1238384Sjkim=pod 2238384Sjkim 3238384Sjkim=head1 NAME 4238384Sjkim 5238384SjkimEVP_PKEY_encrypt_init, EVP_PKEY_encrypt - encrypt using a public key algorithm 6238384Sjkim 7238384Sjkim=head1 SYNOPSIS 8238384Sjkim 9238384Sjkim #include <openssl/evp.h> 10238384Sjkim 11238384Sjkim int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *ctx); 12238384Sjkim int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx, 13238384Sjkim unsigned char *out, size_t *outlen, 14238384Sjkim const unsigned char *in, size_t inlen); 15238384Sjkim 16238384Sjkim=head1 DESCRIPTION 17238384Sjkim 18238384SjkimThe EVP_PKEY_encrypt_init() function initializes a public key algorithm 19238384Sjkimcontext using key B<pkey> for an encryption operation. 20238384Sjkim 21238384SjkimThe EVP_PKEY_encrypt() function performs a public key encryption operation 22238384Sjkimusing B<ctx>. The data to be encrypted is specified using the B<in> and 23238384SjkimB<inlen> parameters. If B<out> is B<NULL> then the maximum size of the output 24238384Sjkimbuffer is written to the B<outlen> parameter. If B<out> is not B<NULL> then 25238384Sjkimbefore the call the B<outlen> parameter should contain the length of the 26238384SjkimB<out> buffer, if the call is successful the encrypted data is written to 27238384SjkimB<out> and the amount of data written to B<outlen>. 28238384Sjkim 29238384Sjkim=head1 NOTES 30238384Sjkim 31238384SjkimAfter the call to EVP_PKEY_encrypt_init() algorithm specific control 32238384Sjkimoperations can be performed to set any appropriate parameters for the 33238384Sjkimoperation. 34238384Sjkim 35238384SjkimThe function EVP_PKEY_encrypt() can be called more than once on the same 36238384Sjkimcontext if several operations are performed using the same parameters. 37238384Sjkim 38238384Sjkim=head1 RETURN VALUES 39238384Sjkim 40238384SjkimEVP_PKEY_encrypt_init() and EVP_PKEY_encrypt() return 1 for success and 0 41238384Sjkimor a negative value for failure. In particular a return value of -2 42238384Sjkimindicates the operation is not supported by the public key algorithm. 43238384Sjkim 44238384Sjkim=head1 EXAMPLE 45238384Sjkim 46279264SdelphijEncrypt data using OAEP (for RSA keys). See also L<PEM_read_PUBKEY(3)|pem(3)> or 47279264SdelphijL<d2i_X509(3)|d2i_X509(3)> for means to load a public key. You may also simply 48279264Sdelphijset 'eng = NULL;' to start with the default OpenSSL RSA implementation: 49238384Sjkim 50238384Sjkim #include <openssl/evp.h> 51238384Sjkim #include <openssl/rsa.h> 52279264Sdelphij #include <openssl/engine.h> 53238384Sjkim 54238384Sjkim EVP_PKEY_CTX *ctx; 55279264Sdelphij ENGINE *eng; 56238384Sjkim unsigned char *out, *in; 57238384Sjkim size_t outlen, inlen; 58238384Sjkim EVP_PKEY *key; 59279264Sdelphij /* NB: assumes eng, key, in, inlen are already set up, 60238384Sjkim * and that key is an RSA public key 61238384Sjkim */ 62279264Sdelphij ctx = EVP_PKEY_CTX_new(key,eng); 63238384Sjkim if (!ctx) 64238384Sjkim /* Error occurred */ 65238384Sjkim if (EVP_PKEY_encrypt_init(ctx) <= 0) 66238384Sjkim /* Error */ 67238384Sjkim if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_OAEP_PADDING) <= 0) 68238384Sjkim /* Error */ 69238384Sjkim 70238384Sjkim /* Determine buffer length */ 71238384Sjkim if (EVP_PKEY_encrypt(ctx, NULL, &outlen, in, inlen) <= 0) 72238384Sjkim /* Error */ 73238384Sjkim 74238384Sjkim out = OPENSSL_malloc(outlen); 75238384Sjkim 76238384Sjkim if (!out) 77238384Sjkim /* malloc failure */ 78238384Sjkim 79238384Sjkim if (EVP_PKEY_encrypt(ctx, out, &outlen, in, inlen) <= 0) 80238384Sjkim /* Error */ 81238384Sjkim 82238384Sjkim /* Encrypted data is outlen bytes written to buffer out */ 83238384Sjkim 84238384Sjkim=head1 SEE ALSO 85238384Sjkim 86279264SdelphijL<d2i_X509(3)|d2i_X509(3)>, 87279264SdelphijL<engine(3)|engine(3)>, 88238384SjkimL<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>, 89238384SjkimL<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>, 90238384SjkimL<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>, 91238384SjkimL<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>, 92246772SjkimL<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>, 93238384SjkimL<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)> 94238384Sjkim 95238384Sjkim=head1 HISTORY 96238384Sjkim 97238384SjkimThese functions were first added to OpenSSL 1.0.0. 98238384Sjkim 99238384Sjkim=cut 100