OpenSSL's EVP Series 5---Evp_encrypt series of functions (II.)
---According to OpenSSL doc/crypto/evp_encryptinit.pod and Doc/ssleay.txt cipher.doc part of the translation and their own understanding written
(Author: dragonking, Mail:wzhah@263.net, posted in: http://gdwzh.126.com OpenSSL Professional Forum, version: openssl-0.9.7)
In the previous article we introduced the basic parts of the Evp_encrypt series functions, and this article will introduce some of their extensions, some parameter settings and other auxiliary functions, which are defined as follows (OPENSSL/EVP.H):
int evp_cipher_ctx_set_padding (evp_cipher_ctx *x, int padding);
int Evp_cipher_ctx_set_key_length (evp_cipher_ctx *x, int keylen);
int EVP_CIPHER_PARAM_TO_ASN1 (Evp_cipher_ctx *c, Asn1_type *type);
int Evp_cipher_asn1_to_param (Evp_cipher_ctx *c, Asn1_type *type);
"Evp_cipher_ctx_set_padding"
This function sets whether the padding feature is used. In the default case of the algorithm, the standard block padding function is used, and the padding is automatically detected and deleted when decrypted. If the parameter pad is set to 0, then the padding function will be prohibited, then encrypt and decrypt the data should be encrypted block length of the integer multiple, otherwise there will be errors. function constant returns 1.
"Evp_cipher_ctx_set_key_length"
This function is used to set the encryption algorithm structure EVP_CIPHER_CTX the key length. If the algorithm is a fixed-key-length algorithm, if the set key length is inconsistent with its fixed length, an error is generated.
"Evp_get_cipherbyname, Evp_get_cipherbynid and Evp_get_cipherbyobj."
Each of these three functions returns a Evp_cipher structure based on the given parameters, the difference being that the given parameters are the algorithm name, the NID of the algorithm, and a asn1_object structure. Refer to the definition of the Object/boject.h file for the specific algorithm name, nid, and asn1_object structure.
"Evp_cipher_nid and Evp_cipher_ctx_nid."
These two functions return the NID of the algorithm within the Evp_cipher or EVP_CIPHER_CTX structure. The returned NID value is only an internal stored value and does not necessarily have the corresponding object definition.
"Evp_cipher_key_length and Evp_cipher_ctx_key_length."
These two functions return the key length of the algorithm inside the Evp_cipher or EVP_CIPHER_CTX structure. The constant evp_max_key_length defines the longest key length for all algorithms. It is important to note that for the Evp_cipher_key_length function, the key length of a particular algorithm is invariant, but the Evp_cipher_ctx_key_length function has a variable key length for the same algorithm.
"Evp_cipher_iv_length and Evp_cipher_ctx_iv_length."
These two functions return the initialization vector length of the algorithm inside the Evp_cipher or EVP_CIPHER_CTX structure. If the algorithm does not use IV, it returns 0. Constant Evp_max_iv_length defines the longest IV length of all algorithms
"Evp_cipher_block_size and Evp_cipher_ctx_block_size."
These two functions return the cipher block length of the algorithm inside the Evp_cipher or EVP_CIPHER_CTX structure. Constant Evp_max_iv_length is also the longest block length of all algorithms.
"Evp_cipher_type and Evp_cipher_ctx_type."
These two functions return the type of the algorithm inside the Evp_cipher or EVP_CIPHER_CTX structure. The value of this type is the NID of the algorithm, in general, NID ignores some of the parameters of the algorithm, such as the 40-bit and 129-bit RC2 algorithm nid is the same. If the algorithm does not have a defined NID or is not supported by ASN1, then this function returns NID_UNDEF.
"Evp_cipher_ctx_cipher"
The function returns the Evp_cipher structure inside the EVP_CIPHER_CTX structure.
"Evp_cipher_mode and Evp_cipher_ctx_mode."
These two functions return the block cipher mode of the corresponding structure algorithm, including Evp_ciph_ecb_mode, Evp_ciph_cbc_mode, Evp_ciph_cfb_mode and Evp_ciph_ofb_mode; If the algorithm is a stream encryption algorithm, Then return to Evp_ciph_stream_cipher.
"EVP_CIPHER_PARAM_TO_ASN1"
This function sets the parameters of the algorithm structure, and generally the values set include all parameters and a value of IV. If the algorithm has IV, then IV must be set when the function is called. The function must be invoked before the set algorithm structure is used, such as before the Evp_encryptupdate and evp_decryptupdate functions are invoked. If ASN1 does not support the algorithm, calling the function will cause a failure. The operation returned 1 successfully or 0.
"Evp_cipher_asn1_to_param"
This function sets the structure of the parameter type to the value in the algorithm structure. The content of its settings is determined by the specific algorithm. As in the RC2 algorithm, it sets the IV and the active key length. This function should be invoked before the base algorithm type of the algorithm structure has been set but the key has not been set. For example, when the Evp_cipherinit function is invoked, parameter IV is used and the key is set to a bit null, and then the function should be called, and then the Evp_cipherinit will be called, at which point all parameters should be set except for the key setting bit null. This function call fails when ASN1 does not support the algorithm or when there are parameters that cannot be set (such as the RC2 valid key length is not supported). The operation returned 1 successfully or 0.
"Evp_cipher_ctx_ctrl"
This function can set specific parameters for different algorithms. At present, only the effective key length of the RC2 algorithm and the number of encryption times (rounds) of the RC5 algorithm can be set.
BTW: I feel all write a little bit slow, know that you want to know how to use programming, but, first so many functions introduced clearly, the following looks will be much easier, the next will introduce the EVP_ENCRYPT*...* series of functions of the programming framework, with a few examples.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.