1=pod 2 3=head1 NAME 4 5EVP_PBE_CipherInit, EVP_PBE_CipherInit_ex, 6EVP_PBE_find, EVP_PBE_find_ex - Password based encryption routines 7 8=head1 SYNOPSIS 9 10 #include <openssl/evp.h> 11 12 int EVP_PBE_CipherInit(ASN1_OBJECT *pbe_obj, const char *pass, int passlen, 13 ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de); 14 int EVP_PBE_CipherInit_ex(ASN1_OBJECT *pbe_obj, const char *pass, int passlen, 15 ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int en_de, 16 OSSL_LIB_CTX *libctx, const char *propq); 17 18 int EVP_PBE_find(int type, int pbe_nid, int *pcnid, int *pmnid, 19 EVP_PBE_KEYGEN **pkeygen); 20 int EVP_PBE_find_ex(int type, int pbe_nid, int *pcnid, int *pmnid, 21 EVP_PBE_KEYGEN **pkeygen, EVP_PBE_KEYGEN_EX **keygen_ex); 22 23=head1 DESCRIPTION 24 25=head2 PBE operations 26 27EVP_PBE_CipherInit() and EVP_PBE_CipherInit_ex() initialise an B<EVP_CIPHER_CTX> 28I<ctx> for encryption (I<en_de>=1) or decryption (I<en_de>=0) using the password 29I<pass> of length I<passlen>. The PBE algorithm type and parameters are extracted 30from an OID I<pbe_obj> and parameters I<param>. 31 32EVP_PBE_CipherInit_ex() also allows the application to specify a library context 33I<libctx> and property query I<propq> to select appropriate algorithm 34implementations. 35 36=head2 PBE algorithm search 37 38EVP_PBE_find() and EVP_PBE_find_ex() search for a matching algorithm using two parameters: 39 401. An algorithm type I<type> which can be: 41 42=over 4 43 44=item * 45 46EVP_PBE_TYPE_OUTER - A PBE algorithm 47 48=item * 49 50EVP_PBE_TYPE_PRF - A pseudo-random function 51 52=item * 53 54EVP_PBE_TYPE_KDF - A key derivation function 55 56=back 57 582. A I<pbe_nid> which can represent the algorithm identifier with parameters e.g. 59B<NID_pbeWithSHA1AndRC2_CBC> or an algorithm class e.g. B<NID_pbes2>. 60 61They return the algorithm's cipher ID I<pcnid>, digest ID I<pmnid> and a key 62generation function for the algorithm I<pkeygen>. EVP_PBE_CipherInit_ex() also 63returns an extended key generation function I<keygen_ex> which takes a library 64context and property query. 65 66If a NULL is supplied for any of I<pcnid>, I<pmnid>, I<pkeygen> or I<pkeygen_ex> 67then this parameter is not returned. 68 69=head1 NOTES 70 71The arguments I<pbe_obj> and I<param> to EVP_PBE_CipherInit() and EVP_PBE_CipherInit_ex() 72together form an B<X509_ALGOR> and can often be extracted directly from this structure. 73 74=head1 RETURN VALUES 75 76Return value is 1 for success and 0 if an error occurred. 77 78=head1 SEE ALSO 79 80L<PKCS5_PBE_keyivgen(3)>, 81L<PKCS12_PBE_keyivgen_ex(3)>, 82L<PKCS5_v2_PBE_keyivgen_ex(3)>, 83L<PKCS12_pbe_crypt_ex(3)>, 84L<PKCS12_create_ex(3)> 85 86=head1 HISTORY 87 88EVP_PBE_CipherInit_ex() and EVP_PBE_find_ex() were added in OpenSSL 3.0. 89 90=head1 COPYRIGHT 91 92Copyright 2021 The OpenSSL Project Authors. All Rights Reserved. 93 94Licensed under the Apache License 2.0 (the "License"). You may not use 95this file except in compliance with the License. You can obtain a copy 96in the file LICENSE in the source distribution or at 97L<https://www.openssl.org/source/license.html>. 98 99=cut 100