openssl/doc/man3/EVP_CIPHER_CTX_get_original...

=pod

=head1 NAME

EVP_CIPHER_CTX_get_original_iv, EVP_CIPHER_CTX_get_updated_iv,
EVP_CIPHER_CTX_iv, EVP_CIPHER_CTX_original_iv,
EVP_CIPHER_CTX_iv_noconst - Routines to inspect EVP_CIPHER_CTX IV data

=head1 SYNOPSIS

 #include <openssl/evp.h>

 int EVP_CIPHER_CTX_get_original_iv(EVP_CIPHER_CTX *ctx, void *buf, size_t len);
 int EVP_CIPHER_CTX_get_updated_iv(EVP_CIPHER_CTX *ctx, void *buf, size_t len);

The following functions have been deprecated since OpenSSL 3.0, and can be
hidden entirely by defining B<OPENSSL_API_COMPAT> with a suitable version value,
see L<openssl_user_macros(7)>:

 const unsigned char *EVP_CIPHER_CTX_iv(const EVP_CIPHER_CTX *ctx);
 const unsigned char *EVP_CIPHER_CTX_original_iv(const EVP_CIPHER_CTX *ctx);
 unsigned char *EVP_CIPHER_CTX_iv_noconst(EVP_CIPHER_CTX *ctx);

=head1 DESCRIPTION

EVP_CIPHER_CTX_get_original_iv() and EVP_CIPHER_CTX_get_updated_iv() copy
initialization vector (IV) information from the B<EVP_CIPHER_CTX> into the
caller-supplied buffer. L<EVP_CIPHER_CTX_get_iv_length(3)> can be used to
determine an appropriate buffer size, and if the supplied buffer is too small,
an error will be returned (and no data copied).
EVP_CIPHER_CTX_get_original_iv() accesses the ("original") IV that was
supplied when the B<EVP_CIPHER_CTX> was initialized, and
EVP_CIPHER_CTX_get_updated_iv() accesses the current "IV state"
of the cipher, which is updated during cipher operation for certain cipher modes
(e.g., CBC and OFB).

The functions EVP_CIPHER_CTX_iv(), EVP_CIPHER_CTX_original_iv(), and
EVP_CIPHER_CTX_iv_noconst() are deprecated functions that provide similar (at
a conceptual level) functionality.  EVP_CIPHER_CTX_iv() returns a pointer to
the beginning of the "IV state" as maintained internally in the
B<EVP_CIPHER_CTX>; EVP_CIPHER_CTX_original_iv() returns a pointer to the
beginning of the ("original") IV, as maintained by the B<EVP_CIPHER_CTX>, that
was provided when the B<EVP_CIPHER_CTX> was initialized; and
EVP_CIPHER_CTX_get_iv_noconst() is the same as EVP_CIPHER_CTX_iv() but has a
different return type for the pointer.

=head1 RETURN VALUES

EVP_CIPHER_CTX_get_original_iv() and EVP_CIPHER_CTX_get_updated_iv() return 1
on success and 0 on failure.

The functions EVP_CIPHER_CTX_iv(), EVP_CIPHER_CTX_original_iv(), and
EVP_CIPHER_CTX_iv_noconst() return a pointer to an IV as an array of bytes on
success, and NULL on failure.

=head1 HISTORY

EVP_CIPHER_CTX_get_original_iv() and EVP_CIPHER_CTX_get_updated_iv() were added
in OpenSSL 3.0.0.

EVP_CIPHER_CTX_iv(), EVP_CIPHER_CTX_original_iv(), and
EVP_CIPHER_CTX_iv_noconst() were added in OpenSSL 1.1.0, and were deprecated
in OpenSSL 3.0.0.

=head1 COPYRIGHT

Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License").  You may not use
this file except in compliance with the License.  You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.

=cut
Document EVP_CIPHER_CTX IV accessors Including the ones that were added in commit 83b06347023a573433b6aa23c8042f89df869f9e with a note that they "may go away" and are now deprecated. Remove the missingcrypto.txt entries for the now-deprecated functions. [extended tests] Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12233) 2020-06-23 02:37:31 +08:00			`=pod`

			`=head1 NAME`

Rename EVP_CIPHER_CTX_get_iv and EVP_CIPHER_CTX_get_iv_state for clarity To clarify the purpose of these two calls rename them to EVP_CIPHER_CTX_get_original_iv and EVP_CIPHER_CTX_get_updated_iv. Also rename the OSSL_CIPHER_PARAM_IV_STATE to OSSL_CIPHER_PARAM_UPDATED_IV to better align with the function name. Fixes #13411 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13870) 2021-01-14 22:19:46 +08:00			`EVP_CIPHER_CTX_get_original_iv, EVP_CIPHER_CTX_get_updated_iv,`
			`EVP_CIPHER_CTX_iv, EVP_CIPHER_CTX_original_iv,`
			`EVP_CIPHER_CTX_iv_noconst - Routines to inspect EVP_CIPHER_CTX IV data`
Document EVP_CIPHER_CTX IV accessors Including the ones that were added in commit 83b06347023a573433b6aa23c8042f89df869f9e with a note that they "may go away" and are now deprecated. Remove the missingcrypto.txt entries for the now-deprecated functions. [extended tests] Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12233) 2020-06-23 02:37:31 +08:00
			`=head1 SYNOPSIS`

			`#include <openssl/evp.h>`

Rename EVP_CIPHER_CTX_get_iv and EVP_CIPHER_CTX_get_iv_state for clarity To clarify the purpose of these two calls rename them to EVP_CIPHER_CTX_get_original_iv and EVP_CIPHER_CTX_get_updated_iv. Also rename the OSSL_CIPHER_PARAM_IV_STATE to OSSL_CIPHER_PARAM_UPDATED_IV to better align with the function name. Fixes #13411 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13870) 2021-01-14 22:19:46 +08:00			`int EVP_CIPHER_CTX_get_original_iv(EVP_CIPHER_CTX ctx, void buf, size_t len);`
			`int EVP_CIPHER_CTX_get_updated_iv(EVP_CIPHER_CTX ctx, void buf, size_t len);`

Clarify the deprecation warnings in the docs There was recently an instance where a user was confused by the deprecation warnings in the docs. They believed the warning applied to the immediately preceding function declarations, when it fact it applied to the following function declarations. https://mta.openssl.org/pipermail/openssl-users/2021-December/014665.html We clarify the wording to make it clear that the warning applies to the following functions. Reviewed-by: Paul Dale <pauli@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/17180) 2021-12-02 19:33:49 +08:00			`The following functions have been deprecated since OpenSSL 3.0, and can be`
			`hidden entirely by defining B<OPENSSL_API_COMPAT> with a suitable version value,`
			`see L<openssl_user_macros(7)>:`
Rename EVP_CIPHER_CTX_get_iv and EVP_CIPHER_CTX_get_iv_state for clarity To clarify the purpose of these two calls rename them to EVP_CIPHER_CTX_get_original_iv and EVP_CIPHER_CTX_get_updated_iv. Also rename the OSSL_CIPHER_PARAM_IV_STATE to OSSL_CIPHER_PARAM_UPDATED_IV to better align with the function name. Fixes #13411 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13870) 2021-01-14 22:19:46 +08:00
Document EVP_CIPHER_CTX IV accessors Including the ones that were added in commit 83b06347023a573433b6aa23c8042f89df869f9e with a note that they "may go away" and are now deprecated. Remove the missingcrypto.txt entries for the now-deprecated functions. [extended tests] Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12233) 2020-06-23 02:37:31 +08:00			`const unsigned char EVP_CIPHER_CTX_iv(const EVP_CIPHER_CTX ctx);`
			`const unsigned char EVP_CIPHER_CTX_original_iv(const EVP_CIPHER_CTX ctx);`
			`unsigned char EVP_CIPHER_CTX_iv_noconst(EVP_CIPHER_CTX ctx);`

			`=head1 DESCRIPTION`

Rename EVP_CIPHER_CTX_get_iv and EVP_CIPHER_CTX_get_iv_state for clarity To clarify the purpose of these two calls rename them to EVP_CIPHER_CTX_get_original_iv and EVP_CIPHER_CTX_get_updated_iv. Also rename the OSSL_CIPHER_PARAM_IV_STATE to OSSL_CIPHER_PARAM_UPDATED_IV to better align with the function name. Fixes #13411 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13870) 2021-01-14 22:19:46 +08:00			`EVP_CIPHER_CTX_get_original_iv() and EVP_CIPHER_CTX_get_updated_iv() copy`
			`initialization vector (IV) information from the B<EVP_CIPHER_CTX> into the`
Rename all getters to use get/get0 in name For functions that exist in 1.1.1 provide a simple aliases via #define. Fixes #15236 Functions with OSSL_DECODER_, OSSL_ENCODER_, OSSL_STORE_LOADER_, EVP_KEYEXCH_, EVP_KEM_, EVP_ASYM_CIPHER_, EVP_SIGNATURE_, EVP_KEYMGMT_, EVP_RAND_, EVP_MAC_, EVP_KDF_, EVP_PKEY_, EVP_MD_, and EVP_CIPHER_ prefixes are renamed. Reviewed-by: Paul Dale <pauli@openssl.org> (Merged from https://github.com/openssl/openssl/pull/15405) 2021-05-21 22:58:08 +08:00			`caller-supplied buffer. L<EVP_CIPHER_CTX_get_iv_length(3)> can be used to`
			`determine an appropriate buffer size, and if the supplied buffer is too small,`
			`an error will be returned (and no data copied).`
			`EVP_CIPHER_CTX_get_original_iv() accesses the ("original") IV that was`
			`supplied when the B<EVP_CIPHER_CTX> was initialized, and`
			`EVP_CIPHER_CTX_get_updated_iv() accesses the current "IV state"`
Rename EVP_CIPHER_CTX_get_iv and EVP_CIPHER_CTX_get_iv_state for clarity To clarify the purpose of these two calls rename them to EVP_CIPHER_CTX_get_original_iv and EVP_CIPHER_CTX_get_updated_iv. Also rename the OSSL_CIPHER_PARAM_IV_STATE to OSSL_CIPHER_PARAM_UPDATED_IV to better align with the function name. Fixes #13411 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13870) 2021-01-14 22:19:46 +08:00			`of the cipher, which is updated during cipher operation for certain cipher modes`
			`(e.g., CBC and OFB).`
Document EVP_CIPHER_CTX IV accessors Including the ones that were added in commit 83b06347023a573433b6aa23c8042f89df869f9e with a note that they "may go away" and are now deprecated. Remove the missingcrypto.txt entries for the now-deprecated functions. [extended tests] Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12233) 2020-06-23 02:37:31 +08:00
			`The functions EVP_CIPHER_CTX_iv(), EVP_CIPHER_CTX_original_iv(), and`
			`EVP_CIPHER_CTX_iv_noconst() are deprecated functions that provide similar (at`
			`a conceptual level) functionality. EVP_CIPHER_CTX_iv() returns a pointer to`
			`the beginning of the "IV state" as maintained internally in the`
			`B<EVP_CIPHER_CTX>; EVP_CIPHER_CTX_original_iv() returns a pointer to the`
			`beginning of the ("original") IV, as maintained by the B<EVP_CIPHER_CTX>, that`
			`was provided when the B<EVP_CIPHER_CTX> was initialized; and`
			`EVP_CIPHER_CTX_get_iv_noconst() is the same as EVP_CIPHER_CTX_iv() but has a`
			`different return type for the pointer.`

			`=head1 RETURN VALUES`

Rename EVP_CIPHER_CTX_get_iv and EVP_CIPHER_CTX_get_iv_state for clarity To clarify the purpose of these two calls rename them to EVP_CIPHER_CTX_get_original_iv and EVP_CIPHER_CTX_get_updated_iv. Also rename the OSSL_CIPHER_PARAM_IV_STATE to OSSL_CIPHER_PARAM_UPDATED_IV to better align with the function name. Fixes #13411 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13870) 2021-01-14 22:19:46 +08:00			`EVP_CIPHER_CTX_get_original_iv() and EVP_CIPHER_CTX_get_updated_iv() return 1`
			`on success and 0 on failure.`
Document EVP_CIPHER_CTX IV accessors Including the ones that were added in commit 83b06347023a573433b6aa23c8042f89df869f9e with a note that they "may go away" and are now deprecated. Remove the missingcrypto.txt entries for the now-deprecated functions. [extended tests] Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12233) 2020-06-23 02:37:31 +08:00
			`The functions EVP_CIPHER_CTX_iv(), EVP_CIPHER_CTX_original_iv(), and`
			`EVP_CIPHER_CTX_iv_noconst() return a pointer to an IV as an array of bytes on`
			`success, and NULL on failure.`

			`=head1 HISTORY`

Rename EVP_CIPHER_CTX_get_iv and EVP_CIPHER_CTX_get_iv_state for clarity To clarify the purpose of these two calls rename them to EVP_CIPHER_CTX_get_original_iv and EVP_CIPHER_CTX_get_updated_iv. Also rename the OSSL_CIPHER_PARAM_IV_STATE to OSSL_CIPHER_PARAM_UPDATED_IV to better align with the function name. Fixes #13411 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13870) 2021-01-14 22:19:46 +08:00			`EVP_CIPHER_CTX_get_original_iv() and EVP_CIPHER_CTX_get_updated_iv() were added`
			`in OpenSSL 3.0.0.`
Document EVP_CIPHER_CTX IV accessors Including the ones that were added in commit 83b06347023a573433b6aa23c8042f89df869f9e with a note that they "may go away" and are now deprecated. Remove the missingcrypto.txt entries for the now-deprecated functions. [extended tests] Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12233) 2020-06-23 02:37:31 +08:00
			`EVP_CIPHER_CTX_iv(), EVP_CIPHER_CTX_original_iv(), and`
			`EVP_CIPHER_CTX_iv_noconst() were added in OpenSSL 1.1.0, and were deprecated`
			`in OpenSSL 3.0.0.`

			`=head1 COPYRIGHT`

Rename EVP_CIPHER_CTX_get_iv and EVP_CIPHER_CTX_get_iv_state for clarity To clarify the purpose of these two calls rename them to EVP_CIPHER_CTX_get_original_iv and EVP_CIPHER_CTX_get_updated_iv. Also rename the OSSL_CIPHER_PARAM_IV_STATE to OSSL_CIPHER_PARAM_UPDATED_IV to better align with the function name. Fixes #13411 Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/13870) 2021-01-14 22:19:46 +08:00			`Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.`
Document EVP_CIPHER_CTX IV accessors Including the ones that were added in commit 83b06347023a573433b6aa23c8042f89df869f9e with a note that they "may go away" and are now deprecated. Remove the missingcrypto.txt entries for the now-deprecated functions. [extended tests] Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/12233) 2020-06-23 02:37:31 +08:00
			`Licensed under the Apache License 2.0 (the "License"). You may not use`
			`this file except in compliance with the License. You can obtain a copy`
			`in the file LICENSE in the source distribution or at`
			`L<https://www.openssl.org/source/license.html>.`

			`=cut`