BIO_f_cipher.pod 2.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081
  1. =pod
  2. =head1 NAME
  3. BIO_f_cipher, BIO_set_cipher, BIO_get_cipher_status, BIO_get_cipher_ctx - cipher BIO filter
  4. =head1 SYNOPSIS
  5. =for openssl multiple includes
  6. #include <openssl/bio.h>
  7. #include <openssl/evp.h>
  8. const BIO_METHOD *BIO_f_cipher(void);
  9. int BIO_set_cipher(BIO *b, const EVP_CIPHER *cipher,
  10. const unsigned char *key, const unsigned char *iv, int enc);
  11. int BIO_get_cipher_status(BIO *b);
  12. int BIO_get_cipher_ctx(BIO *b, EVP_CIPHER_CTX **pctx);
  13. =head1 DESCRIPTION
  14. BIO_f_cipher() returns the cipher BIO method. This is a filter
  15. BIO that encrypts any data written through it, and decrypts any data
  16. read from it. It is a BIO wrapper for the cipher routines
  17. EVP_CipherInit(), EVP_CipherUpdate() and EVP_CipherFinal().
  18. Cipher BIOs do not support BIO_gets() or BIO_puts().
  19. BIO_flush() on an encryption BIO that is being written through is
  20. used to signal that no more data is to be encrypted: this is used
  21. to flush and possibly pad the final block through the BIO.
  22. BIO_set_cipher() sets the cipher of BIO B<b> to B<cipher> using key B<key>
  23. and IV B<iv>. B<enc> should be set to 1 for encryption and zero for
  24. decryption.
  25. When reading from an encryption BIO the final block is automatically
  26. decrypted and checked when EOF is detected. BIO_get_cipher_status()
  27. is a BIO_ctrl() macro which can be called to determine whether the
  28. decryption operation was successful.
  29. BIO_get_cipher_ctx() is a BIO_ctrl() macro which retrieves the internal
  30. BIO cipher context. The retrieved context can be used in conjunction
  31. with the standard cipher routines to set it up. This is useful when
  32. BIO_set_cipher() is not flexible enough for the applications needs.
  33. =head1 NOTES
  34. When encrypting BIO_flush() B<must> be called to flush the final block
  35. through the BIO. If it is not then the final block will fail a subsequent
  36. decrypt.
  37. When decrypting an error on the final block is signaled by a zero
  38. return value from the read operation. A successful decrypt followed
  39. by EOF will also return zero for the final read. BIO_get_cipher_status()
  40. should be called to determine if the decrypt was successful.
  41. As always, if BIO_gets() or BIO_puts() support is needed then it can
  42. be achieved by preceding the cipher BIO with a buffering BIO.
  43. =head1 RETURN VALUES
  44. BIO_f_cipher() returns the cipher BIO method.
  45. BIO_set_cipher() returns 1 for success and 0 for failure.
  46. BIO_get_cipher_status() returns 1 for a successful decrypt and <=0
  47. for failure.
  48. BIO_get_cipher_ctx() returns 1 for success and <=0 for failure.
  49. =head1 COPYRIGHT
  50. Copyright 2000-2020 The OpenSSL Project Authors. All Rights Reserved.
  51. Licensed under the Apache License 2.0 (the "License"). You may not use
  52. this file except in compliance with the License. You can obtain a copy
  53. in the file LICENSE in the source distribution or at
  54. L<https://www.openssl.org/source/license.html>.
  55. =cut