aboutsummaryrefslogtreecommitdiff
path: root/secure/lib/libcrypto/man/man3/EVP_EncodeInit.3
diff options
context:
space:
mode:
Diffstat (limited to 'secure/lib/libcrypto/man/man3/EVP_EncodeInit.3')
-rw-r--r--secure/lib/libcrypto/man/man3/EVP_EncodeInit.3226
1 files changed, 91 insertions, 135 deletions
diff --git a/secure/lib/libcrypto/man/man3/EVP_EncodeInit.3 b/secure/lib/libcrypto/man/man3/EVP_EncodeInit.3
index ea02b12e348e..3227724d0930 100644
--- a/secure/lib/libcrypto/man/man3/EVP_EncodeInit.3
+++ b/secure/lib/libcrypto/man/man3/EVP_EncodeInit.3
@@ -1,4 +1,5 @@
-.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
+.\" -*- mode: troff; coding: utf-8 -*-
+.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)
.\"
.\" Standard preamble:
.\" ========================================================================
@@ -15,29 +16,12 @@
.ft R
.fi
..
-.\" Set up some character translations and predefined strings. \*(-- will
-.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
-.\" double quote, and \*(R" will give a right double quote. \*(C+ will
-.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
-.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
-.\" nothing in troff, for use with C<>.
-.tr \(*W-
-.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
+.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
.ie n \{\
-. ds -- \(*W-
-. ds PI pi
-. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
-. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
-. ds L" ""
-. ds R" ""
. ds C` ""
. ds C' ""
'br\}
.el\{\
-. ds -- \|\(em\|
-. ds PI \(*p
-. ds L" ``
-. ds R" ''
. ds C`
. ds C'
'br\}
@@ -68,80 +52,20 @@
. \}
.\}
.rr rF
-.\" Fear. Run. Save yourself. No user-serviceable parts.
-. \" fudge factors for nroff and troff
-.if n \{\
-. ds #H 0
-. ds #V .8m
-. ds #F .3m
-. ds #[ \f1
-. ds #] \fP
-.\}
-.if t \{\
-. ds #H ((1u-(\\\\n(.fu%2u))*.13m)
-. ds #V .6m
-. ds #F 0
-. ds #[ \&
-. ds #] \&
-.\}
-. \" simple accents for nroff and troff
-.if n \{\
-. ds ' \&
-. ds ` \&
-. ds ^ \&
-. ds , \&
-. ds ~ ~
-. ds /
-.\}
-.if t \{\
-. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
-. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
-. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
-. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
-. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
-. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
-.\}
-. \" troff and (daisy-wheel) nroff accents
-.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
-.ds 8 \h'\*(#H'\(*b\h'-\*(#H'
-.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
-.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
-.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
-.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
-.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
-.ds ae a\h'-(\w'a'u*4/10)'e
-.ds Ae A\h'-(\w'A'u*4/10)'E
-. \" corrections for vroff
-.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
-.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
-. \" for low resolution devices (crt and lpr)
-.if \n(.H>23 .if \n(.V>19 \
-\{\
-. ds : e
-. ds 8 ss
-. ds o a
-. ds d- d\h'-1'\(ga
-. ds D- D\h'-1'\(hy
-. ds th \o'bp'
-. ds Th \o'LP'
-. ds ae ae
-. ds Ae AE
-.\}
-.rm #[ #] #H #V #F C
.\" ========================================================================
.\"
.IX Title "EVP_ENCODEINIT 3ossl"
-.TH EVP_ENCODEINIT 3ossl "2023-09-19" "3.0.11" "OpenSSL"
+.TH EVP_ENCODEINIT 3ossl 2025-07-01 3.5.1 OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
.nh
-.SH "NAME"
+.SH NAME
EVP_ENCODE_CTX_new, EVP_ENCODE_CTX_free, EVP_ENCODE_CTX_copy,
EVP_ENCODE_CTX_num, EVP_EncodeInit, EVP_EncodeUpdate, EVP_EncodeFinal,
EVP_EncodeBlock, EVP_DecodeInit, EVP_DecodeUpdate, EVP_DecodeFinal,
-EVP_DecodeBlock \- EVP base 64 encode/decode routines
-.SH "SYNOPSIS"
+EVP_DecodeBlock \- EVP base64 encode/decode routines
+.SH SYNOPSIS
.IX Header "SYNOPSIS"
.Vb 1
\& #include <openssl/evp.h>
@@ -162,24 +86,26 @@ EVP_DecodeBlock \- EVP base 64 encode/decode routines
\& int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned char *out, int *outl);
\& int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n);
.Ve
-.SH "DESCRIPTION"
+.SH DESCRIPTION
.IX Header "DESCRIPTION"
-The \s-1EVP\s0 encode routines provide a high-level interface to base 64 encoding and
-decoding. Base 64 encoding converts binary data into a printable form that uses
-the characters A\-Z, a\-z, 0\-9, \*(L"+\*(R" and \*(L"/\*(R" to represent the data. For every 3
-bytes of binary data provided 4 bytes of base 64 encoded data will be produced
+The EVP encode routines provide a high-level interface to base64 encoding and
+decoding.
+Base64 encoding converts binary data into a printable form that uses
+the characters A\-Z, a\-z, 0\-9, "+" and "/" to represent the data. For every 3
+bytes of binary data provided 4 bytes of base64 encoded data will be produced
plus some occasional newlines (see below). If the input data length is not a
-multiple of 3 then the output data will be padded at the end using the \*(L"=\*(R"
+multiple of 3 then the output data will be padded at the end using the "="
character.
.PP
\&\fBEVP_ENCODE_CTX_new()\fR allocates, initializes and returns a context to be used for
the encode/decode functions.
.PP
\&\fBEVP_ENCODE_CTX_free()\fR cleans up an encode/decode context \fBctx\fR and frees up the
-space allocated to it.
+space allocated to it. If the argument is NULL, nothing is done.
.PP
Encoding of binary data is performed in blocks of 48 input bytes (or less for
-the final block). For each 48 byte input block encoded 64 bytes of base 64 data
+the final block).
+For each 48 byte input block encoded 64 bytes of base64 data
is output plus an additional newline character (i.e. 65 bytes in total). The
final block (which may be less than 48 bytes) will output 4 bytes for every 3
bytes of input. If the data length is not divisible by 3 then a full 4 bytes is
@@ -199,7 +125,7 @@ required size of the output buffer add together the value of \fBinl\fR with the
amount of unprocessed data held in \fBctx\fR and divide the result by 48 (ignore
any remainder). This gives the number of blocks of data that will be processed.
Ensure the output buffer contains 65 bytes of storage for each block, plus an
-additional byte for a \s-1NUL\s0 terminator. \fBEVP_EncodeUpdate()\fR may be called
+additional byte for a NUL terminator. \fBEVP_EncodeUpdate()\fR may be called
repeatedly to process large amounts of input data. In the event of an error
\&\fBEVP_EncodeUpdate()\fR will set \fB*outl\fR to 0 and return 0. On success 1 will be
returned.
@@ -209,7 +135,7 @@ process any partial block of data remaining in the \fBctx\fR object. The output
data will be stored in \fBout\fR and the length of the data written will be stored
in \fB*outl\fR. It is the caller's responsibility to ensure that \fBout\fR is
sufficiently large to accommodate the output data which will never be more than
-65 bytes plus an additional \s-1NUL\s0 terminator (i.e. 66 bytes in total).
+65 bytes plus an additional NUL terminator (i.e. 66 bytes in total).
.PP
\&\fBEVP_ENCODE_CTX_copy()\fR can be used to copy a context \fBsctx\fR to a context
\&\fBdctx\fR. \fBdctx\fR must be initialized before calling this function.
@@ -221,59 +147,84 @@ be encoded or decoded that are pending in the \fBctx\fR object.
\&\fBn\fR and stores it in \fBt\fR. For every 3 bytes of input provided 4 bytes of
output data will be produced. If \fBn\fR is not divisible by 3 then the block is
encoded as a final block of data and the output is padded such that it is always
-divisible by 4. Additionally a \s-1NUL\s0 terminator character will be added. For
+divisible by 4. Additionally a NUL terminator character will be added. For
example if 16 bytes of input data is provided then 24 bytes of encoded data is
-created plus 1 byte for a \s-1NUL\s0 terminator (i.e. 25 bytes in total). The length of
-the data generated \fIwithout\fR the \s-1NUL\s0 terminator is returned from the function.
+created plus 1 byte for a NUL terminator (i.e. 25 bytes in total). The length of
+the data generated \fIwithout\fR the NUL terminator is returned from the function.
.PP
\&\fBEVP_DecodeInit()\fR initialises \fBctx\fR for the start of a new decoding operation.
.PP
-\&\fBEVP_DecodeUpdate()\fR decodes \fBinl\fR characters of data found in the buffer pointed
-to by \fBin\fR. The output is stored in the buffer \fBout\fR and the number of bytes
-output is stored in \fB*outl\fR. It is the caller's responsibility to ensure that
-the buffer at \fBout\fR is sufficiently large to accommodate the output data. This
-function will attempt to decode as much data as possible in 4 byte chunks. Any
-whitespace, newline or carriage return characters are ignored. Any partial chunk
-of unprocessed data (1, 2 or 3 bytes) that remains at the end will be held in
-the \fBctx\fR object and processed by a subsequent call to \fBEVP_DecodeUpdate()\fR. If
-any illegal base 64 characters are encountered or if the base 64 padding
-character \*(L"=\*(R" is encountered in the middle of the data then the function returns
-\&\-1 to indicate an error. A return value of 0 or 1 indicates successful
-processing of the data. A return value of 0 additionally indicates that the last
-input data characters processed included the base 64 padding character \*(L"=\*(R" and
-therefore no more non-padding character data is expected to be processed. For
-every 4 valid base 64 bytes processed (ignoring whitespace, carriage returns and
-line feeds), 3 bytes of binary output data will be produced (or less at the end
-of the data where the padding character \*(L"=\*(R" has been used).
-.PP
-\&\fBEVP_DecodeFinal()\fR must be called at the end of a decoding operation. If there
-is any unprocessed data still in \fBctx\fR then the input data must not have been
-a multiple of 4 and therefore an error has occurred. The function will return \-1
-in this case. Otherwise the function returns 1 on success.
-.PP
-\&\fBEVP_DecodeBlock()\fR will decode the block of \fBn\fR characters of base 64 data
-contained in \fBf\fR and store the result in \fBt\fR. Any leading whitespace will be
-trimmed as will any trailing whitespace, newlines, carriage returns or \s-1EOF\s0
-characters. After such trimming the length of the data in \fBf\fR must be divisible
-by 4. For every 4 input bytes exactly 3 output bytes will be produced. The
-output will be padded with 0 bits if necessary to ensure that the output is
-always 3 bytes for every 4 input bytes. This function will return the length of
-the data decoded or \-1 on error.
+\&\fBEVP_DecodeUpdate()\fR decodes \fBinl\fR characters of data found in the buffer
+pointed to by \fBin\fR.
+The output is stored in the buffer \fBout\fR and the number of bytes output is
+stored in \fB*outl\fR.
+It is the caller's responsibility to ensure that the buffer at \fBout\fR is
+sufficiently large to accommodate the output data.
+This function will attempt to decode as much data as possible in chunks of up
+to 80 base64 characters at a time.
+Residual input shorter than the internal chunk size will be buffered in \fBctx\fR
+if its length is not a multiple of 4 (including any padding), to be processed
+in future calls to \fBEVP_DecodeUpdate()\fR or \fBEVP_DecodeFinal()\fR.
+If the final chunk length is a multiple of 4, it is decoded immediately and
+not buffered.
+.PP
+Any whitespace, newline or carriage return characters are ignored.
+For compatibility with \fBPEM\fR, the \fB\-\fR (hyphen) character is treated as a soft
+end-of-input, subsequent bytes are not buffered, and the return value will be
+0 to indicate that the end of the base64 input has been detected.
+The soft end-of-input, if present, MUST occur after a multiple of 4 valid base64
+input bytes.
+The soft end-of-input condition is not remembered in \fBctx\fR, it is up to the
+caller to avoid further calls to \fBEVP_DecodeUpdate()\fR after a 0 or negative
+(error) return.
+.PP
+If any invalid base64 characters are encountered or if the base64 padding
+character (\fB=\fR) is encountered in the middle of the data then
+\&\fBEVP_DecodeUpdate()\fR returns \-1 to indicate an error.
+A return value of 0 or 1 indicates successful processing of the data.
+A return value of 0 additionally indicates that the last 4 bytes processed
+ended with base64 padding (\fB=\fR), or that the next 4 byte group starts with the
+soft end-of-input (\fB\-\fR) character, and therefore no more input data is
+expected to be processed.
+.PP
+For every 4 valid base64 bytes processed (ignoring whitespace, carriage returns
+and line feeds), 3 bytes of binary output data will be produced (except at the
+end of data terminated with one or two padding characters).
+.PP
+\&\fBEVP_DecodeFinal()\fR should be called at the end of a decoding operation,
+but it will never decode additional data. If there is no residual data
+it will return 1 to indicate success. If there is residual data, its
+length is not a multiple of 4, i.e. it was not properly padded, \-1 is
+is returned in that case to indicate an error.
+.PP
+\&\fBEVP_DecodeBlock()\fR will decode the block of \fBn\fR characters of base64 data
+contained in \fBf\fR and store the result in \fBt\fR.
+Any leading whitespace will be trimmed as will any trailing whitespace,
+newlines, carriage returns or EOF characters.
+Internal whitespace MUST NOT be present.
+After trimming the data in \fBf\fR MUST consist entirely of valid base64
+characters or padding (only at the tail of the input) and its length MUST be
+divisible by 4.
+For every 4 input bytes exactly 3 output bytes will be produced.
+Padding bytes (\fB=\fR) (even if internal) are decoded to 6 zero bits, the caller
+is responsible for taking trailing padding into account, by ignoring as many
+bytes at the tail of the returned output.
+\&\fBEVP_DecodeBlock()\fR will return the length of the data decoded or \-1 on error.
.SH "RETURN VALUES"
.IX Header "RETURN VALUES"
-\&\fBEVP_ENCODE_CTX_new()\fR returns a pointer to the newly allocated \s-1EVP_ENCODE_CTX\s0
-object or \s-1NULL\s0 on error.
+\&\fBEVP_ENCODE_CTX_new()\fR returns a pointer to the newly allocated EVP_ENCODE_CTX
+object or NULL on error.
.PP
\&\fBEVP_ENCODE_CTX_num()\fR returns the number of bytes pending encoding or decoding in
\&\fBctx\fR.
.PP
\&\fBEVP_EncodeUpdate()\fR returns 0 on error or 1 on success.
.PP
-\&\fBEVP_EncodeBlock()\fR returns the number of bytes encoded excluding the \s-1NUL\s0
+\&\fBEVP_EncodeBlock()\fR returns the number of bytes encoded excluding the NUL
terminator.
.PP
\&\fBEVP_DecodeUpdate()\fR returns \-1 on error and 0 or 1 on success. If 0 is returned
-then no more non-padding base 64 characters are expected.
+then no more non-padding base64 characters are expected.
.PP
\&\fBEVP_DecodeFinal()\fR returns \-1 on error or 1 on success.
.PP
@@ -281,11 +232,16 @@ then no more non-padding base 64 characters are expected.
.SH "SEE ALSO"
.IX Header "SEE ALSO"
\&\fBevp\fR\|(7)
-.SH "COPYRIGHT"
+.SH HISTORY
+.IX Header "HISTORY"
+The \fBEVP_DecodeUpdate()\fR function was fixed in OpenSSL 3.5,
+so now it produces the number of bytes specified in \fBoutl*\fR
+and does not decode padding bytes (\fB=\fR) to 6 zero bits.
+.SH COPYRIGHT
.IX Header "COPYRIGHT"
-Copyright 2016\-2020 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2016\-2025 The OpenSSL Project Authors. All Rights Reserved.
.PP
-Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use
+Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
-in the file \s-1LICENSE\s0 in the source distribution or at
+in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-25 03:48:23 +0000