| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370 |
- =pod
- =head1 NAME
- life_cycle-cipher - The cipher algorithm life-cycle
- =head1 DESCRIPTION
- All symmetric ciphers (CIPHERs) go through a number of stages in their
- life-cycle:
- =over 4
- =item start
- This state represents the CIPHER before it has been allocated. It is the
- starting state for any life-cycle transitions.
- =item newed
- This state represents the CIPHER after it has been allocated.
- =item initialised
- These states represent the CIPHER when it is set up and capable of processing
- input. There are three possible initialised states:
- =over 4
- =item initialised using EVP_CipherInit
- =item initialised for decryption using EVP_DecryptInit
- =item initialised for encryption using EVP_EncryptInit
- =back
- =item updated
- These states represent the CIPHER when it is set up and capable of processing
- additional input or generating output. The three possible states directly
- correspond to those for initialised above. The three different streams should
- not be mixed.
- =item finaled
- This state represents the CIPHER when it has generated output.
- =item freed
- This state is entered when the CIPHER is freed. It is the terminal state
- for all life-cycle transitions.
- =back
- =head2 State Transition Diagram
- The usual life-cycle of a CIPHER is illustrated:
- =begin man
- +---------------------------+
- | |
- | start |
- | |
- +---------------------------+ + - - - - - - - - - - - - - +
- | ' any of the initialised '
- | EVP_CIPHER_CTX_new ' updated or finaled states '
- v ' '
- +---------------------------+ + - - - - - - - - - - - - - +
- | | |
- | newed | | EVP_CIPHER_CTX_reset
- | | <----+
- +---------------------------+
- | | |
- +---------+ | +---------+
- EVP_DecryptInit | | EVP_CipherInit | EVP_EncryptInit
- v v v
- +---------------------------+ +---------------------------+ +---------------------------+
- | | | | | |
- | initialised | | initialised | | initialised |
- | for decryption | | | | for encryption |
- +---------------------------+ +---------------------------+ +---------------------------+
- | | |
- | EVP_DecryptUpdate | EVP_CipherUpdate EVP_EncryptUpdate |
- | v |
- | +---------------------------+ |
- | | |--------------------+ |
- | | updated | EVP_CipherUpdate | |
- | | | <------------------+ |
- v +---------------------------+ v
- +---------------------------+ | +---------------------------+
- | |---------------------+ | | |
- | updated | EVP_DecryptUpdate | | | updated |------+
- | for decryption | <-------------------+ | | for encryption | |
- +---------------------------+ | +---------------------------+ |
- | EVP_CipherFinal | | ^ |
- +-------+ | +--------+ | |
- EVP_DecryptFinal | | | EVP_EncryptFinal +-------------------+
- v v v EVP_EncryptUpdate
- +---------------------------+
- | |-----------------------------+
- | finaled | |
- | | <---------------------------+
- +---------------------------+ EVP_CIPHER_CTX_get_params
- | (AEAD encryption)
- | EVP_CIPHER_CTX_free
- v
- +---------------------------+
- | |
- | freed |
- | |
- +---------------------------+
- =end man
- =for html <img src="img/cipher.png">
- =head2 Formal State Transitions
- This section defines all of the legal state transitions.
- This is the canonical list.
- =begin man
- Function Call ---------------------------------------------- Current State -----------------------------------------------
- start newed initialised updated finaled initialised updated initialised updated freed
- decryption decryption encryption encryption
- EVP_CIPHER_CTX_new newed
- EVP_CipherInit initialised initialised initialised initialised initialised initialised initialised initialised
- EVP_DecryptInit initialised initialised initialised initialised initialised initialised initialised initialised
- decryption decryption decryption decryption decryption decryption decryption decryption
- EVP_EncryptInit initialised initialised initialised initialised initialised initialised initialised initialised
- encryption encryption encryption encryption encryption encryption encryption encryption
- EVP_CipherUpdate updated updated
- EVP_DecryptUpdate updated updated
- decryption decryption
- EVP_EncryptUpdate updated updated
- encryption encryption
- EVP_CipherFinal finaled
- EVP_DecryptFinal finaled
- EVP_EncryptFinal finaled
- EVP_CIPHER_CTX_free freed freed freed freed freed freed freed freed freed
- EVP_CIPHER_CTX_reset newed newed newed newed newed newed newed newed
- EVP_CIPHER_CTX_get_params newed initialised updated initialised updated initialised updated
- decryption decryption encryption encryption
- EVP_CIPHER_CTX_set_params newed initialised updated initialised updated initialised updated
- decryption decryption encryption encryption
- EVP_CIPHER_CTX_gettable_params newed initialised updated initialised updated initialised updated
- decryption decryption encryption encryption
- EVP_CIPHER_CTX_settable_params newed initialised updated initialised updated initialised updated
- decryption decryption encryption encryption
- =end man
- =begin html
- <table style="border:1px solid; border-collapse:collapse">
- <tr><th style="border:1px solid" align="left">Function Call</th>
- <th style="border:1px solid" colspan="10">Current State</th></tr>
- <tr><th style="border:1px solid"></th>
- <th style="border:1px solid" align="center">start</th>
- <th style="border:1px solid" align="center">newed</th>
- <th style="border:1px solid" align="center">initialised</th>
- <th style="border:1px solid" align="center">updated</th>
- <th style="border:1px solid" align="center">finaled</th>
- <th style="border:1px solid" align="center">initialised<br>decryption</th>
- <th style="border:1px solid" align="center">updated<br>decryption</th>
- <th style="border:1px solid" align="center">initialised<br>encryption</th>
- <th style="border:1px solid" align="center">updated<br>encryption</th>
- <th style="border:1px solid" align="center">freed</th></tr>
- <tr><th style="border:1px solid" align="left">EVP_CIPHER_CTX_new</th>
- <td style="border:1px solid" align="center">newed</td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td></tr>
- <tr><th style="border:1px solid" align="left">EVP_CipherInit</th>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center">initialised</td>
- <td style="border:1px solid" align="center">initialised</td>
- <td style="border:1px solid" align="center">initialised</td>
- <td style="border:1px solid" align="center">initialised</td>
- <td style="border:1px solid" align="center">initialised</td>
- <td style="border:1px solid" align="center">initialised</td>
- <td style="border:1px solid" align="center">initialised</td>
- <td style="border:1px solid" align="center">initialised</td>
- <td style="border:1px solid" align="center"></td></tr>
- <tr><th style="border:1px solid" align="left">EVP_DecryptInit</th>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center">initialised<br>decryption</td>
- <td style="border:1px solid" align="center">initialised<br>decryption</td>
- <td style="border:1px solid" align="center">initialised<br>decryption</td>
- <td style="border:1px solid" align="center">initialised<br>decryption</td>
- <td style="border:1px solid" align="center">initialised<br>decryption</td>
- <td style="border:1px solid" align="center">initialised<br>decryption</td>
- <td style="border:1px solid" align="center">initialised<br>decryption</td>
- <td style="border:1px solid" align="center">initialised<br>decryption</td>
- <td style="border:1px solid" align="center"></td></tr>
- <tr><th style="border:1px solid" align="left">EVP_EncryptInit</th>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center">initialised<br>encryption</td>
- <td style="border:1px solid" align="center">initialised<br>encryption</td>
- <td style="border:1px solid" align="center">initialised<br>encryption</td>
- <td style="border:1px solid" align="center">initialised<br>encryption</td>
- <td style="border:1px solid" align="center">initialised<br>encryption</td>
- <td style="border:1px solid" align="center">initialised<br>encryption</td>
- <td style="border:1px solid" align="center">initialised<br>encryption</td>
- <td style="border:1px solid" align="center">initialised<br>encryption</td>
- <td style="border:1px solid" align="center"></td></tr>
- <tr><th style="border:1px solid" align="left">EVP_CipherUpdate</th>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center">updated</td>
- <td style="border:1px solid" align="center">updated</td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td></tr>
- <tr><th style="border:1px solid" align="left">EVP_DecryptUpdate</th>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center">updated<br>decryption</td>
- <td style="border:1px solid" align="center">updated<br>decryption</td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td></tr>
- <tr><th style="border:1px solid" align="left">EVP_EncryptUpdate</th>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center">updated<br>encryption</td>
- <td style="border:1px solid" align="center">updated<br>encryption</td>
- <td style="border:1px solid" align="center"></td></tr>
- <tr><th style="border:1px solid" align="left">EVP_CipherFinal</th>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center">finaled</td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td></tr>
- <tr><th style="border:1px solid" align="left">EVP_DecryptFinal</th>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center">finaled<br>decryption</td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td></tr>
- <tr><th style="border:1px solid" align="left">EVP_EncryptFinal</th>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center">finaled<br>decryption</td>
- <td style="border:1px solid" align="center"></td></tr>
- <tr><th style="border:1px solid" align="left">EVP_CIPHER_CTX_free</th>
- <td style="border:1px solid" align="center">freed</td>
- <td style="border:1px solid" align="center">freed</td>
- <td style="border:1px solid" align="center">freed</td>
- <td style="border:1px solid" align="center">freed</td>
- <td style="border:1px solid" align="center">freed</td>
- <td style="border:1px solid" align="center">freed</td>
- <td style="border:1px solid" align="center">freed</td>
- <td style="border:1px solid" align="center">freed</td>
- <td style="border:1px solid" align="center">freed</td>
- <td style="border:1px solid" align="center"></td></tr>
- <tr><th style="border:1px solid" align="left">EVP_CIPHER_CTX_reset</th>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center">newed</td>
- <td style="border:1px solid" align="center">newed</td>
- <td style="border:1px solid" align="center">newed</td>
- <td style="border:1px solid" align="center">newed</td>
- <td style="border:1px solid" align="center">newed</td>
- <td style="border:1px solid" align="center">newed</td>
- <td style="border:1px solid" align="center">newed</td>
- <td style="border:1px solid" align="center"></td></tr>
- <tr><th style="border:1px solid" align="left">EVP_CIPHER_CTX_get_params</th>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center">newed</td>
- <td style="border:1px solid" align="center">initialised</td>
- <td style="border:1px solid" align="center">updated</td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center">initialised<br>decryption</td>
- <td style="border:1px solid" align="center">updated<br>decryption</td>
- <td style="border:1px solid" align="center">initialised<br>encryption</td>
- <td style="border:1px solid" align="center">updated<br>encryption</td>
- <td style="border:1px solid" align="center"></td></tr>
- <tr><th style="border:1px solid" align="left">EVP_CIPHER_CTX_set_params</th>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center">newed</td>
- <td style="border:1px solid" align="center">initialised</td>
- <td style="border:1px solid" align="center">updated</td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center">initialised<br>decryption</td>
- <td style="border:1px solid" align="center">updated<br>decryption</td>
- <td style="border:1px solid" align="center">initialised<br>encryption</td>
- <td style="border:1px solid" align="center">updated<br>encryption</td>
- <td style="border:1px solid" align="center"></td></tr>
- <tr><th style="border:1px solid" align="left">EVP_CIPHER_CTX_gettable_params</th>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center">newed</td>
- <td style="border:1px solid" align="center">initialised</td>
- <td style="border:1px solid" align="center">updated</td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center">initialised<br>decryption</td>
- <td style="border:1px solid" align="center">updated<br>decryption</td>
- <td style="border:1px solid" align="center">initialised<br>encryption</td>
- <td style="border:1px solid" align="center">updated<br>encryption</td>
- <td style="border:1px solid" align="center"></td></tr>
- <tr><th style="border:1px solid" align="left">EVP_CIPHER_CTX_settable_params</th>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center">newed</td>
- <td style="border:1px solid" align="center">initialised</td>
- <td style="border:1px solid" align="center">updated</td>
- <td style="border:1px solid" align="center"></td>
- <td style="border:1px solid" align="center">initialised<br>decryption</td>
- <td style="border:1px solid" align="center">updated<br>decryption</td>
- <td style="border:1px solid" align="center">initialised<br>encryption</td>
- <td style="border:1px solid" align="center">updated<br>encryption</td>
- <td style="border:1px solid" align="center"></td></tr>
- </table>
- =end html
- =head1 NOTES
- At some point the EVP layer will begin enforcing the transitions described
- herein.
- =head1 SEE ALSO
- L<provider-cipher(7)>, L<EVP_EncryptInit(3)>
- =head1 COPYRIGHT
- Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
- Licensed under the Apache License 2.0 (the "License"). You may not use
- this file except in compliance with the License. You can obtain a copy
- in the file LICENSE in the source distribution or at
- L<https://www.openssl.org/source/license.html>.
- =cut
|
