From: Dr. Stephen Henson Date: Sun, 26 Jan 2003 13:38:56 +0000 (+0000) Subject: Correct EVP_SealInit() documentation, iv is an output X-Git-Tag: BEN_FIPS_TEST_1~38^2~359 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=da45180de49b60be97ae0d5e574864417d7ddebd;p=openssl Correct EVP_SealInit() documentation, iv is an output parameter. --- diff --git a/doc/crypto/EVP_SealInit.pod b/doc/crypto/EVP_SealInit.pod index 25ef07f7c7..b5e477e294 100644 --- a/doc/crypto/EVP_SealInit.pod +++ b/doc/crypto/EVP_SealInit.pod @@ -18,22 +18,28 @@ EVP_SealInit, EVP_SealUpdate, EVP_SealFinal - EVP envelope encryption =head1 DESCRIPTION The EVP envelope routines are a high level interface to envelope -encryption. They generate a random key and then "envelope" it by -using public key encryption. Data can then be encrypted using this -key. +encryption. They generate a random key and IV (if required) then +"envelope" it by using public key encryption. Data can then be +encrypted using this key. EVP_SealInit() initializes a cipher context B for encryption -with cipher B using a random secret key and IV supplied in -the B parameter. B is normally supplied by a function such -as EVP_des_cbc(). The secret key is encrypted using one or more public -keys, this allows the same encrypted data to be decrypted using any -of the corresponding private keys. B is an array of buffers where -the public key encrypted secret key will be written, each buffer must -contain enough room for the corresponding encrypted key: that is +with cipher B using a random secret key and IV. B is normally +supplied by a function such as EVP_des_cbc(). The secret key is encrypted +using one or more public keys, this allows the same encrypted data to be +decrypted using any of the corresponding private keys. B is an array of +buffers where the public key encrypted secret key will be written, each buffer +must contain enough room for the corresponding encrypted key: that is B must have room for B bytes. The actual size of each encrypted secret key is written to the array B. B is an array of B public keys. +The B parameter is a buffer where the generated IV is written to. It must +contain enough room for the corresponding cipher's IV, as determined by (for +example) EVP_CIPHER_iv_length(type). + +If the cipher does not require an IV then the B parameter is ignored +and can be B. + EVP_SealUpdate() and EVP_SealFinal() have exactly the same properties as the EVP_EncryptUpdate() and EVP_EncryptFinal() routines, as documented on the L manual