diff options
| author | jkim <jkim@FreeBSD.org> | 2015-10-30 20:51:33 +0000 |
|---|---|---|
| committer | jkim <jkim@FreeBSD.org> | 2015-10-30 20:51:33 +0000 |
| commit | 6b741bee156148072e0e9588e7c9f4a9d66d1ab9 (patch) | |
| tree | e8d8b5ada49f5cdbf70d1e455c13f2625fdcdd45 /secure/lib/libcrypto/man/evp.3 | |
| parent | 979d5cd34dadfb0b78c606ecca3ec8d3a6ca245f (diff) | |
| parent | 64cb0c902e312216cdc4c826fc0be9ba9e1bf4da (diff) | |
| download | FreeBSD-src-6b741bee156148072e0e9588e7c9f4a9d66d1ab9.zip FreeBSD-src-6b741bee156148072e0e9588e7c9f4a9d66d1ab9.tar.gz | |
Merge OpenSSL 1.0.2d.
Diffstat (limited to 'secure/lib/libcrypto/man/evp.3')
| -rw-r--r-- | secure/lib/libcrypto/man/evp.3 | 49 |
1 files changed, 43 insertions, 6 deletions
diff --git a/secure/lib/libcrypto/man/evp.3 b/secure/lib/libcrypto/man/evp.3 index a7cb86a..69c9fdf 100644 --- a/secure/lib/libcrypto/man/evp.3 +++ b/secure/lib/libcrypto/man/evp.3 @@ -133,7 +133,7 @@ .\" ======================================================================== .\" .IX Title "evp 3" -.TH evp 3 "2015-07-09" "1.0.1p" "OpenSSL" +.TH evp 3 "2015-07-09" "1.0.2d" "OpenSSL" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -150,17 +150,42 @@ evp \- high\-level cryptographic functions The \s-1EVP\s0 library provides a high-level interface to cryptographic functions. .PP -\&\fBEVP_Seal\fR\fI...\fR and \fBEVP_Open\fR\fI...\fR provide public key encryption -and decryption to implement digital \*(L"envelopes\*(R". +\&\fBEVP_Seal\fR\fI...\fR and \fBEVP_Open\fR\fI...\fR +provide public key encryption and decryption to implement digital \*(L"envelopes\*(R". .PP -The \fBEVP_Sign\fR\fI...\fR and \fBEVP_Verify\fR\fI...\fR functions implement -digital signatures. +The \fBEVP_DigestSign\fR\fI...\fR and +\&\fBEVP_DigestVerify\fR\fI...\fR functions implement +digital signatures and Message Authentication Codes (MACs). Also see the older +\&\fBEVP_Sign\fR\fI...\fR and \fBEVP_Verify\fR\fI...\fR +functions. .PP Symmetric encryption is available with the \fBEVP_Encrypt\fR\fI...\fR functions. The \fBEVP_Digest\fR\fI...\fR functions provide message digests. .PP The \fB\s-1EVP_PKEY\s0\fR\fI...\fR functions provide a high level interface to -asymmetric algorithms. +asymmetric algorithms. To create a new \s-1EVP_PKEY\s0 see +\&\fIEVP_PKEY_new\fR\|(3). EVP_PKEYs can be associated +with a private key of a particular algorithm by using the functions +described on the \fIEVP_PKEY_set1_RSA\fR\|(3) page, or +new keys can be generated using \fIEVP_PKEY_keygen\fR\|(3). +EVP_PKEYs can be compared using \fIEVP_PKEY_cmp\fR\|(3), or printed using +\&\fIEVP_PKEY_print_private\fR\|(3). +.PP +The \s-1EVP_PKEY\s0 functions support the full range of asymmetric algorithm operations: +.IP "For key agreement see \fIEVP_PKEY_derive\fR\|(3)" 4 +.IX Item "For key agreement see EVP_PKEY_derive" +.PD 0 +.IP "For signing and verifying see \fIEVP_PKEY_sign\fR\|(3), \fIEVP_PKEY_verify\fR\|(3) and \fIEVP_PKEY_verify_recover\fR\|(3). However, note that these functions do not perform a digest of the data to be signed. Therefore normally you would use the \fBEVP_DigestSign\fR\fI...\fR functions for this purpose." 4 +.IX Item "For signing and verifying see EVP_PKEY_sign, EVP_PKEY_verify and EVP_PKEY_verify_recover. However, note that these functions do not perform a digest of the data to be signed. Therefore normally you would use the EVP_DigestSign... functions for this purpose." +.ie n .IP "For encryption and decryption see \fIEVP_PKEY_encrypt\fR\|(3) and \fIEVP_PKEY_decrypt\fR\|(3) respectively. However, note that these functions perform encryption and decryption only. As public key encryption is an expensive operation, normally you would wrap an encrypted message in a ""digital envelope"" using the \fBEVP_Seal\fR\fI...\fR and \fBEVP_Open\fR\fI...\fR functions." 4 +.el .IP "For encryption and decryption see \fIEVP_PKEY_encrypt\fR\|(3) and \fIEVP_PKEY_decrypt\fR\|(3) respectively. However, note that these functions perform encryption and decryption only. As public key encryption is an expensive operation, normally you would wrap an encrypted message in a ``digital envelope'' using the \fBEVP_Seal\fR\fI...\fR and \fBEVP_Open\fR\fI...\fR functions." 4 +.IX Item "For encryption and decryption see EVP_PKEY_encrypt and EVP_PKEY_decrypt respectively. However, note that these functions perform encryption and decryption only. As public key encryption is an expensive operation, normally you would wrap an encrypted message in a digital envelope using the EVP_Seal... and EVP_Open... functions." +.PD +.PP +The \fIEVP_BytesToKey\fR\|(3) function provides some limited support for password +based encryption. Careful selection of the parameters will provide a PKCS#5 \s-1PBKDF1\s0 compatible +implementation. However, new applications should not typically use this (preferring, for example, +\&\s-1PBKDF2\s0 from PCKS#5). .PP Algorithms are loaded with \fIOpenSSL_add_all_algorithms\fR\|(3). .PP @@ -183,7 +208,19 @@ using the high level interface. \&\fIEVP_EncryptInit\fR\|(3), \&\fIEVP_OpenInit\fR\|(3), \&\fIEVP_SealInit\fR\|(3), +\&\fIEVP_DigestSignInit\fR\|(3), \&\fIEVP_SignInit\fR\|(3), \&\fIEVP_VerifyInit\fR\|(3), +\&\fIEVP_PKEY_new\fR\|(3), +\&\fIEVP_PKEY_set1_RSA\fR\|(3), +\&\fIEVP_PKEY_keygen\fR\|(3), +\&\fIEVP_PKEY_print_private\fR\|(3), +\&\fIEVP_PKEY_decrypt\fR\|(3), +\&\fIEVP_PKEY_encrypt\fR\|(3), +\&\fIEVP_PKEY_sign\fR\|(3), +\&\fIEVP_PKEY_verify\fR\|(3), +\&\fIEVP_PKEY_verify_recover\fR\|(3), +\&\fIEVP_PKEY_derive\fR\|(3), +\&\fIEVP_BytesToKey\fR\|(3), \&\fIOpenSSL_add_all_algorithms\fR\|(3), \&\fIengine\fR\|(3) |
