diff options
Diffstat (limited to 'secure/lib/libcrypto/man/CMS_decrypt.3')
-rw-r--r-- | secure/lib/libcrypto/man/CMS_decrypt.3 | 40 |
1 files changed, 22 insertions, 18 deletions
diff --git a/secure/lib/libcrypto/man/CMS_decrypt.3 b/secure/lib/libcrypto/man/CMS_decrypt.3 index 97f0c97948ac3..67856b18a1849 100644 --- a/secure/lib/libcrypto/man/CMS_decrypt.3 +++ b/secure/lib/libcrypto/man/CMS_decrypt.3 @@ -1,4 +1,4 @@ -.\" Automatically generated by Pod::Man 4.09 (Pod::Simple 3.35) +.\" Automatically generated by Pod::Man 4.10 (Pod::Simple 3.35) .\" .\" Standard preamble: .\" ======================================================================== @@ -54,16 +54,20 @@ .\" Avoid warning from groff about undefined register 'F'. .de IX .. -.if !\nF .nr F 0 -.if \nF>0 \{\ -. de IX -. tm Index:\\$1\t\\n%\t"\\$2" +.nr rF 0 +.if \n(.g .if rF .nr rF 1 +.if (\n(rF:(\n(.g==0)) \{\ +. if \nF \{\ +. de IX +. tm Index:\\$1\t\\n%\t"\\$2" .. -. if !\nF==2 \{\ -. nr % 0 -. nr F 2 +. if !\nF==2 \{\ +. nr % 0 +. nr F 2 +. \} . \} .\} +.rr rF .\" .\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). .\" Fear. Run. Save yourself. No user-serviceable parts. @@ -129,7 +133,7 @@ .\" ======================================================================== .\" .IX Title "CMS_DECRYPT 3" -.TH CMS_DECRYPT 3 "2018-11-20" "1.1.1a" "OpenSSL" +.TH CMS_DECRYPT 3 "2019-02-26" "1.1.1b" "OpenSSL" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -146,7 +150,7 @@ CMS_decrypt \- decrypt content from a CMS envelopedData structure .Ve .SH "DESCRIPTION" .IX Header "DESCRIPTION" -\&\fICMS_decrypt()\fR extracts and decrypts the content from a \s-1CMS\s0 EnvelopedData +\&\fBCMS_decrypt()\fR extracts and decrypts the content from a \s-1CMS\s0 EnvelopedData structure. \fBpkey\fR is the private key of the recipient, \fBcert\fR is the recipient's certificate, \fBout\fR is a \s-1BIO\s0 to write the content to and \&\fBflags\fR is an optional set of flags. @@ -164,7 +168,7 @@ is problematic. To thwart the \s-1MMA\s0 attack (Bleichenbacher's attack on \&\s-1PKCS\s0 #1 v1.5 \s-1RSA\s0 padding) all recipients are tried whether they succeed or not. If no recipient succeeds then a random symmetric key is used to decrypt the content: this will typically output garbage and may (but is not guaranteed -to) ultimately return a padding error only. If \fICMS_decrypt()\fR just returned an +to) ultimately return a padding error only. If \fBCMS_decrypt()\fR just returned an error when all recipient encrypted keys failed to decrypt an attacker could use this in a timing attack. If the special flag \fB\s-1CMS_DEBUG_DECRYPT\s0\fR is set then the above behaviour is modified and an error \fBis\fR returned if no @@ -175,11 +179,11 @@ open to attack. .PP It is possible to determine the correct recipient key by other means (for example looking them up in a database) and setting them in the \s-1CMS\s0 structure -in advance using the \s-1CMS\s0 utility functions such as \fICMS_set1_pkey()\fR. In this +in advance using the \s-1CMS\s0 utility functions such as \fBCMS_set1_pkey()\fR. In this case both \fBcert\fR and \fBpkey\fR should be set to \s-1NULL.\s0 .PP -To process KEKRecipientInfo types \fICMS_set1_key()\fR or \fICMS_RecipientInfo_set0_key()\fR -and \fICMS_RecipientInfo_decrypt()\fR should be called before \fICMS_decrypt()\fR and +To process KEKRecipientInfo types \fBCMS_set1_key()\fR or \fBCMS_RecipientInfo_set0_key()\fR +and \fBCMS_RecipientInfo_decrypt()\fR should be called before \fBCMS_decrypt()\fR and \&\fBcert\fR and \fBpkey\fR set to \s-1NULL.\s0 .PP The following flags can be passed in the \fBflags\fR parameter. @@ -189,15 +193,15 @@ from the content. If the content is not of type \fBtext/plain\fR then an error i returned. .SH "RETURN VALUES" .IX Header "RETURN VALUES" -\&\fICMS_decrypt()\fR returns either 1 for success or 0 for failure. -The error can be obtained from \fIERR_get_error\fR\|(3) +\&\fBCMS_decrypt()\fR returns either 1 for success or 0 for failure. +The error can be obtained from \fBERR_get_error\fR\|(3) .SH "BUGS" .IX Header "BUGS" The lack of single pass processing and the need to hold all data in memory as -mentioned in \fICMS_verify()\fR also applies to \fICMS_decrypt()\fR. +mentioned in \fBCMS_verify()\fR also applies to \fBCMS_decrypt()\fR. .SH "SEE ALSO" .IX Header "SEE ALSO" -\&\fIERR_get_error\fR\|(3), \fICMS_encrypt\fR\|(3) +\&\fBERR_get_error\fR\|(3), \fBCMS_encrypt\fR\|(3) .SH "COPYRIGHT" .IX Header "COPYRIGHT" Copyright 2008\-2016 The OpenSSL Project Authors. All Rights Reserved. |