SSL_CTX_set_default_passwd_cb man page on DigitalUNIX

Man page or keyword search:  
man Server   12896 pages
apropos Keyword Search (all sections)
Output format
DigitalUNIX logo
[printable version]

SSL_CTX_set_default_passwd_cb(3)	      SSL_CTX_set_default_passwd_cb(3)

NAME
       SSL_CTX_set_default_passwd_cb, SSL_CTX_set_default_passwd_cb_userdata -
       Set password callback for encrypted PEM file handling

SYNOPSIS
       #include <openssl/ssl.h>

       void SSL_CTX_set_default_passwd_cb(
	       SSL_CTX *ctx,
	       pem_password_cb *cb ); void SSL_CTX_set_default_passwd_cb_user‐
       data(
	       SSL_CTX *ctx,
	       void *u ); int pem_passwd_cb(
	       char *buf,
	       int size,
	       int rwflag,
	       void *userdata );

DESCRIPTION
       The  SSL_CTX_set_default_passwd_cb() function sets the default password
       callback called when loading or storing a PEM certificate with  encryp‐
       tion.

       The SSL_CTX_set_default_passwd_cb_userdata() function sets a pointer to
       userdata which will be provided to the password callback on invocation.

       The pem_passwd_cb() function, which must be provided  by	 the  applica‐
       tion, hands back the password to be used during decryption.  On invoca‐
       tion a pointer to userdata is provided. The pem_passwd_cb() must	 write
       the  password  into  the provided buffer buf which is of size size. The
       actual length of the password must be returned to the calling function.
       The  <literal  role="strong">rwflag  indicates  whether the callback is
       used   for   reading/decryption	 (rwflag=0)   or    writing/encryption
       (rwflag=1).

NOTES
       When  loading  or storing private keys, a password might be supplied to
       protect the private key. The way this password can  be  supplied	 might
       depend  on  the application. If only one private key is handled, it can
       be practical to have pem_passwd_cb() handle the password dialog	inter‐
       actively.   If  several keys have to be handled, it can be practical to
       ask for the password once, then keep it in memory and  use  it  several
       times. In the last case, the password could be stored into the userdata
       storage and the	pem_passwd_cb()	 only  returns	the  password  already
       stored.

       When  asking  for  the  password interactively, pem_passwd_cb() can use
       rwflag to check whether an item shall be	 encrypted  (rwflag=3D1).   In
       this  case  the password dialog may ask for the same password twice for
       comparison in order to catch typos that would make decryption  impossi‐
       ble.

       Other items in PEM formatting (certificates) can also be encrypted.  It
       is not usual, as certificate information is considered public.

RETURN VALUES
       The		   SSL_CTX_set_default_passwd_cb()		   and
       SSL_CTX_set_default_passwd_cb_userdata() functions do not provide diag‐
       nostic information.

EXAMPLES
       The following example returns the password provided as userdata to  the
       calling	function.  The	password is considered to be a '\0' terminated
       string. If the password does not fit into the buffer, the  password  is
       truncated.
	int pem_passwd_cb(char *buf, int size, int rwflag, void *password)
	{
	 strncpy(buf, (char *)(password), size);
	 buf[size - 1] = '\0';
	 return(strlen(buf));
	}

SEE ALSO
       Functions: ssl(3), SSL_CTX_use_certificate(3)

					      SSL_CTX_set_default_passwd_cb(3)
[top]

List of man pages available for DigitalUNIX

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
....................................................................
Vote for polarhome
Free Shell Accounts :: the biggest list on the net