mirror of
https://github.com/openssl/openssl.git
synced 2024-12-15 06:01:37 +08:00
0f84cbc3e2
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12595)
82 lines
2.7 KiB
Plaintext
82 lines
2.7 KiB
Plaintext
=pod
|
|
|
|
=head1 NAME
|
|
|
|
BIO_f_cipher, BIO_set_cipher, BIO_get_cipher_status, BIO_get_cipher_ctx - cipher BIO filter
|
|
|
|
=head1 SYNOPSIS
|
|
|
|
=for openssl multiple includes
|
|
|
|
#include <openssl/bio.h>
|
|
#include <openssl/evp.h>
|
|
|
|
const BIO_METHOD *BIO_f_cipher(void);
|
|
void BIO_set_cipher(BIO *b, const EVP_CIPHER *cipher,
|
|
unsigned char *key, unsigned char *iv, int enc);
|
|
int BIO_get_cipher_status(BIO *b);
|
|
int BIO_get_cipher_ctx(BIO *b, EVP_CIPHER_CTX **pctx);
|
|
|
|
=head1 DESCRIPTION
|
|
|
|
BIO_f_cipher() returns the cipher BIO method. This is a filter
|
|
BIO that encrypts any data written through it, and decrypts any data
|
|
read from it. It is a BIO wrapper for the cipher routines
|
|
EVP_CipherInit(), EVP_CipherUpdate() and EVP_CipherFinal().
|
|
|
|
Cipher BIOs do not support BIO_gets() or BIO_puts().
|
|
|
|
BIO_flush() on an encryption BIO that is being written through is
|
|
used to signal that no more data is to be encrypted: this is used
|
|
to flush and possibly pad the final block through the BIO.
|
|
|
|
BIO_set_cipher() sets the cipher of BIO B<b> to B<cipher> using key B<key>
|
|
and IV B<iv>. B<enc> should be set to 1 for encryption and zero for
|
|
decryption.
|
|
|
|
When reading from an encryption BIO the final block is automatically
|
|
decrypted and checked when EOF is detected. BIO_get_cipher_status()
|
|
is a BIO_ctrl() macro which can be called to determine whether the
|
|
decryption operation was successful.
|
|
|
|
BIO_get_cipher_ctx() is a BIO_ctrl() macro which retrieves the internal
|
|
BIO cipher context. The retrieved context can be used in conjunction
|
|
with the standard cipher routines to set it up. This is useful when
|
|
BIO_set_cipher() is not flexible enough for the applications needs.
|
|
|
|
=head1 NOTES
|
|
|
|
When encrypting BIO_flush() B<must> be called to flush the final block
|
|
through the BIO. If it is not then the final block will fail a subsequent
|
|
decrypt.
|
|
|
|
When decrypting an error on the final block is signaled by a zero
|
|
return value from the read operation. A successful decrypt followed
|
|
by EOF will also return zero for the final read. BIO_get_cipher_status()
|
|
should be called to determine if the decrypt was successful.
|
|
|
|
As always, if BIO_gets() or BIO_puts() support is needed then it can
|
|
be achieved by preceding the cipher BIO with a buffering BIO.
|
|
|
|
=head1 RETURN VALUES
|
|
|
|
BIO_f_cipher() returns the cipher BIO method.
|
|
|
|
BIO_set_cipher() does not return a value.
|
|
|
|
BIO_get_cipher_status() returns 1 for a successful decrypt and 0
|
|
for failure.
|
|
|
|
BIO_get_cipher_ctx() currently always returns 1.
|
|
|
|
=head1 COPYRIGHT
|
|
|
|
Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
|
|
|
|
Licensed under the Apache License 2.0 (the "License"). You may not use
|
|
this file except in compliance with the License. You can obtain a copy
|
|
in the file LICENSE in the source distribution or at
|
|
L<https://www.openssl.org/source/license.html>.
|
|
|
|
=cut
|