life_cycle-cipher¶
NAME¶
life_cycle-cipher - The cipher algorithm life-cycle
DESCRIPTION¶
All symmetric ciphers (CIPHERs) go through a number of stages in their life-cycle:
start
This state represents the CIPHER before it has been allocated. It is the starting state for any life-cycle transitions.
newed
This state represents the CIPHER after it has been allocated.
initialised
These states represent the CIPHER when it is set up and capable of processing input. There are three possible initialised states:
- initialised using EVP_CipherInit
- initialised for decryption using EVP_DecryptInit
- initialised for encryption using EVP_EncryptInit
updated
These states represent the CIPHER when it is set up and capable of processing additional input or generating output. The three possible states directly correspond to those for initialised above. The three different streams should not be mixed.
finaled
This state represents the CIPHER when it has generated output.
freed
This state is entered when the CIPHER is freed. It is the terminal state for all life-cycle transitions.
State Transition Diagram¶
The usual life-cycle of a CIPHER is illustrated:
Formal State Transitions¶
This section defines all of the legal state transitions. This is the canonical list.
| Function Call | Current State | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|
| start | newed | initialised | updated | finaled | initialised decryption | updated decryption | initialised encryption | updated encryption | freed | |
| EVP_CIPHER_CTX_new | newed | |||||||||
| EVP_CipherInit | initialised | initialised | initialised | initialised | initialised | initialised | initialised | initialised | ||
| EVP_DecryptInit | initialised decryption | initialised decryption | initialised decryption | initialised decryption | initialised decryption | initialised decryption | initialised decryption | initialised decryption | ||
| EVP_EncryptInit | initialised encryption | initialised encryption | initialised encryption | initialised encryption | initialised encryption | initialised encryption | initialised encryption | initialised encryption | ||
| EVP_CipherUpdate | updated | updated | ||||||||
| EVP_DecryptUpdate | updated decryption | updated decryption | ||||||||
| EVP_EncryptUpdate | updated encryption | updated encryption | ||||||||
| EVP_CipherFinal | finaled | |||||||||
| EVP_DecryptFinal | finaled decryption | |||||||||
| EVP_EncryptFinal | finaled decryption | |||||||||
| EVP_CIPHER_CTX_free | freed | freed | freed | freed | freed | freed | freed | freed | freed | |
| EVP_CIPHER_CTX_reset | newed | newed | newed | newed | newed | newed | newed | |||
| EVP_CIPHER_CTX_get_params | newed | initialised | updated | initialised decryption | updated decryption | initialised encryption | updated encryption | |||
| EVP_CIPHER_CTX_set_params | newed | initialised | updated | initialised decryption | updated decryption | initialised encryption | updated encryption | |||
| EVP_CIPHER_CTX_gettable_params | newed | initialised | updated | initialised decryption | updated decryption | initialised encryption | updated encryption | |||
| EVP_CIPHER_CTX_settable_params | newed | initialised | updated | initialised decryption | updated decryption | initialised encryption | updated encryption | |||
NOTES¶
At some point the EVP layer will begin enforcing the transitions described herein.
SEE ALSO¶
provider-cipher(7), EVP_EncryptInit(3)
COPYRIGHT¶
Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at https://www.openssl.org/source/license.html.