Sortix 1.1dev nightly manual
This manual documents Sortix 1.1dev nightly, a development build that has not been officially released. You can instead view this document in the latest official manual.
EVP_AES_128_CBC(3) | Library Functions Manual | EVP_AES_128_CBC(3) |
NAME
EVP_aes_128_cbc
,
EVP_aes_192_cbc
,
EVP_aes_256_cbc
,
EVP_aes_128_cfb1
,
EVP_aes_192_cfb1
,
EVP_aes_256_cfb1
,
EVP_aes_128_cfb8
,
EVP_aes_192_cfb8
,
EVP_aes_256_cfb8
,
EVP_aes_128_cfb128
,
EVP_aes_192_cfb128
,
EVP_aes_256_cfb128
,
EVP_aes_128_cfb
,
EVP_aes_192_cfb
,
EVP_aes_256_cfb
,
EVP_aes_128_ctr
,
EVP_aes_192_ctr
,
EVP_aes_256_ctr
,
EVP_aes_128_ecb
,
EVP_aes_192_ecb
,
EVP_aes_256_ecb
,
EVP_aes_128_ofb
,
EVP_aes_192_ofb
,
EVP_aes_256_ofb
,
EVP_aes_128_cbc_hmac_sha1
,
EVP_aes_256_cbc_hmac_sha1
,
EVP_aes_128_ccm
,
EVP_aes_192_ccm
,
EVP_aes_256_ccm
,
EVP_aes_128_gcm
,
EVP_aes_192_gcm
,
EVP_aes_256_gcm
,
EVP_aes_128_wrap
,
EVP_aes_192_wrap
,
EVP_aes_256_wrap
,
EVP_aes_128_xts
,
EVP_aes_256_xts
—
EVP AES cipher
SYNOPSIS
#include
<openssl/evp.h>
const EVP_CIPHER *
EVP_aes_128_cbc
(void);
const EVP_CIPHER *
EVP_aes_192_cbc
(void);
const EVP_CIPHER *
EVP_aes_256_cbc
(void);
const EVP_CIPHER *
EVP_aes_128_cfb1
(void);
const EVP_CIPHER *
EVP_aes_192_cfb1
(void);
const EVP_CIPHER *
EVP_aes_256_cfb1
(void);
const EVP_CIPHER *
EVP_aes_128_cfb8
(void);
const EVP_CIPHER *
EVP_aes_192_cfb8
(void);
const EVP_CIPHER *
EVP_aes_256_cfb8
(void);
const EVP_CIPHER *
EVP_aes_128_cfb128
(void);
const EVP_CIPHER *
EVP_aes_192_cfb128
(void);
const EVP_CIPHER *
EVP_aes_256_cfb128
(void);
const EVP_CIPHER *
EVP_aes_128_cfb
(void);
const EVP_CIPHER *
EVP_aes_192_cfb
(void);
const EVP_CIPHER *
EVP_aes_256_cfb
(void);
const EVP_CIPHER *
EVP_aes_128_ctr
(void);
const EVP_CIPHER *
EVP_aes_192_ctr
(void);
const EVP_CIPHER *
EVP_aes_256_ctr
(void);
const EVP_CIPHER *
EVP_aes_128_ecb
(void);
const EVP_CIPHER *
EVP_aes_192_ecb
(void);
const EVP_CIPHER *
EVP_aes_256_ecb
(void);
const EVP_CIPHER *
EVP_aes_128_ofb
(void);
const EVP_CIPHER *
EVP_aes_192_ofb
(void);
const EVP_CIPHER *
EVP_aes_256_ofb
(void);
const EVP_CIPHER *
EVP_aes_128_cbc_hmac_sha1
(void);
const EVP_CIPHER *
EVP_aes_256_cbc_hmac_sha1
(void);
const EVP_CIPHER *
EVP_aes_128_ccm
(void);
const EVP_CIPHER *
EVP_aes_192_ccm
(void);
const EVP_CIPHER *
EVP_aes_256_ccm
(void);
const EVP_CIPHER *
EVP_aes_128_gcm
(void);
const EVP_CIPHER *
EVP_aes_192_gcm
(void);
const EVP_CIPHER *
EVP_aes_256_gcm
(void);
const EVP_CIPHER *
EVP_aes_128_wrap
(void);
const EVP_CIPHER *
EVP_aes_192_wrap
(void);
const EVP_CIPHER *
EVP_aes_256_wrap
(void);
const EVP_CIPHER *
EVP_aes_128_xts
(void);
const EVP_CIPHER *
EVP_aes_256_xts
(void);
DESCRIPTION
These functions provide the AES encryption algorithm in the evp(3) framework.EVP_aes_128_cbc
(),
EVP_aes_192_cbc
(),
EVP_aes_256_cbc
(),
EVP_aes_128_cfb1
(),
EVP_aes_192_cfb1
(),
EVP_aes_256_cfb1
(),
EVP_aes_128_cfb8
(),
EVP_aes_192_cfb8
(),
EVP_aes_256_cfb8
(),
EVP_aes_128_cfb128
(),
EVP_aes_192_cfb128
(),
EVP_aes_256_cfb128
(),
EVP_aes_128_ctr
(),
EVP_aes_192_ctr
(),
EVP_aes_256_ctr
(),
EVP_aes_128_ecb
(),
EVP_aes_192_ecb
(),
EVP_aes_256_ecb
(),
EVP_aes_128_ofb
(),
EVP_aes_192_ofb
(), and
EVP_aes_256_ofb
() provide AES for 128, 192,
and 256-bit keys in the following modes: CBC, CFB with 1-bit shift, CFB with
8-bit shift, CFB with 128-bit shift, CTR, ECB, and OFB.
EVP_aes_128_cfb
(),
EVP_aes_192_cfb
(), and
EVP_aes_256_cfb
() are aliases for
EVP_aes_128_cfb128
(),
EVP_aes_192_cfb128
(), and
EVP_aes_256_cfb128
().
EVP_aes_128_cbc_hmac_sha1
() and
EVP_aes_256_cbc_hmac_sha1
() provide
authenticated encryption with AES in CBC mode using SHA-1 as HMAC, with keys
of 128 and 256-bit length respectively. The authentication tag is 160 bits
long. This is not intended for usage outside of TLS and requires calling of
some undocumented control functions. These ciphers do not conform to the EVP
AEAD interface.
EVP_aes_128_ccm
(),
EVP_aes_192_ccm
(),
EVP_aes_256_ccm
(),
EVP_aes_128_gcm
(),
EVP_aes_192_gcm
(), and
EVP_aes_256_gcm
() provide AES for 128, 192
and 256-bit keys in CBC-MAC Mode (CCM) and Galois Counter Mode (GCM),
respectively. These ciphers require additional control operations to function
correctly; see
EVP_EncryptInit(3)
for details.
EVP_aes_128_wrap
(),
EVP_aes_192_wrap
(), and
EVP_aes_256_wrap
() provide AES key wrap
with 128, 192 and 256-bit keys according to RFC 3394 section 2.2.1
("wrap"). When the returned
EVP_CIPHER object is later passed to
EVP_CipherInit_ex(3),
EVP_EncryptInit_ex(3),
or
EVP_DecryptInit_ex(3)
together with an EVP_CIPHER_CTX object, the
flag EVP_CIPHER_CTX_FLAG_WRAP_ALLOW
must
have been set in the EVP_CIPHER_CTX using
EVP_CIPHER_CTX_set_flags(3).
Otherwise, or when passing the returned
EVP_CIPHER object to
EVP_CipherInit(3),
EVP_EncryptInit(3),
or
EVP_DecryptInit(3),
initialization fails with a “wrap not allowed” error.
EVP_aes_128_xts
() and
EVP_aes_256_xts
() provide XEX-based
tweaked-codebook mode with ciphertext stealing (XTS-AES) as specified in IEEE
Std. 1619-2007 and described in NIST SP 800-38E. It was designed for
encrypting data on a storage device, provides confidentiality but not
authentication of data, and requires a key of double length for protection of
a certain key size. In particular, XTS-AES-128 takes input of a 256-bit key to
achieve AES 128-bit security, and XTS-AES-256 takes input of a 512-bit key to
achieve AES 256-bit security.
RETURN VALUES
These functions return an EVP_CIPHER structure that provides the implementation of the symmetric cipher.SEE ALSO
AES_encrypt(3), evp(3), EVP_EncryptInit(3)HISTORY
EVP_aes_128_cbc
(),
EVP_aes_192_cbc
(),
EVP_aes_256_cbc
(),
EVP_aes_128_cfb
(),
EVP_aes_192_cfb
(),
EVP_aes_256_cfb
(),
EVP_aes_128_ebc
(),
EVP_aes_192_ebc
(),
EVP_aes_256_ebc
(),
EVP_aes_128_ofb
(),
EVP_aes_192_ofb
(), and
EVP_aes_256_ofb
() first appeared in OpenSSL
0.9.7 and have been available since OpenBSD 3.2.
EVP_aes_128_cfb1
(),
EVP_aes_192_cfb1
(),
EVP_aes_256_cfb1
(),
EVP_aes_128_cfb8
(),
EVP_aes_192_cfb8
(),
EVP_aes_256_cfb8
(),
EVP_aes_128_cfb128
(),
EVP_aes_192_cfb128
(), and
EVP_aes_256_cfb128
() first appeared in
OpenSSL 0.9.7e and have been available since OpenBSD
3.8.
EVP_aes_128_ctr
(),
EVP_aes_192_ctr
(),
EVP_aes_256_ctr
(),
EVP_aes_128_cbc_hmac_sha1
(),
EVP_aes_256_cbc_hmac_sha1
(),
EVP_aes_128_ccm
(),
EVP_aes_192_ccm
(),
EVP_aes_256_ccm
(),
EVP_aes_128_gcm
(),
EVP_aes_192_gcm
(),
EVP_aes_256_gcm
(),
EVP_aes_128_xts
(), and
EVP_aes_256_xts
() first appeared in OpenSSL
1.0.1 and have been available since OpenBSD 5.3.
EVP_aes_128_wrap
(),
EVP_aes_192_wrap
(), and
EVP_aes_256_wrap
() first appeared in
OpenSSL 1.0.2 and have been available since OpenBSD
6.5.June 24, 2020 | Debian |