upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-06-07 15:52:40 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
opnsense-src/doc/man3/CMS_EncryptedData_encrypt.pod
Enji Cooper e4520c8bd1 openssl: Vendor import of OpenSSL-3.0.8 
Summary:

Release notes can be found at
https://www.openssl.org/news/openssl-3.0-notes.html .

Obtained from:  https://www.openssl.org/source/openssl-3.0.8.tar.gz
Differential Revision:	https://reviews.freebsd.org/D38835

Test Plan:
```
$ git status
On branch vendor/openssl-3.0
nothing to commit, working tree clean
$ (cd ..; fetch http://www.openssl.org/source/openssl-${OSSLVER}.tar.gz http://www.openssl.org/source/openssl-${OSSLVER}.tar.gz.asc)
openssl-3.0.8.tar.gz                                    14 MB 4507 kBps    04s
openssl-3.0.8.tar.gz.asc                               833  B   10 MBps    00s
$ set | egrep '(XLIST|OSSLVER)='
OSSLVER=3.0.8
XLIST=FREEBSD-Xlist
$ gpg --list-keys
/home/ngie/.gnupg/pubring.kbx
-----------------------------
pub   rsa4096 2014-10-04 [SC]
      7953AC1FBC3DC8B3B292393ED5E9E43F7DF9EE8C
uid           [ unknown] Richard Levitte <richard@levitte.org>
uid           [ unknown] Richard Levitte <levitte@lp.se>
uid           [ unknown] Richard Levitte <levitte@openssl.org>
sub   rsa4096 2014-10-04 [E]

$ gpg --verify openssl-${OSSLVER}.tar.gz.asc openssl-${OSSLVER}.tar.gz
gpg: Signature made Tue Feb  7 05:43:55 2023 PST
gpg:                using RSA key 7953AC1FBC3DC8B3B292393ED5E9E43F7DF9EE8C
gpg: Good signature from "Richard Levitte <richard@levitte.org>" [unknown]
gpg:                 aka "Richard Levitte <levitte@lp.se>" [unknown]
gpg:                 aka "Richard Levitte <levitte@openssl.org>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 7953 AC1F BC3D C8B3 B292  393E D5E9 E43F 7DF9 EE8C
$ (cd vendor.checkout/; git status; find . -type f -or -type l | cut -c 3- | sort > ../old)
On branch vendor/openssl-3.0
nothing to commit, working tree clean
$ tar -x -X $XLIST -f ../openssl-${OSSLVER}.tar.gz -C ..
$ rsync --exclude FREEBSD.* --delete -avzz ../openssl-${OSSLVER}/* .
$ cat .git
gitdir: /home/ngie/git/freebsd-src/.git/worktrees/vendor.checkout
$ diff -arq ../openssl-3.0.8  .
Only in .: .git
Only in .: FREEBSD-Xlist
Only in .: FREEBSD-upgrade
$ git status FREEBSD*
On branch vendor/openssl-3.0
nothing to commit, working tree clean
$
```

Reviewers: emaste, jkim

Subscribers: imp, andrew, dab

Differential Revision: https://reviews.freebsd.org/D38835
2023-03-06 12:41:29 -08:00

69 lines
2.4 KiB
Text
Raw Blame History

=pod
=head1 NAME
CMS_EncryptedData_encrypt_ex, CMS_EncryptedData_encrypt
- Create CMS EncryptedData
=head1 SYNOPSIS
#include <openssl/cms.h>
CMS_ContentInfo *CMS_EncryptedData_encrypt_ex(BIO *in,
const EVP_CIPHER *cipher,
const unsigned char *key,
size_t keylen,
unsigned int flags,
OSSL_LIB_CTX *ctx,
const char *propq);
CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in,
const EVP_CIPHER *cipher, const unsigned char *key, size_t keylen,
unsigned int flags);
=head1 DESCRIPTION
CMS_EncryptedData_encrypt_ex() creates a B<CMS_ContentInfo> structure
with a type B<NID_pkcs7_encrypted>. I<in> is a BIO containing the data to
encrypt using I<cipher> and the encryption key I<key> of size I<keylen> bytes.
The library context I<libctx> and the property query I<propq> are used when
retrieving algorithms from providers. I<flags> is a set of optional flags.
The I<flags> field supports the options B<CMS_DETACHED>, B<CMS_STREAM> and
B<CMS_PARTIAL>. Internally CMS_final() is called unless B<CMS_STREAM> and/or
B<CMS_PARTIAL> is specified.
The algorithm passed in the I<cipher> parameter must support ASN1 encoding of
its parameters.
The B<CMS_ContentInfo> structure can be freed using L<CMS_ContentInfo_free(3)>.
CMS_EncryptedData_encrypt() is similar to CMS_EncryptedData_encrypt_ex()
but uses default values of NULL for the library context I<libctx> and the
property query I<propq>.
=head1 RETURN VALUES
If the allocation fails, CMS_EncryptedData_encrypt_ex() and
CMS_EncryptedData_encrypt() return NULL and set an error code that can be
obtained by L<ERR_get_error(3)>. Otherwise they return a pointer to the newly
allocated structure.
=head1 SEE ALSO
L<ERR_get_error(3)>, L<CMS_final(3)>, L<CMS_EncryptedData_decrypt(3)>
=head1 HISTORY
The CMS_EncryptedData_encrypt_ex() method was added in OpenSSL 3.0.
=head1 COPYRIGHT
Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.
=cut
Reference in a new issue View git blame Copy permalink