SSL_CTX_set_default_passwd_cb_userdata man page on MirBSD

Man page or keyword search:  
man Server   6113 pages
apropos Keyword Search (all sections)
Output format
MirBSD logo
[printable version]



SSL_CTX_SET_DEFAULT_PASSWD_CBOpenSSL_CTX_SET_DEFAULT_PASSWD_CB(3)

NAME
     SSL_CTX_set_default_passwd_cb,
     SSL_CTX_set_default_passwd_cb_userdata - set passwd callback
     for encrypted PEM file handling

SYNOPSIS
      #include <openssl/ssl.h>

      void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb);
      void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u);

      int pem_passwd_cb(char *buf, int size, int rwflag, void *userdata);

DESCRIPTION
     SSL_CTX_set_default_passwd_cb() sets the default password
     callback called when loading/storing a PEM certificate with
     encryption.

     SSL_CTX_set_default_passwd_cb_userdata() sets a pointer to
     userdata which will be provided to the password callback on
     invocation.

     The pem_passwd_cb(), which must be provided by the applica-
     tion, hands back the password to be used during decryption.
     On invocation a pointer to userdata is provided. The
     pem_passwd_cb must write the password into the provided
     buffer buf which is of size size. The actual length of the
     password must be returned to the calling function. rwflag
     indicates whether the callback is used for
     reading/decryption (rwflag=0) or writing/encryption
     (rwflag=1).

NOTES
     When loading or storing private keys, a password might be
     supplied to protect the private key. The way this password
     can be supplied may depend on the application. If only one
     private key is handled, it can be practical to have
     pem_passwd_cb() handle the password dialog interactively. If
     several keys have to be handled, it can be practical to ask
     for the password once, then keep it in memory and use it
     several times. In the last case, the password could be
     stored into the userdata storage and the pem_passwd_cb()
     only returns the password already stored.

     When asking for the password interactively, pem_passwd_cb()
     can use rwflag to check, whether an item shall be encrypted
     (rwflag=1). In this case the password dialog may ask for the
     same password twice for comparison in order to catch typos,
     that would make decryption impossible.

     Other items in PEM formatting (certificates) can also be
     encrypted, it is however not usual, as certificate

MirOS BSD #10-current	   2005-02-05				1

SSL_CTX_SET_DEFAULT_PASSWD_CBOpenSSL_CTX_SET_DEFAULT_PASSWD_CB(3)

     information is considered public.

RETURN VALUES
     SSL_CTX_set_default_passwd_cb() and
     SSL_CTX_set_default_passwd_cb_userdata() do not provide
     diagnostic information.

EXAMPLES
     The following example returns the password provided as user-
     data to the calling function. The password is considered to
     be a '\0' terminated string. If the password does not fit
     into the buffer, the password is truncated.

      int pem_passwd_cb(char *buf, int size, int rwflag, void *password)
      {
       strncpy(buf, (char *)(password), size);
       buf[size - 1] = '\0';
       return(strlen(buf));
      }

SEE ALSO
     ssl(3), SSL_CTX_use_certificate(3)

MirOS BSD #10-current	   2005-02-05				2

[top]

List of man pages available for MirBSD

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
....................................................................
Vote for polarhome
Free Shell Accounts :: the biggest list on the net