Add Docs for EVP_CIPHER-*

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15416)

19 files changed, 827 insertions, 79 deletions

diff --git a/doc/build.info b/doc/build.info
index 55e7fff306..b77c04d2b6 100644
--- a/doc/build.info
+++ b/doc/build.info
@@ -4019,6 +4019,58 @@ DEPEND[html/man7/EVP_ASYM_CIPHER-SM2.html]=man7/EVP_ASYM_CIPHER-SM2.pod
 GENERATE[html/man7/EVP_ASYM_CIPHER-SM2.html]=man7/EVP_ASYM_CIPHER-SM2.pod
 DEPEND[man/man7/EVP_ASYM_CIPHER-SM2.7]=man7/EVP_ASYM_CIPHER-SM2.pod
 GENERATE[man/man7/EVP_ASYM_CIPHER-SM2.7]=man7/EVP_ASYM_CIPHER-SM2.pod
+DEPEND[html/man7/EVP_CIPHER-AES.html]=man7/EVP_CIPHER-AES.pod
+GENERATE[html/man7/EVP_CIPHER-AES.html]=man7/EVP_CIPHER-AES.pod
+DEPEND[man/man7/EVP_CIPHER-AES.7]=man7/EVP_CIPHER-AES.pod
+GENERATE[man/man7/EVP_CIPHER-AES.7]=man7/EVP_CIPHER-AES.pod
+DEPEND[html/man7/EVP_CIPHER-ARIA.html]=man7/EVP_CIPHER-ARIA.pod
+GENERATE[html/man7/EVP_CIPHER-ARIA.html]=man7/EVP_CIPHER-ARIA.pod
+DEPEND[man/man7/EVP_CIPHER-ARIA.7]=man7/EVP_CIPHER-ARIA.pod
+GENERATE[man/man7/EVP_CIPHER-ARIA.7]=man7/EVP_CIPHER-ARIA.pod
+DEPEND[html/man7/EVP_CIPHER-BLOWFISH.html]=man7/EVP_CIPHER-BLOWFISH.pod
+GENERATE[html/man7/EVP_CIPHER-BLOWFISH.html]=man7/EVP_CIPHER-BLOWFISH.pod
+DEPEND[man/man7/EVP_CIPHER-BLOWFISH.7]=man7/EVP_CIPHER-BLOWFISH.pod
+GENERATE[man/man7/EVP_CIPHER-BLOWFISH.7]=man7/EVP_CIPHER-BLOWFISH.pod
+DEPEND[html/man7/EVP_CIPHER-CAMELLIA.html]=man7/EVP_CIPHER-CAMELLIA.pod
+GENERATE[html/man7/EVP_CIPHER-CAMELLIA.html]=man7/EVP_CIPHER-CAMELLIA.pod
+DEPEND[man/man7/EVP_CIPHER-CAMELLIA.7]=man7/EVP_CIPHER-CAMELLIA.pod
+GENERATE[man/man7/EVP_CIPHER-CAMELLIA.7]=man7/EVP_CIPHER-CAMELLIA.pod
+DEPEND[html/man7/EVP_CIPHER-CAST.html]=man7/EVP_CIPHER-CAST.pod
+GENERATE[html/man7/EVP_CIPHER-CAST.html]=man7/EVP_CIPHER-CAST.pod
+DEPEND[man/man7/EVP_CIPHER-CAST.7]=man7/EVP_CIPHER-CAST.pod
+GENERATE[man/man7/EVP_CIPHER-CAST.7]=man7/EVP_CIPHER-CAST.pod
+DEPEND[html/man7/EVP_CIPHER-CHACHA.html]=man7/EVP_CIPHER-CHACHA.pod
+GENERATE[html/man7/EVP_CIPHER-CHACHA.html]=man7/EVP_CIPHER-CHACHA.pod
+DEPEND[man/man7/EVP_CIPHER-CHACHA.7]=man7/EVP_CIPHER-CHACHA.pod
+GENERATE[man/man7/EVP_CIPHER-CHACHA.7]=man7/EVP_CIPHER-CHACHA.pod
+DEPEND[html/man7/EVP_CIPHER-DES.html]=man7/EVP_CIPHER-DES.pod
+GENERATE[html/man7/EVP_CIPHER-DES.html]=man7/EVP_CIPHER-DES.pod
+DEPEND[man/man7/EVP_CIPHER-DES.7]=man7/EVP_CIPHER-DES.pod
+GENERATE[man/man7/EVP_CIPHER-DES.7]=man7/EVP_CIPHER-DES.pod
+DEPEND[html/man7/EVP_CIPHER-IDEA.html]=man7/EVP_CIPHER-IDEA.pod
+GENERATE[html/man7/EVP_CIPHER-IDEA.html]=man7/EVP_CIPHER-IDEA.pod
+DEPEND[man/man7/EVP_CIPHER-IDEA.7]=man7/EVP_CIPHER-IDEA.pod
+GENERATE[man/man7/EVP_CIPHER-IDEA.7]=man7/EVP_CIPHER-IDEA.pod
+DEPEND[html/man7/EVP_CIPHER-RC2.html]=man7/EVP_CIPHER-RC2.pod
+GENERATE[html/man7/EVP_CIPHER-RC2.html]=man7/EVP_CIPHER-RC2.pod
+DEPEND[man/man7/EVP_CIPHER-RC2.7]=man7/EVP_CIPHER-RC2.pod
+GENERATE[man/man7/EVP_CIPHER-RC2.7]=man7/EVP_CIPHER-RC2.pod
+DEPEND[html/man7/EVP_CIPHER-RC4.html]=man7/EVP_CIPHER-RC4.pod
+GENERATE[html/man7/EVP_CIPHER-RC4.html]=man7/EVP_CIPHER-RC4.pod
+DEPEND[man/man7/EVP_CIPHER-RC4.7]=man7/EVP_CIPHER-RC4.pod
+GENERATE[man/man7/EVP_CIPHER-RC4.7]=man7/EVP_CIPHER-RC4.pod
+DEPEND[html/man7/EVP_CIPHER-RC5.html]=man7/EVP_CIPHER-RC5.pod
+GENERATE[html/man7/EVP_CIPHER-RC5.html]=man7/EVP_CIPHER-RC5.pod
+DEPEND[man/man7/EVP_CIPHER-RC5.7]=man7/EVP_CIPHER-RC5.pod
+GENERATE[man/man7/EVP_CIPHER-RC5.7]=man7/EVP_CIPHER-RC5.pod
+DEPEND[html/man7/EVP_CIPHER-SEED.html]=man7/EVP_CIPHER-SEED.pod
+GENERATE[html/man7/EVP_CIPHER-SEED.html]=man7/EVP_CIPHER-SEED.pod
+DEPEND[man/man7/EVP_CIPHER-SEED.7]=man7/EVP_CIPHER-SEED.pod
+GENERATE[man/man7/EVP_CIPHER-SEED.7]=man7/EVP_CIPHER-SEED.pod
+DEPEND[html/man7/EVP_CIPHER-SM4.html]=man7/EVP_CIPHER-SM4.pod
+GENERATE[html/man7/EVP_CIPHER-SM4.html]=man7/EVP_CIPHER-SM4.pod
+DEPEND[man/man7/EVP_CIPHER-SM4.7]=man7/EVP_CIPHER-SM4.pod
+GENERATE[man/man7/EVP_CIPHER-SM4.7]=man7/EVP_CIPHER-SM4.pod
 DEPEND[html/man7/EVP_KDF-HKDF.html]=man7/EVP_KDF-HKDF.pod
 GENERATE[html/man7/EVP_KDF-HKDF.html]=man7/EVP_KDF-HKDF.pod
 DEPEND[man/man7/EVP_KDF-HKDF.7]=man7/EVP_KDF-HKDF.pod
@@ -4441,6 +4493,19 @@ IMAGEDOCS[man7]=man7/img/kdf.png \
 man7/img/mac.png \
 man7/img/rand.png
 HTMLDOCS[man7]=html/man7/EVP_ASYM_CIPHER-SM2.html \
+html/man7/EVP_CIPHER-AES.html \
+html/man7/EVP_CIPHER-ARIA.html \
+html/man7/EVP_CIPHER-BLOWFISH.html \
+html/man7/EVP_CIPHER-CAMELLIA.html \
+html/man7/EVP_CIPHER-CAST.html \
+html/man7/EVP_CIPHER-CHACHA.html \
+html/man7/EVP_CIPHER-DES.html \
+html/man7/EVP_CIPHER-IDEA.html \
+html/man7/EVP_CIPHER-RC2.html \
+html/man7/EVP_CIPHER-RC4.html \
+html/man7/EVP_CIPHER-RC5.html \
+html/man7/EVP_CIPHER-SEED.html \
+html/man7/EVP_CIPHER-SM4.html \
 html/man7/EVP_KDF-HKDF.html \
 html/man7/EVP_KDF-KB.html \
 html/man7/EVP_KDF-KRB5KDF.html \
@@ -4546,6 +4611,19 @@ html/man7/proxy-certificates.html \
 html/man7/ssl.html \
 html/man7/x509.html
 MANDOCS[man7]=man/man7/EVP_ASYM_CIPHER-SM2.7 \
+man/man7/EVP_CIPHER-AES.7 \
+man/man7/EVP_CIPHER-ARIA.7 \
+man/man7/EVP_CIPHER-BLOWFISH.7 \
+man/man7/EVP_CIPHER-CAMELLIA.7 \
+man/man7/EVP_CIPHER-CAST.7 \
+man/man7/EVP_CIPHER-CHACHA.7 \
+man/man7/EVP_CIPHER-DES.7 \
+man/man7/EVP_CIPHER-IDEA.7 \
+man/man7/EVP_CIPHER-RC2.7 \
+man/man7/EVP_CIPHER-RC4.7 \
+man/man7/EVP_CIPHER-RC5.7 \
+man/man7/EVP_CIPHER-SEED.7 \
+man/man7/EVP_CIPHER-SM4.7 \
 man/man7/EVP_KDF-HKDF.7 \
 man/man7/EVP_KDF-KB.7 \
 man/man7/EVP_KDF-KRB5KDF.7 \
diff --git a/doc/man3/EVP_EncryptInit.pod b/doc/man3/EVP_EncryptInit.pod
index 1581a1526c..52b8736d07 100644
--- a/doc/man3/EVP_EncryptInit.pod
+++ b/doc/man3/EVP_EncryptInit.pod
@@ -201,8 +201,8 @@ The B<EVP_CIPHER> type is a structure for cipher method implementation.
 
 =item EVP_CIPHER_fetch()
 
-Fetches the cipher implementation for the given B<algorithm> from any provider
-offering it, within the criteria given by the B<properties>.
+Fetches the cipher implementation for the given I<algorithm> from any provider
+offering it, within the criteria given by the I<properties>.
 See L<crypto(7)/ALGORITHM FETCHING> for further information.
 
 The returned value must eventually be freed with EVP_CIPHER_free().
@@ -224,16 +224,16 @@ Allocates and returns a cipher context.
 
 =item EVP_CIPHER_CTX_free()
 
-Clears all information from a cipher context and free up any allocated memory
-associate with it, including B<ctx> itself. This function should be called after
+Clears all information from a cipher context and frees any allocated memory
+associated with it, including I<ctx> itself. This function should be called after
 all operations using a cipher are complete so sensitive information does not
 remain in memory.
 
 =item EVP_CIPHER_CTX_ctrl()
 
-I<This is a legacy method. EVP_CIPHER_CTX_set_params() and
+I<This is a legacy method.> EVP_CIPHER_CTX_set_params() and
 EVP_CIPHER_CTX_get_params() is the mechanism that should be used to set and get
-parameters that are used by providers.>
+parameters that are used by providers.
 
 Performs cipher-specific control actions on context I<ctx>. The control command
 is indicated in I<cmd> and any additional arguments in I<p1> and I<p2>.
@@ -290,23 +290,23 @@ See L<OSSL_PARAM(3)> for the use of B<OSSL_PARAM> as a parameter descriptor.
 =item EVP_EncryptInit_ex2()
 
 Sets up cipher context I<ctx> for encryption with cipher I<type>. I<type> is
-typically supplied by a function such as EVP_aes_256_cbc(), or a value
-explicitly fetched with EVP_CIPHER_fetch(). I<key> is the symmetric key to use
-and I<iv> is the IV to use (if necessary), the actual number of bytes
-used for the key and IV depends on the cipher. The parameters I<params> will
-be set on the context after initialisation. It is possible to set
-all parameters to NULL except I<type> in an initial call and supply
-the remaining parameters in subsequent calls, all of which have I<type>
-set to NULL. This is done when the default cipher parameters are not
-appropriate.
+typically supplied by calling EVP_CIPHER_fetch(). I<type> may also be set
+using legacy functions such as EVP_aes_256_cbc(), but this is not recommended
+for new applications. I<key> is the symmetric key to use and I<iv> is the IV to
+use (if necessary), the actual number of bytes used for the key and IV depends
+on the cipher. The parameters I<params> will be set on the context after
+initialisation. It is possible to set all parameters to NULL except I<type> in
+an initial call and supply the remaining parameters in subsequent calls, all of
+which have I<type> set to NULL. This is done when the default cipher parameters
+are not appropriate.
 For B<EVP_CIPH_GCM_MODE> the IV will be generated internally if it is not
 specified.
 
 =item EVP_EncryptInit_ex()
 
-Is a legacy function similiar to EVP_EncryptInit_ex2() except If I<impl>
-is non-NULL, its implementation of the cipher B<type> is used if there is one,
-and if not, the default implementation is used.
+This legacy function is similar to EVP_EncryptInit_ex2() when I<impl> is NULL.
+The implementation of the I<type> from the I<impl> engine will be used if it
+exists.
 
 =item EVP_EncryptUpdate()
 
@@ -329,8 +329,8 @@ If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts
 the "final" data, that is any data that remains in a partial block.
 It uses standard block padding (aka PKCS padding) as described in
 the NOTES section, below. The encrypted
-final data is written to B<out> which should have sufficient space for
-one cipher block. The number of bytes written is placed in B<outl>. After
+final data is written to I<out> which should have sufficient space for
+one cipher block. The number of bytes written is placed in I<outl>. After
 this function is called the encryption operation is finished and no further
 calls to EVP_EncryptUpdate() should be made.
 
@@ -352,7 +352,7 @@ size is 1 in which case I<inl> bytes is sufficient.
 =item EVP_CipherInit_ex2(), EVP_CipherInit_ex(), EVP_CipherUpdate() and
 EVP_CipherFinal_ex()
 
-These functions that can be used for decryption or encryption. The operation
+These functions can be used for decryption or encryption. The operation
 performed depends on the value of the I<enc> parameter. It should be set to 1
 for encryption, 0 for decryption and -1 to leave the value unchanged
 (the actual value of 'enc' being supplied in a previous call).
@@ -361,13 +361,14 @@ for encryption, 0 for decryption and -1 to leave the value unchanged
 
 Clears all information from a cipher context and free up any allocated memory
 associated with it, except the I<ctx> itself. This function should be called
-anytime I<ctx> is to be reused for another
+anytime I<ctx> is reused by another
 EVP_CipherInit() / EVP_CipherUpdate() / EVP_CipherFinal() series of calls.
 
 =item EVP_EncryptInit(), EVP_DecryptInit() and EVP_CipherInit()
 
 Behave in a similar way to EVP_EncryptInit_ex(), EVP_DecryptInit_ex() and
-EVP_CipherInit_ex() except they always use the default cipher implementation.
+EVP_CipherInit_ex() except if the I<type> is not a fetched cipher they use the
+default implementation of the I<type>.
 
 =item EVP_EncryptFinal(), EVP_DecryptFinal() and EVP_CipherFinal()
 
@@ -384,8 +385,9 @@ If the cipher doesn't have the flag B<EVP_CIPH_FLAG_CUSTOM_CIPHER> set,
 then I<inl> must be a multiple of EVP_CIPHER_block_size().  If it isn't,
 the result is undefined.  If the cipher has that flag set, then I<inl>
 can be any size.
-This function is historic and shouldn't be used in an application, please
-consider using EVP_CipherUpdate() and EVP_CipherFinal_ex instead.
+Due to the constraints of the API contract of this function it shouldn't be used
+in applications, please consider using EVP_CipherUpdate() and
+EVP_CipherFinal_ex() instead.
 
 =item EVP_get_cipherbyname(), EVP_get_cipherbynid() and EVP_get_cipherbyobj()
 
@@ -404,7 +406,7 @@ Enables or disables padding. This function should be called after the context
 is set up for encryption or decryption with EVP_EncryptInit_ex2(),
 EVP_DecryptInit_ex2() or EVP_CipherInit_ex2(). By default encryption operations
 are padded using standard block padding and the padding is checked and removed
-when decrypting. If the B<pad> parameter is zero then no padding is
+when decrypting. If the I<pad> parameter is zero then no padding is
 performed, the total amount of data encrypted or decrypted must then
 be a multiple of the block size or an error will occur.
 
@@ -418,7 +420,7 @@ variable key length ciphers.
 
 =item EVP_CIPHER_CTX_set_key_length()
 
-Sets the key length of the cipher ctx.
+Sets the key length of the cipher context.
 If the cipher is a fixed length cipher then attempting to set the key
 length to any value other than the fixed value is an error.
 
@@ -430,7 +432,7 @@ The constant B<EVP_MAX_IV_LENGTH> is the maximum IV length for all ciphers.
 
 =item EVP_CIPHER_CTX_tag_length()
 
-Returns the tag length of a AEAD cipher when passed a B<EVP_CIPHER_CTX>. It will
+Returns the tag length of an AEAD cipher when passed a B<EVP_CIPHER_CTX>. It will
 return zero if the cipher does not support a tag. It returns a default value if
 the tag length has not been set.
 
@@ -443,8 +445,8 @@ maximum block length for all ciphers.
 =item EVP_CIPHER_type() and EVP_CIPHER_CTX_type()
 
 Return the type of the passed cipher or context. This "type" is the actual NID
-of the cipher OBJECT IDENTIFIER as such it ignores the cipher parameters and
-40 bit RC2 and 128 bit RC2 have the same NID. If the cipher does not have an
+of the cipher OBJECT IDENTIFIER and as such it ignores the cipher parameters
+(40 bit RC2 and 128 bit RC2 have the same NID). If the cipher does not have an
 object identifier or does not have ASN1 support this function will return
 B<NID_undef>.
 
@@ -464,8 +466,7 @@ useful with fetched B<EVP_CIPHER>s.
 =item EVP_CIPHER_name() and EVP_CIPHER_CTX_name()
 
 Return the name of the passed cipher or context.  For fetched ciphers with
-multiple names, only one of them is returned; it's recommended to use
-EVP_CIPHER_names_do_all() instead.
+multiple names, only one of them is returned. See also EVP_CIPHER_names_do_all().
 
 =item EVP_CIPHER_names_do_all()
 
@@ -526,7 +527,7 @@ is not supported.
 
 Generates a random key of the appropriate length based on the cipher context.
 The B<EVP_CIPHER> can provide its own random key generation routine to support
-keys of a specific form. I<Key> must point to a buffer at least as big as the
+keys of a specific form. I<key> must point to a buffer at least as big as the
 value returned by EVP_CIPHER_CTX_key_length().
 
 =item EVP_CIPHER_do_all_provided()
@@ -611,7 +612,7 @@ cached value.
 
 =head2 Gettable and Settable EVP_CIPHER_CTX parameters
 
-The following OSSL_PARAM keys can be used with both EVP_CIPHER_CTX_get_params()
+The following B<OSSL_PARAM> keys can be used with both EVP_CIPHER_CTX_get_params()
 and EVP_CIPHER_CTX_set_params().
 
 =over 4
@@ -698,7 +699,7 @@ cipher operation (either 4 or 8 records).
 
 =head2 Gettable EVP_CIPHER_CTX parameters
 
-The following OSSL_PARAM keys can be used with EVP_CIPHER_CTX_get_params():
+The following B<OSSL_PARAM> keys can be used with EVP_CIPHER_CTX_get_params():
 
 =over 4
 
@@ -715,7 +716,7 @@ See also EVP_CIPHER_CTX_get_original_iv().
 
 =item "updated-iv" (B<OSSL_CIPHER_PARAM_UPDATED_IV>) <octet string OR octet ptr>
 
-Gets the updated pseudo-IV state for the associated cipher ctx, e.g.,
+Gets the updated pseudo-IV state for the associated cipher context, e.g.,
 the previous ciphertext block for CBC mode or the iteratively encrypted IV
 value for OFB mode.  Note that octet pointer access is deprecated and is
 provided only for backwards compatibility with historical libcrypto APIs.
@@ -723,21 +724,21 @@ See also EVP_CIPHER_CTX_get_updated_iv().
 
 =item "randkey" (B<OSSL_CIPHER_PARAM_RANDOM_KEY>) <octet string>
 
-Gets a implementation specific randomly generated key for the associated
-cipher ctx I(ctx>. This is currently only supported by 3DES (which sets the key to
-odd parity).
+Gets an implementation specific randomly generated key for the associated
+cipher context I<ctx>. This is currently only supported by DES and 3DES (which set
+the key to odd parity).
 
 =item "taglen" (B<OSSL_CIPHER_PARAM_AEAD_TAGLEN>) <unsigned integer>
 
-Gets the tag length to be used for an AEAD cipher for the associated cipher ctx
-I<ctx>. It gets a default value if it has not been set.
+Gets the tag length to be used for an AEAD cipher for the associated cipher
+context I<ctx>. It gets a default value if it has not been set.
 The length of the "taglen" parameter should not exceed that of a B<size_t>.
 See also EVP_CIPHER_CTX_tag_length().
 
 =item "tlsaadpad" (B<OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD>) <unsigned integer>
 
 Gets the length of the tag that will be added to a TLS record for the AEAD
-tag for the associated cipher ctx I<ctx>.
+tag for the associated cipher context I<ctx>.
 The length of the "tlsaadpad" parameter should not exceed that of a B<size_t>.
 
 =item "tlsivgen" (B<OSSL_CIPHER_PARAM_AEAD_TLS1_GET_IV_GEN>) <octet string>
@@ -752,7 +753,7 @@ Get the total length of the record returned from the "tls1multi_enc" operation.
 
 =item "tls1multi_maxbufsz" (B<OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_BUFSIZE>) <unsigned integer>
 
-Gets the maximum record length for a tls1 multiblock cipher operation.
+Gets the maximum record length for a TLS1 multiblock cipher operation.
 The length of the "tls1multi_maxbufsz" parameter should not exceed that of a B<size_t>.
 
 =item "tls1multi_aadpacklen" (B<OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD_PACKLEN>) <unsigned integer>
@@ -761,13 +762,13 @@ Gets the result of running the "tls1multi_aad" operation.
 
 =item "tls-mac" (B<OSSL_CIPHER_PARAM_TLS_MAC>) <octet ptr>
 
-Used to pass the tls mac data.
+Used to pass the TLS MAC data.
 
 =back
 
 =head2 Settable EVP_CIPHER_CTX parameters
 
-The following OSSL_PARAM keys can be used with EVP_CIPHER_CTX_set_params():
+The following B<OSSL_PARAM> keys can be used with EVP_CIPHER_CTX_set_params():
 
 =over 4
 
@@ -777,29 +778,29 @@ Sets the MAC key used by composite AEAD ciphers such as AES-CBC-HMAC-SHA256.
 
 =item "speed" (B<OSSL_CIPHER_PARAM_SPEED>) <unsigned integer>
 
-Sets the speed option for the associated cipher ctx. This is only supported
+Sets the speed option for the associated cipher context. This is only supported
 by AES SIV ciphers which disallow multiple operations by default.
 Setting "speed" to 1 allows another encrypt or decrypt operation to be
 performed. This is used for performance testing.
 
 =item "tls-version" (B<OSSL_CIPHER_PARAM_TLS_VERSION>) <integer>
 
-Sets the tls-version.
+Sets the TLS version.
 
 =item "tls-mac-size" (B<OSSL_CIPHER_PARAM_TLS_MAC_SIZE>) <unsigned integer>
 
-Set the tls mac size.
+Set the TLS MAC size.
 
 =item "tlsaad" (B<OSSL_CIPHER_PARAM_AEAD_TLS1_AAD>) <octet string>
 
-Sets TLSv1.2 AAD information for the associated cipher ctx I<ctx>.
+Sets TLSv1.2 AAD information for the associated cipher context I<ctx>.
 TLSv1.2 AAD information is always 13 bytes in length and is as defined for the
 "additional_data" field described in section 6.2.3.3 of RFC5246.
 
 =item "tlsivfixed" (B<OSSL_CIPHER_PARAM_AEAD_TLS1_IV_FIXED>) <octet string>
 
 Sets the fixed portion of an IV for an AEAD cipher used in a TLS record
-encryption/ decryption for the associated cipher ctx.
+encryption/ decryption for the associated cipher context.
 TLS record encryption/decryption always occurs "in place" so that the input and
 output buffers are always the same memory location.
 AEAD IVs in TLSv1.2 consist of an implicit "fixed" part and an explicit part
@@ -815,7 +816,7 @@ In order to allow for "in place" decryption the plaintext output should be
 written to the same location in the output buffer that the ciphertext payload
 was read from, i.e. immediately after the explicit IV.
 
-When encrypting a record the first bytes of the input buffer will be empty to
+When encrypting a record the first bytes of the input buffer should be empty to
 allow space for the explicit IV, as will the final bytes where the tag will
 be written.
 The length of the input buffer will include the length of the explicit IV, the
@@ -837,8 +838,8 @@ This is only used for GCM mode.
 
 =item "tls1multi_enc" (B<OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC>) <octet string>
 
-Triggers a multiblock tls1 encrypt operation for a tls1 aware cipher that supports
-sending 4 or 8 records in one go.
+Triggers a multiblock TLS1 encrypt operation for a TLS1 aware cipher that
+supports sending 4 or 8 records in one go.
 The cipher performs both the MAC and encrypt stages and constructs the record
 headers itself.
 "tls1multi_enc" supplies the output buffer for the encrypt operation,
@@ -847,17 +848,17 @@ values to the encrypt operation.
 
 =item "tls1multi_encin" (B<OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_IN>) <octet string>
 
-Supplies the data to encrypt for a tls1 multiblock cipher operation.
+Supplies the data to encrypt for a TLS1 multiblock cipher operation.
 
 =item "tls1multi_maxsndfrag" (B<OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_SEND_FRAGMENT>) <unsigned integer>
 
-Sets the maximum send fragment size for a tls1 multiblock cipher operation.
+Sets the maximum send fragment size for a TLS1 multiblock cipher operation.
 It must be set before using "tls1multi_maxbufsz".
 The length of the "tls1multi_maxsndfrag" parameter should not exceed that of a B<size_t>.
 
 =item "tls1multi_aad" (B<OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD>) <octet string>
 
-Sets the authenticated additional data used by a tls1 multiblock cipher operation.
+Sets the authenticated additional data used by a TLS1 multiblock cipher operation.
 The supplied data consists of 13 bytes of record data containing:
 Bytes 0-7: The sequence number of the first record
 Byte 8: The record type
@@ -962,14 +963,14 @@ followed by EVP_CIPHER_CTX_get_params() with a key of
 =item EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE
 
 When used with a fetched B<EVP_CIPHER>,
-EVP_CIPHER_CTX_set_params() get called with an L<OSSL_PARAM(3)> item with the
+EVP_CIPHER_CTX_set_params() gets called with an L<OSSL_PARAM(3)> item with the
 key OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_SEND_FRAGMENT
 followed by EVP_CIPHER_CTX_get_params() with a key of
 "tls1multi_maxbufsz" (B<OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_BUFSIZE>).
 
 =item EVP_CTRL_TLS1_1_MULTIBLOCK_AAD
 
-When used with a fetched B<EVP_CIPHER>, EVP_CIPHER_CTX_set_params() get called
+When used with a fetched B<EVP_CIPHER>, EVP_CIPHER_CTX_set_params() gets called
 with L<OSSL_PARAM(3)> items with the keys
 "tls1multi_aad" (B<OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD>) and
 "tls1multi_interleave" (B<OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE>)
@@ -979,7 +980,7 @@ followed by EVP_CIPHER_CTX_get_params() with keys of
 
 =item EVP_CTRL_TLS1_1_MULTIBLOCK_ENCRYPT
 
-When used with a fetched B<EVP_CIPHER>, EVP_CIPHER_CTX_set_params() get called
+When used with a fetched B<EVP_CIPHER>, EVP_CIPHER_CTX_set_params() gets called
 with L<OSSL_PARAM(3)> items with the keys
 "tls1multi_enc" (B<OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC>),
 "tls1multi_encin" (B<OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_IN>) and
@@ -1070,7 +1071,7 @@ depending on the mode specified.
 
 To specify additional authenticated data (AAD), a call to EVP_CipherUpdate(),
 EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made with the output
-parameter B<out> set to B<NULL>.
+parameter I<out> set to B<NULL>.
 
 When decrypting, the return value of EVP_DecryptFinal() or EVP_CipherFinal()
 indicates whether the operation was successful. If it does not indicate success,
@@ -1127,8 +1128,8 @@ few additional requirements and different I<ctrl> values.
 
 For CCM mode, the total plaintext or ciphertext length B<MUST> be passed to
 EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() with the output
-and input parameters (B<in> and B<out>) set to B<NULL> and the length passed in
-the B<inl> parameter.
+and input parameters (I<in> and I<out>) set to B<NULL> and the length passed in
+the I<inl> parameter.
 
 The following I<ctrl>s are supported in CCM mode.
 
@@ -1162,7 +1163,7 @@ altered and several additional ctrl operations are supported.
 
 To specify any additional authenticated data (AAD) and/or a Nonce, a call to
 EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made
-with the output parameter B<out> set to B<NULL>.
+with the output parameter I<out> set to B<NULL>.
 
 RFC5297 states that the Nonce is the last piece of AAD before the actual
 encrypt/decrypt takes place. The API does not differentiate the Nonce from
@@ -1179,14 +1180,14 @@ The following ctrls are supported in both SIV modes.
 
 =item EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, taglen, tag);
 
-Writes B<taglen> bytes of the tag value to the buffer indicated by B<tag>.
+Writes I<taglen> bytes of the tag value to the buffer indicated by I<tag>.
 This call can only be made when encrypting data and B<after> all data has been
 processed (e.g. after an EVP_EncryptFinal() call). For SIV mode the taglen must
 be 16.
 
 =item EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, taglen, tag);
 
-Sets the expected tag to B<taglen> bytes from B<tag>. This call is only legal
+Sets the expected tag to I<taglen> bytes from I<tag>. This call is only legal
 when decrypting data and must be made B<before> any data is processed (e.g.
 before any EVP_DecryptUpdate() call). For SIV mode the taglen must be 16.
 
@@ -1194,7 +1195,7 @@ before any EVP_DecryptUpdate() call). For SIV mode the taglen must be 16.
 
 SIV mode makes two passes over the input data, thus, only one call to
 EVP_CipherUpdate(), EVP_EncryptUpdate() or EVP_DecryptUpdate() should be made
-with B<out> set to a non-B<NULL> value. A call to EVP_Decrypt_Final() or
+with I<out> set to a non-B<NULL> value. A call to EVP_Decrypt_Final() or
 EVP_CipherFinal() is not required, but will indicate if the update
 operation succeeded.
 
diff --git a/doc/man7/EVP_CIPHER-AES.pod b/doc/man7/EVP_CIPHER-AES.pod
new file mode 100644
index 0000000000..4cd59e4aae
--- /dev/null
+++ b/doc/man7/EVP_CIPHER-AES.pod
@@ -0,0 +1,77 @@
+=pod
+
+=head1 NAME
+
+EVP_CIPHER-AES - The AES EVP_CIPHER implementations
+
+=head1 DESCRIPTION
+
+Support for AES symmetric encryption using the B<EVP_CIPHER> API.
+
+=head2 Algorithm Names
+
+The following algorithms are available in the FIPS provider as well as the
+default provider:
+
+=over 4
+
+=item "AES-128-CBC", "AES-192-CBC" and  "AES-256-CBC"
+
+=item "AES-128-CBC-CTS", "AES-192-CBC-CTS" and "AES-256-CBC-CTS"
+
+=item "AES-128-CFB", "AES-192-CFB", "AES-256-CFB",
+"AES-128-CFB1", "AES-192-CFB1", "AES-256-CFB1",
+"AES-128-CFB8", "AES-192-CFB8" and "AES-256-CFB8"
+
+=item "AES-128-CTR", "AES-192-CTR" and "AES-256-CTR"
+
+=item "AES-128-ECB", "AES-192-ECB" and "AES-256-ECB"
+
+=item "AES-192-OCB", "AES-128-OCB" and "AES-256-OCB"
+
+=item "AES-128-SIV", "AES-192-SIV" and "AES-256-SIV"
+
+=item "AES-128-XTS" and "AES-256-XTS"
+
+=item "AES-128-CCM", "AES-192-CCM" and "AES-256-CCM"
+
+=item "AES-128-GCM", "AES-192-GCM" and "AES-256-GCM"
+
+=item "AES-128-WRAP", "AES-192-WRAP", "AES-256-WRAP",
+"AES-128-WRAP-PAD", "AES-192-WRAP-PAD", "AES-256-WRAP-PAD",
+"AES-128-WRAP-INV", "AES-192-WRAP-INV", "AES-256-WRAP-INV",
+"AES-128-WRAP-PAD-INV", "AES-192-WRAP-PAD-INV" and "AES-256-WRAP-PAD-INV"
+
+=item "AES-128-CBC-HMAC-SHA1", "AES-256-CBC-HMAC-SHA1",
+"AES-128-CBC-HMAC-SHA256" and "AES-256-CBC-HMAC-SHA256"
+
+=back
+
+The following algorithms are available in the default provider, but not the
+FIPS provider:
+
+=over 4
+
+=item "AES-128-OFB", "AES-192-OFB" and "AES-256-OFB"
+
+=back
+
+=head2 Parameters
+
+This implementation supports the parameters described in
+L<EVP_EncryptInit(3)/PARAMETERS>.
+
+=head1 SEE ALSO
+
+L<provider-cipher(7)>, L<OSSL_PROVIDER-FIPS(7)>, L<OSSL_PROVIDER-default(7)>
+
+=head1 COPYRIGHT
+
+Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man7/EVP_CIPHER-ARIA.pod b/doc/man7/EVP_CIPHER-ARIA.pod
new file mode 100644
index 0000000000..0528741665
--- /dev/null
+++ b/doc/man7/EVP_CIPHER-ARIA.pod
@@ -0,0 +1,55 @@
+=pod
+
+=head1 NAME
+
+EVP_CIPHER-ARIA - The ARIA EVP_CIPHER implementations
+
+=head1 DESCRIPTION
+
+Support for ARIA symmetric encryption using the B<EVP_CIPHER> API.
+
+=head2 Algorithm Names
+
+The following algorithms are available in the default provider:
+
+=over 4
+
+=item "ARIA-128-CBC", "ARIA-192-CBC" and  "ARIA-256-CBC"
+
+=item "ARIA-128-CFB", "ARIA-192-CFB", "ARIA-256-CFB",
+"ARIA-128-CFB1", "ARIA-192-CFB1", "ARIA-256-CFB1",
+"ARIA-128-CFB8", "ARIA-192-CFB8" and "ARIA-256-CFB8"
+
+=item "ARIA-128-CTR", "ARIA-192-CTR" and "ARIA-256-CTR"
+
+=item "ARIA-128-ECB", "ARIA-192-ECB" and "ARIA-256-ECB"
+
+=item "AES-192-OCB", "AES-128-OCB" and "AES-256-OCB"
+
+=item "ARIA-128-OFB", "ARIA-192-OFB" and "ARIA-256-OFB"
+
+=item "ARIA-128-CCM", "ARIA-192-CCM" and "ARIA-256-CCM"
+
+=item "ARIA-128-GCM", "ARIA-192-GCM" and "ARIA-256-GCM"
+
+=back
+
+=head2 Parameters
+
+This implementation supports the parameters described in
+L<EVP_EncryptInit(3)/PARAMETERS>.
+
+=head1 SEE ALSO
+
+L<provider-cipher(7)>, L<OSSL_PROVIDER-default(7)>
+
+=head1 COPYRIGHT
+
+Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man7/EVP_CIPHER-BLOWFISH.pod b/doc/man7/EVP_CIPHER-BLOWFISH.pod
new file mode 100644
index 0000000000..d79fc75539
--- /dev/null
+++ b/doc/man7/EVP_CIPHER-BLOWFISH.pod
@@ -0,0 +1,46 @@
+=pod
+
+=head1 NAME
+
+EVP_CIPHER-BLOWFISH - The BLOBFISH EVP_CIPHER implementations
+
+=head1 DESCRIPTION
+
+Support for BLOWFISH symmetric encryption using the B<EVP_CIPHER> API.
+
+=head2 Algorithm Names
+
+The following algorithms are available in the legacy provider:
+
+=over 4
+
+=item "BF-ECB"
+
+=item "BF-CBC"
+
+=item "BF-OFB"
+
+=item "BF-CFB"
+
+=back
+
+
+=head2 Parameters
+
+This implementation supports the parameters described in
+L<EVP_EncryptInit(3)/PARAMETERS>.
+
+=head1 SEE ALSO
+
+L<provider-cipher(7)>, L<OSSL_PROVIDER-legacy(7)>
+
+=head1 COPYRIGHT
+
+Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/man7/EVP_CIPHER-CAMELLIA.pod b/doc/man7/EVP_CIPHER-CAMELLIA.pod
new file mode 100644
index 0000000000..7b129c6407
--- /dev/null
+++ b/doc/man7/EVP_CIPHER-CAMELLIA.pod
@@ -0,0 +1,49 @@
+=pod
+
+=head1 NAME
+
+EVP_CIPHER-CAMELLIA - The CAMELLIA EVP_CIPHER implementations
+
+=head1 DESCRIPTION
+
+Support for CAMELLIA symmetric encryption using the B<EVP_CIPHER> API.
+
+=head2 Algorithm Names
+
+The following algorithms are available in the default provider:
+
+=over 4
+
+=item "CAMELLIA-128-CBC", "CAMELLIA-192-CBC" and  "CAMELLIA-256-CBC"
+
+=item "CAMELLIA-128-CFB", "CAMELLIA-192-CFB", "CAMELLIA-256-CFB",
+"CAMELLIA-128-CFB1", "CAMELLIA-192-CFB1", "CAMELLIA-256-CFB1",
+"CAMELLIA-128-CFB8", "CAMELLIA-192-CFB8" and "CAMELLIA-256-CFB8"
+
+=item "CAMELLIA-128-CTR", "CAMELLIA-192-CTR" and "CAMELLIA-256-CTR"
+
+=item "CAMELLIA-128-ECB", "CAMELLIA-192-ECB" and "CAMELLIA-256-ECB"