openssl/doc/man3/EVP_PKEY_encapsulate.pod

=pod

=head1 NAME

EVP_PKEY_encapsulate_init, EVP_PKEY_encapsulate
- Key encapsulation using a public key algorithm

=head1 SYNOPSIS

 #include <openssl/evp.h>

 int EVP_PKEY_encapsulate_init(EVP_PKEY_CTX *ctx, const OSSL_PARAM params[]);
 int EVP_PKEY_encapsulate(EVP_PKEY_CTX *ctx,
                          unsigned char *out, size_t *outlen,
                          unsigned char *genkey, size_t *genkeylen);

=head1 DESCRIPTION

The EVP_PKEY_encapsulate_init() function initializes a public key algorithm
context I<ctx> for an encapsulation operation and then sets the I<params>
on the context in the same way as calling L<EVP_PKEY_CTX_set_params(3)>.

The EVP_PKEY_encapsulate() function performs a public key encapsulation
operation using I<ctx> with the name I<name>.
If I<out> is B<NULL> then the maximum size of the output buffer is written to the
I<*outlen> parameter and the maximum size of the generated key buffer is written
to I<*genkeylen>. If I<out> is not B<NULL> and the call is successful then the
internally generated key is written to I<genkey> and its size is written to
I<*genkeylen>. The encapsulated version of the generated key is written to
I<out> and its size is written to I<*outlen>.

=head1 NOTES

After the call to EVP_PKEY_encapsulate_init() algorithm specific parameters
for the operation may be set or modified using L<EVP_PKEY_CTX_set_params(3)>.

=head1 RETURN VALUES

EVP_PKEY_encapsulate_init() and EVP_PKEY_encapsulate() return 1 for
success and 0 or a negative value for failure. In particular a return value of -2
indicates the operation is not supported by the public key algorithm.

=head1 EXAMPLES

Encapsulate an RSASVE key (for RSA keys).

 #include <openssl/evp.h>

 /*
  * NB: assumes rsa_pub_key is an public key of another party.
  */

 EVP_PKEY_CTX *ctx = NULL;
 size_t secretlen = 0, outlen = 0;
 unsigned char *out = NULL, *secret = NULL;

 ctx = EVP_PKEY_CTX_new_from_pkey(libctx, rsa_pub_key, NULL);
 if (ctx = NULL)
     /* Error */
 if (EVP_PKEY_encapsulate_init(ctx, NULL) <= 0)
     /* Error */

 /* Set the mode - only 'RSASVE' is currently supported */
  if (EVP_PKEY_CTX_set_kem_op(ctx, "RSASVE") <= 0)
     /* Error */
 /* Determine buffer length */
 if (EVP_PKEY_encapsulate(ctx, NULL, &outlen, NULL, &secretlen) <= 0)
     /* Error */

 out = OPENSSL_malloc(outlen);
 secret = OPENSSL_malloc(secretlen);
 if (out == NULL || secret == NULL)
     /* malloc failure */

 /*
  * The generated 'secret' can be used as key material.
  * The encapsulated 'out' can be sent to another party who can
  * decapsulate it using their private key to retrieve the 'secret'.
  */
 if (EVP_PKEY_encapsulate(ctx, out, &outlen, secret, &secretlen) <= 0)
     /* Error */

=head1 SEE ALSO

L<EVP_PKEY_CTX_new(3)>,
L<EVP_PKEY_decapsulate(3)>,
L<EVP_KEM-RSA(7)>,

=head1 HISTORY

These functions were added in OpenSSL 3.0.

=head1 COPYRIGHT

Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License").  You may not use
this file except in compliance with the License.  You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.

=cut
Add KEM (Key encapsulation mechanism) support to providers SP800-56Br2 requires support for the RSA primitives for RSASVE generate and recover. As these are simple KEM operations another operation type has been added that can support future extensions. Added public functions EVP_PKEY_encapsulate_init(), EVP_PKEY_encapsulate(), EVP_PKEY_decapsulate_init() and EVP_PKEY_decapsulate() Added EVP_KEM_* functions. Added OSSL_FUNC_kem_* dispatch functions Added EVP_PKEY_CTX_set_kem_op() so that different types of KEM can be added in the future. This value must currently be set to "RSASVE" after EVP_PKEY_encapsulate_init() & EVP_PKEY_decapsulate_init() as there is no default value. This allows the existing RSA key types, keymanagers, and encoders to be used with the encapsulation operations. The design of the public API's resulted from contributions from @romen & @levitte. Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12750) 2020-09-19 16:08:46 +08:00			`=pod`

			`=head1 NAME`

			`EVP_PKEY_encapsulate_init, EVP_PKEY_encapsulate`
			`- Key encapsulation using a public key algorithm`

			`=head1 SYNOPSIS`

			`#include <openssl/evp.h>`

doc: update PKEY documentation to include the new init functions with params Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/14383) 2021-03-03 09:02:42 +08:00			`int EVP_PKEY_encapsulate_init(EVP_PKEY_CTX *ctx, const OSSL_PARAM params[]);`
Add KEM (Key encapsulation mechanism) support to providers SP800-56Br2 requires support for the RSA primitives for RSASVE generate and recover. As these are simple KEM operations another operation type has been added that can support future extensions. Added public functions EVP_PKEY_encapsulate_init(), EVP_PKEY_encapsulate(), EVP_PKEY_decapsulate_init() and EVP_PKEY_decapsulate() Added EVP_KEM_* functions. Added OSSL_FUNC_kem_* dispatch functions Added EVP_PKEY_CTX_set_kem_op() so that different types of KEM can be added in the future. This value must currently be set to "RSASVE" after EVP_PKEY_encapsulate_init() & EVP_PKEY_decapsulate_init() as there is no default value. This allows the existing RSA key types, keymanagers, and encoders to be used with the encapsulation operations. The design of the public API's resulted from contributions from @romen & @levitte. Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12750) 2020-09-19 16:08:46 +08:00			`int EVP_PKEY_encapsulate(EVP_PKEY_CTX *ctx,`
			`unsigned char out, size_t outlen,`
			`unsigned char genkey, size_t genkeylen);`

			`=head1 DESCRIPTION`

			`The EVP_PKEY_encapsulate_init() function initializes a public key algorithm`
doc: update PKEY documentation to include the new init functions with params Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/14383) 2021-03-03 09:02:42 +08:00			`context I<ctx> for an encapsulation operation and then sets the I<params>`
			`on the context in the same way as calling L<EVP_PKEY_CTX_set_params(3)>.`
Add KEM (Key encapsulation mechanism) support to providers SP800-56Br2 requires support for the RSA primitives for RSASVE generate and recover. As these are simple KEM operations another operation type has been added that can support future extensions. Added public functions EVP_PKEY_encapsulate_init(), EVP_PKEY_encapsulate(), EVP_PKEY_decapsulate_init() and EVP_PKEY_decapsulate() Added EVP_KEM_* functions. Added OSSL_FUNC_kem_* dispatch functions Added EVP_PKEY_CTX_set_kem_op() so that different types of KEM can be added in the future. This value must currently be set to "RSASVE" after EVP_PKEY_encapsulate_init() & EVP_PKEY_decapsulate_init() as there is no default value. This allows the existing RSA key types, keymanagers, and encoders to be used with the encapsulation operations. The design of the public API's resulted from contributions from @romen & @levitte. Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12750) 2020-09-19 16:08:46 +08:00
			`The EVP_PKEY_encapsulate() function performs a public key encapsulation`
			`operation using I<ctx> with the name I<name>.`
			`If I<out> is B<NULL> then the maximum size of the output buffer is written to the`
			`I<*outlen> parameter and the maximum size of the generated key buffer is written`
			`to I<*genkeylen>. If I<out> is not B<NULL> and the call is successful then the`
			`internally generated key is written to I<genkey> and its size is written to`
			`I<*genkeylen>. The encapsulated version of the generated key is written to`
			`I<out> and its size is written to I<*outlen>.`

			`=head1 NOTES`

			`After the call to EVP_PKEY_encapsulate_init() algorithm specific parameters`
doc: update PKEY documentation to include the new init functions with params Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/14383) 2021-03-03 09:02:42 +08:00			`for the operation may be set or modified using L<EVP_PKEY_CTX_set_params(3)>.`
Add KEM (Key encapsulation mechanism) support to providers SP800-56Br2 requires support for the RSA primitives for RSASVE generate and recover. As these are simple KEM operations another operation type has been added that can support future extensions. Added public functions EVP_PKEY_encapsulate_init(), EVP_PKEY_encapsulate(), EVP_PKEY_decapsulate_init() and EVP_PKEY_decapsulate() Added EVP_KEM_* functions. Added OSSL_FUNC_kem_* dispatch functions Added EVP_PKEY_CTX_set_kem_op() so that different types of KEM can be added in the future. This value must currently be set to "RSASVE" after EVP_PKEY_encapsulate_init() & EVP_PKEY_decapsulate_init() as there is no default value. This allows the existing RSA key types, keymanagers, and encoders to be used with the encapsulation operations. The design of the public API's resulted from contributions from @romen & @levitte. Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12750) 2020-09-19 16:08:46 +08:00
			`=head1 RETURN VALUES`

			`EVP_PKEY_encapsulate_init() and EVP_PKEY_encapsulate() return 1 for`
			`success and 0 or a negative value for failure. In particular a return value of -2`
			`indicates the operation is not supported by the public key algorithm.`

			`=head1 EXAMPLES`

			`Encapsulate an RSASVE key (for RSA keys).`

			`#include <openssl/evp.h>`

			`/*`
			`* NB: assumes rsa_pub_key is an public key of another party.`
			`*/`

			`EVP_PKEY_CTX *ctx = NULL;`
			`size_t secretlen = 0, outlen = 0;`
			`unsigned char out = NULL, secret = NULL;`

			`ctx = EVP_PKEY_CTX_new_from_pkey(libctx, rsa_pub_key, NULL);`
			`if (ctx = NULL)`
			`/* Error */`
doc: update PKEY documentation to include the new init functions with params Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/14383) 2021-03-03 09:02:42 +08:00			`if (EVP_PKEY_encapsulate_init(ctx, NULL) <= 0)`
Add KEM (Key encapsulation mechanism) support to providers SP800-56Br2 requires support for the RSA primitives for RSASVE generate and recover. As these are simple KEM operations another operation type has been added that can support future extensions. Added public functions EVP_PKEY_encapsulate_init(), EVP_PKEY_encapsulate(), EVP_PKEY_decapsulate_init() and EVP_PKEY_decapsulate() Added EVP_KEM_* functions. Added OSSL_FUNC_kem_* dispatch functions Added EVP_PKEY_CTX_set_kem_op() so that different types of KEM can be added in the future. This value must currently be set to "RSASVE" after EVP_PKEY_encapsulate_init() & EVP_PKEY_decapsulate_init() as there is no default value. This allows the existing RSA key types, keymanagers, and encoders to be used with the encapsulation operations. The design of the public API's resulted from contributions from @romen & @levitte. Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12750) 2020-09-19 16:08:46 +08:00			`/* Error */`

			`/* Set the mode - only 'RSASVE' is currently supported */`
			`if (EVP_PKEY_CTX_set_kem_op(ctx, "RSASVE") <= 0)`
			`/* Error */`
			`/* Determine buffer length */`
			`if (EVP_PKEY_encapsulate(ctx, NULL, &outlen, NULL, &secretlen) <= 0)`
			`/* Error */`

			`out = OPENSSL_malloc(outlen);`
			`secret = OPENSSL_malloc(secretlen);`
			`if (out == NULL \|\| secret == NULL)`
			`/* malloc failure */`

			`/*`
			`* The generated 'secret' can be used as key material.`
			`* The encapsulated 'out' can be sent to another party who can`
doc: remove end of line whitespace Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/16641) 2021-09-21 08:59:56 +08:00			`* decapsulate it using their private key to retrieve the 'secret'.`
Add KEM (Key encapsulation mechanism) support to providers SP800-56Br2 requires support for the RSA primitives for RSASVE generate and recover. As these are simple KEM operations another operation type has been added that can support future extensions. Added public functions EVP_PKEY_encapsulate_init(), EVP_PKEY_encapsulate(), EVP_PKEY_decapsulate_init() and EVP_PKEY_decapsulate() Added EVP_KEM_* functions. Added OSSL_FUNC_kem_* dispatch functions Added EVP_PKEY_CTX_set_kem_op() so that different types of KEM can be added in the future. This value must currently be set to "RSASVE" after EVP_PKEY_encapsulate_init() & EVP_PKEY_decapsulate_init() as there is no default value. This allows the existing RSA key types, keymanagers, and encoders to be used with the encapsulation operations. The design of the public API's resulted from contributions from @romen & @levitte. Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12750) 2020-09-19 16:08:46 +08:00			`*/`
			`if (EVP_PKEY_encapsulate(ctx, out, &outlen, secret, &secretlen) <= 0)`
			`/* Error */`

			`=head1 SEE ALSO`

			`L<EVP_PKEY_CTX_new(3)>,`
			`L<EVP_PKEY_decapsulate(3)>,`
			`L<EVP_KEM-RSA(7)>,`

			`=head1 HISTORY`

			`These functions were added in OpenSSL 3.0.`

			`=head1 COPYRIGHT`

Update copyright year Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/14801) 2021-04-08 20:04:41 +08:00			`Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.`
Add KEM (Key encapsulation mechanism) support to providers SP800-56Br2 requires support for the RSA primitives for RSASVE generate and recover. As these are simple KEM operations another operation type has been added that can support future extensions. Added public functions EVP_PKEY_encapsulate_init(), EVP_PKEY_encapsulate(), EVP_PKEY_decapsulate_init() and EVP_PKEY_decapsulate() Added EVP_KEM_* functions. Added OSSL_FUNC_kem_* dispatch functions Added EVP_PKEY_CTX_set_kem_op() so that different types of KEM can be added in the future. This value must currently be set to "RSASVE" after EVP_PKEY_encapsulate_init() & EVP_PKEY_decapsulate_init() as there is no default value. This allows the existing RSA key types, keymanagers, and encoders to be used with the encapsulation operations. The design of the public API's resulted from contributions from @romen & @levitte. Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/12750) 2020-09-19 16:08:46 +08:00
			`Licensed under the Apache License 2.0 (the "License"). You may not use`
			`this file except in compliance with the License. You can obtain a copy`
			`in the file LICENSE in the source distribution or at`
			`L<https://www.openssl.org/source/license.html>.`

			`=cut`