Man page or keyword search:   man All Sections 1 - General Commands 2 - System Calls 3 - Subroutines, Functions 4 - Special Files 5 - File Formats 6 - Games and Screensavers 7 - Macros and Conventions 8 - Maintenence Commands 9 - Kernel Interface New Commands Server 4.4BSD AIX Alpinelinux Archlinux Aros BSDOS BSDi Bifrost CentOS Cygwin Darwin Debian DigitalUNIX DragonFly ElementaryOS Fedora FreeBSD Gentoo GhostBSD HP-UX Haiku Hurd IRIX Inferno JazzOS Kali Knoppix LinuxMint MacOSX Mageia Mandriva Manjaro Minix MirBSD NeXTSTEP NetBSD OPENSTEP OSF1 OpenBSD OpenDarwin OpenIndiana OpenMandriva OpenServer OpenSuSE OpenVMS Oracle PC-BSD Peanut Pidora Plan9 QNX Raspbian RedHat Scientific Slackware SmartOS Solaris SuSE SunOS Syllable Tru64 UNIXv7 Ubuntu Ultrix UnixWare Xenix YellowDog aLinux   44335 pages apropos Keyword Search (all sections) Output format html ascii pdf view pdf save postscript

SSL_CTX_SET_DEFAULT_P... BSD Library Functions Manual SSL_CTX_SET_DEFAULT_P...

NAME
     SSL_CTX_set_default_passwd_cb, SSL_CTX_set_default_passwd_cb_userdata —
     set passwd callback for encrypted PEM file handling

SYNOPSIS
     #include <openssl/ssl.h>

     void
     SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb);

     void
     SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u);

     int
     pem_passwd_cb(char *buf, int size, int rwflag, void *userdata);

DESCRIPTION
     SSL_CTX_set_default_passwd_cb() sets the default password callback called
     when loading/storing a PEM certificate with encryption.

     SSL_CTX_set_default_passwd_cb_userdata() sets a pointer to userdata u
     which will be provided to the password callback on invocation.

     The pem_passwd_cb(), which must be provided by the application, hands
     back the password to be used during decryption.  On invocation a pointer
     to userdata is provided.  The pem_passwd_cb must write the password into
     the provided buffer buf which is of size size.  The actual length of the
     password must be returned to the calling function.	 rwflag indicates
     whether the callback is used for reading/decryption (rwflag = 0) or writ‐
     ing/encryption (rwflag = 1).

NOTES
     When loading or storing private keys, a password might be supplied to
     protect the private key.  The way this password can be supplied may
     depend on the application.	 If only one private key is handled, it can be
     practical to have pem_passwd_cb() handle the password dialog interac‐
     tively.  If several keys have to be handled, it can be practical to ask
     for the password once, then keep it in memory and use it several times.
     In the last case, the password could be stored into the userdata storage
     and the pem_passwd_cb() only returns the password already stored.

     When asking for the password interactively, pem_passwd_cb() can use
     rwflag to check whether an item shall be encrypted (rwflag = 1).  In this
     case the password dialog may ask for the same password twice for compari‐
     son in order to catch typos which would make decryption impossible.

     Other items in PEM formatting (certificates) can also be encrypted; it is
     however atypical, as certificate information is considered public.

RETURN VALUES
     SSL_CTX_set_default_passwd_cb() and
     SSL_CTX_set_default_passwd_cb_userdata() do not provide diagnostic infor‐
     mation.

EXAMPLES
     The following example returns the password provided as userdata to the
     calling function.	The password is considered to be a ‘\0’ terminated
     string.  If the password does not fit into the buffer, the password is
     truncated.

     int pem_passwd_cb(char *buf, int size, int rwflag, void *password)
     {
	     strncpy(buf, (char *)password, size);
	     buf[size - 1] = '\0';
	     return strlen(buf);
     }

SEE ALSO
     ssl(3), SSL_CTX_use_certificate(3)

BSD				April 25, 2024				   BSD

Vote for polarhome