Ubuntu Manpage: BIO_f_cipher, BIO_set_cipher, BIO_get_cipher_status, BIO_get_cipher_ctx

Provided by: libssl-doc_1.1.1-1ubuntu2.1~18.04.23_all

NAME

       BIO_f_cipher, BIO_set_cipher, BIO_get_cipher_status, BIO_get_cipher_ctx - cipher BIO
       filter

SYNOPSIS

        #include <openssl/bio.h>
        #include <openssl/evp.h>

        const BIO_METHOD *BIO_f_cipher(void);
        void BIO_set_cipher(BIO *b, const EVP_CIPHER *cipher,
                            unsigned char *key, unsigned char *iv, int enc);
        int BIO_get_cipher_status(BIO *b)
        int BIO_get_cipher_ctx(BIO *b, EVP_CIPHER_CTX **pctx)

DESCRIPTION

       BIO_f_cipher() returns the cipher BIO method. This is a filter BIO that encrypts any data
       written through it, and decrypts any data read from it. It is a BIO wrapper for the cipher
       routines EVP_CipherInit(), EVP_CipherUpdate() and EVP_CipherFinal().

       Cipher BIOs do not support BIO_gets() or BIO_puts().

       BIO_flush() on an encryption BIO that is being written through is used to signal that no
       more data is to be encrypted: this is used to flush and possibly pad the final block
       through the BIO.

       BIO_set_cipher() sets the cipher of BIO b to cipher using key key and IV iv. enc should be
       set to 1 for encryption and zero for decryption.

       When reading from an encryption BIO the final block is automatically decrypted and checked
       when EOF is detected. BIO_get_cipher_status() is a BIO_ctrl() macro which can be called to
       determine whether the decryption operation was successful.

       BIO_get_cipher_ctx() is a BIO_ctrl() macro which retrieves the internal BIO cipher
       context. The retrieved context can be used in conjunction with the standard cipher
       routines to set it up. This is useful when BIO_set_cipher() is not flexible enough for the
       applications needs.

NOTES

       When encrypting BIO_flush() must be called to flush the final block through the BIO. If it
       is not then the final block will fail a subsequent decrypt.

       When decrypting an error on the final block is signaled by a zero return value from the
       read operation. A successful decrypt followed by EOF will also return zero for the final
       read. BIO_get_cipher_status() should be called to determine if the decrypt was successful.

       As always, if BIO_gets() or BIO_puts() support is needed then it can be achieved by
       preceding the cipher BIO with a buffering BIO.

RETURN VALUES

       BIO_f_cipher() returns the cipher BIO method.

       BIO_set_cipher() does not return a value.

       BIO_get_cipher_status() returns 1 for a successful decrypt and 0 for failure.

       BIO_get_cipher_ctx() currently always returns 1.

COPYRIGHT

       Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.

       Licensed under the OpenSSL license (the "License").  You may not use this file except in
       compliance with the License.  You can obtain a copy in the file LICENSE in the source
       distribution or at <https://www.openssl.org/source/license.html>.