blob: 9eb5fadfab6f10b92ea82ae0e82dab7d2633b38f (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
|
.Dd $Mdocdate: November 12 2015 $
.Dt D2I_PKCS8PRIVATEKEY_BIO 3
.Os
.Sh NAME
.Nm d2i_PKCS8PrivateKey_bio ,
.Nm d2i_PKCS8PrivateKey_fp ,
.Nm i2d_PKCS8PrivateKey_bio ,
.Nm i2d_PKCS8PrivateKey_fp ,
.Nm i2d_PKCS8PrivateKey_nid_bio ,
.Nm i2d_PKCS8PrivateKey_nid_fp
.Nd PKCS#8 format private key functions
.Sh SYNOPSIS
.In openssl/evp.h
.Ft EVP_PKEY *
.Fo d2i_PKCS8PrivateKey_bio
.Fa "BIO *bp"
.Fa "EVP_PKEY **x"
.Fa "pem_password_cb *cb"
.Fa "void *u"
.Fc
.Ft EVP_PKEY *
.Fo d2i_PKCS8PrivateKey_fp
.Fa "FILE *fp"
.Fa "EVP_PKEY **x"
.Fa "pem_password_cb *cb"
.Fa "void *u"
.Fc
.Ft int
.Fo i2d_PKCS8PrivateKey_bio
.Fa "BIO *bp"
.Fa "EVP_PKEY *x"
.Fa "const EVP_CIPHER *enc"
.Fa "char *kstr"
.Fa "int klen"
.Fa "pem_password_cb *cb"
.Fa "void *u"
.Fc
.Ft int
.Fo i2d_PKCS8PrivateKey_fp
.Fa "FILE *fp"
.Fa "EVP_PKEY *x"
.Fa "const EVP_CIPHER *enc"
.Fa "char *kstr"
.Fa "int klen"
.Fa "pem_password_cb *cb"
.Fa "void *u"
.Fc
.Ft int
.Fo i2d_PKCS8PrivateKey_nid_bio
.Fa "BIO *bp"
.Fa "EVP_PKEY *x"
.Fa "int nid"
.Fa "char *kstr"
.Fa "int klen"
.Fa "pem_password_cb *cb"
.Fa "void *u"
.Fc
.Ft int
.Fo i2d_PKCS8PrivateKey_nid_fp
.Fa "FILE *fp"
.Fa "EVP_PKEY *x"
.Fa "int nid"
.Fa "char *kstr"
.Fa "int klen"
.Fa "pem_password_cb *cb"
.Fa "void *u"
.Fc
.Sh DESCRIPTION
The PKCS#8 functions encode and decode private keys in PKCS#8 format
using both PKCS#5 v1.5 and PKCS#5 v2.0 password based encryption
algorithms.
.Pp
Other than the use of DER as opposed to PEM these functions are
identical to the corresponding
.Xr pem 3
functions.
.Sh NOTES
Before using these functions,
.Xr OpenSSL_add_all_algorithms 3
should be called to initialize the internal algorithm lookup tables.
Otherwise errors about unknown algorithms will occur if an attempt is
made to decrypt a private key.
.Pp
These functions are currently the only way to store encrypted private
keys using DER format.
.Pp
Currently all the functions use
.Vt BIO
or
.Vt FILE
pointers, there are no functions which work directly on memory:
this can be readily worked around by converting the buffers to
memory BIOs, see
.Xr BIO_s_mem 3
for details.
.Sh SEE ALSO
.Xr pem 3
|