RAIZ DE DOCUMENTACION MAPA DEL SITIO PAGINAS DE MANUAL GNU INFO BÚSQUEDA
 

EVP_SealInit(3)



     EVP_SealInit(3)        0.9.6h (2002-08-15)        EVP_SealInit(3)

     NAME
          EVP_SealInit, EVP_SealUpdate, EVP_SealFinal - EVP envelope
          encryption

     SYNOPSIS
           #include <openssl/evp.h>

           int EVP_SealInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char **ek,
                          int *ekl, unsigned char *iv,EVP_PKEY **pubk, int npubk);
           int EVP_SealUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
                   int *outl, unsigned char *in, int inl);
           void EVP_SealFinal(EVP_CIPHER_CTX *ctx, unsigned char *out,
                   int *outl);

     DESCRIPTION
          The EVP envelope routines are a high level interface to
          envelope encryption. They generate a random key and then
          "envelope" it by using public key encryption. Data can then
          be encrypted using this key.

          EVP_SealInit() initializes a cipher context ctx for
          encryption with cipher type using a random secret key and IV
          supplied in the iv parameter. type is normally supplied by a
          function such as EVP_des_cbc(). The secret key is encrypted
          using one or more public keys, this allows the same
          encrypted data to be decrypted using any of the
          corresponding private keys. ek is an array of buffers where
          the public key encrypted secret key will be written, each
          buffer must contain enough room for the corresponding
          encrypted key: that is ek[i] must have room for
          EVP_PKEY_size(pubk[i]) bytes. The actual size of each
          encrypted secret key is written to the array ekl. pubk is an
          array of npubk public keys.

          EVP_SealUpdate() and EVP_SealFinal() have exactly the same
          properties as the EVP_EncryptUpdate() and EVP_EncryptFinal()
          routines, as documented on the EVP_EncryptInit(3) manual
          page.

     RETURN VALUES
          EVP_SealInit() returns 0 on error or npubk if successful.

          EVP_SealUpdate() returns 1 for success and 0 for failure.

     NOTES
          Because a random secret key is generated the random number
          generator must be seeded before calling EVP_SealInit().

          The public key must be RSA because it is the only OpenSSL
          public key algorithm that supports key transport.

          Envelope encryption is the usual method of using public key

     Page 1                                         (printed 1/19/103)

     EVP_SealInit(3)        0.9.6h (2002-08-15)        EVP_SealInit(3)

          encryption on large amounts of data, this is because public
          key encryption is slow but symmetric encryption is fast. So
          symmetric encryption is used for bulk encryption and the
          small random symmetric key used is transferred using public
          key encryption.

          It is possible to call EVP_SealInit() twice in the same way
          as EVP_EncryptInit(). The first call should have npubk set
          to 0 and (after setting any cipher parameters) it should be
          called again with type set to NULL.

     SEE ALSO
          evp(3), rand(3), EVP_EncryptInit(3), EVP_OpenInit(3)

     HISTORY

     Page 2                                         (printed 1/19/103)
Man(1) output converted with man2html