided by the generic interface 85.Xr EVP_EncryptInit 3 . 86Low-level stand-alone interfaces include 87.Xr AES_encrypt 3 , 88.Xr BF_set_key 3 , 89.Xr ChaCha 3 , 90.Xr DES_set_key 3 , 91and 92.Xr RC4 3 . 93.Pp 94.Sy Public key cryptography and key agreement 95are provided by 96.Xr DH_new 3 , 97.Xr ECDH_compute_key 3 , 98.Xr X25519 3 , 99.Xr DSA_new 3 , 100.Xr ECDSA_SIG_new 3 , 101.Xr RSA_new 3 , 102and 103.Xr EVP_PKEY_new 3 . 104.Pp 105.Sy Certificates 106are handled by 107.Xr X509_new 3 108and 109.Xr X509v3_add_ext 3 . 110.Pp 111.Sy Authentication codes and hash functions 112offered include 113.Xr EVP_DigestInit 3 , 114.Xr CMAC_Init 3 , 115.Xr HMAC 3 , 116.Xr MD4 3 , 117.Xr MD5 3 , 118.Xr RIPEMD160 3 , 119.Xr SHA1 3 , 120and 121.Xr SHA256 3 . 122.Pp 123.Sy Input, output, and data encoding 124facilities include 125.Xr ASN1_TYPE_get 3 , 126.Xr BIO_new 3 , 127.Xr CMS_ContentInfo_new 3 , 128.Xr evp 3 , 129.Xr EVP_EncodeInit 3 , 130.Xr PEM_read 3 , 131.Xr PKCS7_encrypt 3 , 132.Xr PKCS7_sign 3 , 133.Xr PKCS12_create 3 , 134and 135.Xr SMIME_write_PKCS7 3 . 136.Pp 137.Sy Auxiliary features include: 138.Bl -dash -compact 139.It 140configuration file handling: see 141.Xr OPENSSL_config 3 142.It 143error reporting: see 144.Xr ERR 3 145.It 146.Xr OCSP_REQUEST_new 3 147.It 148.Xr UI_new 3 149.El 150.Pp 151.Sy Internal utilities 152include 153.Xr BIO_f_buffer 3 , 154.Xr BN_new 3 , 155.Xr EC_GROUP_new 3 , 156.Xr lh_new 3 , 157and 158.Xr STACK_OF 3 . 159.Sh NAMING CONVENTIONS 160Elements used in the names of API functions include the following: 161.Bl -tag -width Ds 162.It add0 163See 164.Dq set0 165below. 166.It add1 167See 168.Dq set1 169below. 170.It BIO 171basic input and/or output abstraction: 172The function manipulates objects of the idiosyncratic OpenSSL 173.Vt BIO 174object type. 175See 176.Xr BIO_new 3 . 177.It bio 178The function uses a 179.Vt BIO 180object for input or output. 181In many cases, simpler variants of the function are available 182that operate directly on 183.In stdio.h 184.Vt FILE 185objects or directly in RAM, usually using byte arrays. 186.It BIO_f_ 187filter BIO: 188The function returns a pointer to a static built-in object that, 189when passed to 190.Xr BIO_new 3 , 191results in the creation of a BIO object that can write data to 192and/or read data from another 193.Vt BIO 194object. 195.It BIO_s_ 196source and/or sink BIO: 197The function returns a pointer to a static built-in object that, 198when passed to 199.Xr BIO_new 3 , 200results in the creation of a BIO object 201that can write data to an external destination 202and/or read data from an external source, 203for example a file descriptor or object, a memory buffer, or the network. 204.It BN 205big number: 206The function operates on 207.Vt BIGNUM 208objects representing integer numbers of variable, almost unlimited size. 209See 210.Xr BN_new 3 . 211.It cb 212callback: 213The function takes or returns a function pointer 214that is called by API functions from inside the library. 215The function pointed to may be defined by the application program. 216In some cases, API functions with 217.Dq cb 218in their name may return function pointers to internal functions 219defined inside the library that are not API functions. 220The element 221.Dq cb 222is also used in the names of some function pointer datatypes 223declared with 224.Sy typedef . 225In a small number of cases, the all caps form 226.Dq CB 227is used with the same meaning. 228.It CTX 229context: 230The function operates on a wrapper object around another object. 231The purposes and properties of such 232.Dq CTX 233wrapper objects vary wildly depending on the objects in question. 234A few function names use the lower case form 235.Dq ctx 236in the same sense. 237.It d2i 238DER to internal: 239The function decodes input conforming to ASN.1 basic encoding rules (BER) 240and either stores the result in an existing object 241or in a newly allocated object. 242The latter is usually preferable because 243creating a new object is more robust and less error prone. 244In spite of the name, the input usually does not need to conform to ASN.1 245distinguished encoding rules (DER), which are more restrictive than BER. 246.It EVP 247digital EnVeloPe library: 248See 249.Xr evp 3 . 250.It ex 251This name element is used for two completely unrelated purposes. 252.Pp 253extended version: 254The function is similar to an older function without the 255.Dq ex 256in its name, but takes one or more additional arguments 257in order to make it more versatile. 258In several cases, the older version is now deprecated. 259.Pp 260extra data: 261Some object types support storing additional, application-specific data 262inside objects in addition to the data the object is designed to hold. 263The function sets, retrieves, or prepares for using such extra data. 264Related function names usually contain 265.Dq ex_data 266or 267.Dq ex_new_index . 268See 269.Xr CRYPTO_set_ex_data 3 . 270.It fp 271file pointer: 272The function takes a 273.Vt FILE * 274argument. 275Usually, the function is a variant of another function taking a 276.Vt BIO * 277argument instead. 278.It i2d 279internal to DER: 280The function encodes an object passed as an argument 281according to ASN.1 distinguished encoding rules (DER). 282There are a few rare exceptions of functions that have 283.Dq i2d 284in their name but produce output anyway 285that only conforms to ASN.1 basic encoding rules (BER) and not to DER. 286.It get0 287The function returns an internal pointer 288owned by the object passed as an argument. 289The returned pointer must not be freed by the calling code. 290It will be freed automatically 291when the object owning the pointer will be freed. 292.It get1 293The function returns a copy of a sub-object 294of an object passed as an argument. 295The caller is responsible for freeing the returned object 296when it is no longer needed. 297.Pp 298If the object type is reference counted, usually the reference count 299is incremented instead of copying the object. 300Consequently, modifying the returned object may still impact all 301objects containing references to it. 302The caller is responsible for freeing the returned object 303when it is no longer needed; for reference-counted objects still 304referenced elsewhere, this will merely decrement the reference count. 305.It get 306Functions containing 307.Dq get 308in their name without a following digit may behave in 309.Dq get0 310or, more rarely, in 311.Dq get1 312style. 313To find out which is the case, refer to the individual manual pages. 314.It lh 315linear hash: 316The function manipulates a dynamic hash table. 317See 318.Xr lh_new 3 . 319.It md 320message digest. 321Some function names use the all caps form 322.Dq MD 323in the same sense. 324.It meth 325The function manipulates an object holding a function table. 326Usually, such function tables allow the application program 327to implement additional cryptographic or I/O algorithms 328and to use them with the same high-level API functions as the 329algorithms provided by the library itself, or to replace the 330implementations of algorithms provided by the library with 331custom implementations provided by the application program. 332Some API functions use the name elements 333.Dq method 334or 335.Dq METHOD 336in the same sense. 337See also the 338.Dq cb 339entry in the present list. 340.It nid 341numerical identifier: 342A non-standard, LibreSSL-specific 343.Vt int 344number associated with an ASN.1 object identifier. 345In several cases, the all caps form 346.Dq NID 347is used in the same sense. 348See 349.Xr OBJ_nid2obj 3 . 350.It obj 351This name element and its all caps form 352.Dq OBJ 353usually refer to ASN.1 object identifiers represented by the 354.Vt ASN1_OBJECT 355data type. 356See 357.Xr ASN1_OBJECT_new 3 . 358.It PKEY 359In most cases, this name element and its lower case form 360.Dq pkey 361mean 362.Dq private key , 363but for both forms, there are some cases where they mean 364.Dq public key 365instead. 366.It set0 367The function transfers ownership of a pointer passed as an argument 368to an object passed as another argument, 369by storing the pointer inside the object. 370The transferred pointer must not be freed by the calling code. 371It will be freed automatically 372when the object now owning the pointer will be freed. 373.It set1 374The function copies the content of one object passed as an argument 375into another object also passed as an argument. 376When the calling code no longer needs the copied object, 377it can free that object. 378.Pp 379In some cases, if the object to be copied is reference counted, 380the function does not actually copy the object but merely increments 381its reference count and stores the pointer to it in the other object. 382When the calling code no longer needs its original pointer to 383the now inner object, it can free the original pointer, thus 384decrementing the reference count of the inner object 385and transferring ownership of the inner object to the outer object. 386The inner object will then be freed automatically 387when the outer object is freed later on. 388.It set 389Functions containing 390.Dq set 391in their name without a following digit may behave in 392.Dq set0 393or, more rarely, in 394.Dq set1 395style. 396To find out which is the case, refer to the individual manual pages. 397.It sk 398stack: 399The function manipulates a variable-sized array of pointers 400in the idiosyncratic style described in 401.Xr OPENSSL_sk_new 3 . 402.It TS 403X.509 time-stamp protocol: 404See 405.Xr TS_REQ_new 3 . 406.It up_ref 407The function increments the reference count of the argument by one. 408Only a minority of object types support reference counting. 409For those that do, if the reference count is greater than one, 410the corresponding 411.Dq free 412function reverses the effect of one call to the 413.Dq up_ref 414function rather than freeing the object. 415.El 416.Sh SEE ALSO 417.Xr openssl 1 , 418.Xr ssl 3 419