SSL_CTX_set_default_passwd_cb

· Home

+ man pages

-> Linux

-> FreeBSD

-> OpenBSD

-> NetBSD

-> Tru64 Unix

-> HP-UX 11i

-> IRIX

· Linux HOWTOs

· FreeBSD Tips

· *niX Forums

man pages->Tru64 Unix man pages -> SSL_CTX_set_default_passwd_cb (3)

SSL_CTX_set_default_passwd_cb(3)

NAME [Toc] [Back]

       SSL_CTX_set_default_passwd_cb,
       SSL_CTX_set_default_passwd_cb_userdata  -   Set   password
       callback for encrypted PEM file handling

SYNOPSIS [Toc] [Back]

       #include <openssl/ssl.h>

       void SSL_CTX_set_default_passwd_cb(
               SSL_CTX *ctx,
               pem_password_cb         *cb         );        void
       SSL_CTX_set_default_passwd_cb_userdata(
               SSL_CTX *ctx,
               void *u ); int pem_passwd_cb(
               char *buf,
               int size,
               int rwflag,
               void *userdata );

DESCRIPTION [Toc] [Back]

       The  SSL_CTX_set_default_passwd_cb()  function  sets   the
       default password callback called when loading or storing a
       PEM certificate with encryption.

       The SSL_CTX_set_default_passwd_cb_userdata() function sets
       a  pointer to userdata which will be provided to the password
 callback on invocation.

       The pem_passwd_cb() function, which must  be  provided  by
       the application, hands back the password to be used during
       decryption.  On invocation a pointer to userdata  is  provided.
  The  pem_passwd_cb()  must write the password into
       the provided buffer buf which is of size size. The  actual
       length  of  the  password  must be returned to the calling
       function.  The  <literal  role="strong">rwflag   indicates
       whether   the  callback  is  used  for  reading/decryption
       (rwflag=0) or writing/encryption (rwflag=1).

NOTES [Toc] [Back]

       When loading or storing private keys, a password might  be
       supplied to protect the private key. The way this password
       can be supplied might depend on the application.  If  only
       one  private  key  is handled, it can be practical to have
       pem_passwd_cb() handle the password dialog  interactively.
       If several keys have to be handled, it can be practical to
       ask for the password once, then keep it in memory and  use
       it  several times. In the last case, the password could be
       stored into the userdata storage and  the  pem_passwd_cb()
       only returns the password already stored.

       When    asking    for    the    password    interactively,
       pem_passwd_cb() can use rwflag to check  whether  an  item
       shall  be  encrypted (rwflag=3D1).  In this case the password
 dialog may ask for the same password twice  for  comparison
 in order to catch typos that would make decryption
       impossible.

       Other items in PEM formatting (certificates) can  also  be
       encrypted.  It is not usual, as certificate information is
       considered public.

RETURN VALUES [Toc] [Back]

       The          SSL_CTX_set_default_passwd_cb()           and
       SSL_CTX_set_default_passwd_cb_userdata()  functions do not
       provide diagnostic information.

EXAMPLES [Toc] [Back]

       The following example returns  the  password  provided  as
       userdata  to the calling function. The password is considered
 to be a '\0' terminated string. If the password  does
       not fit into the buffer, the password is truncated.
        int  pem_passwd_cb(char  *buf, int size, int rwflag, void
       *password)
        {
         strncpy(buf, (char *)(password), size);
         buf[size - 1] = '\0';
         return(strlen(buf));
        }

SSL_CTX_set_default_passwd_cb(3)

Contents

NAME [Toc] [Back]

SYNOPSIS [Toc] [Back]

DESCRIPTION [Toc] [Back]

NOTES [Toc] [Back]

RETURN VALUES [Toc] [Back]

EXAMPLES [Toc] [Back]

SEE ALSO [Toc] [Back]