$NetBSD: PKCS8_encrypt.3,v 1.5 2024/09/08 13:08:29 christos Exp $ -*- mode: troff; coding: utf-8 -*- Automatically generated by Pod::Man 5.01 (Pod::Simple 3.43) Standard preamble: ========================================================================..
..
..
\*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.. ds C` ""
. ds C' ""
'br\}
. ds C`
. ds C'
'br\}
Escape single quotes in literal strings from groff's Unicode transform. If the F register is >0, we'll generate index entries on stderr for titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index entries marked with X<> in POD. Of course, you'll have to process the output yourself in some meaningful fashion. Avoid warning from groff about undefined register 'F'...
.nr rF 0
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
======================================================================== Title "PKCS8_encrypt 3" PKCS8_encrypt 3 2024-09-03 3.0.15 OpenSSL
For nroff, turn off justification. Always turn off hyphenation; it makes way too many mistakes in technical documents. NAME
PKCS8_decrypt, PKCS8_decrypt_ex, PKCS8_encrypt, PKCS8_encrypt_ex,
PKCS8_set0_pbe, PKCS8_set0_pbe_ex - PKCS8
encrypt/
decrypt functions
SYNOPSIS
Header "SYNOPSIS" .Vb 1
#include <
openssl/
x509.h>
\&
PKCS8_PRIV_KEY_INFO *PKCS8_decrypt(const X509_SIG *p8, const char *pass,
int passlen);
PKCS8_PRIV_KEY_INFO *PKCS8_decrypt_ex(const X509_SIG *p8, const char *pass,
int passlen, OSSL_LIB_CTX *ctx,
const char *propq);
X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher,
const char *pass, int passlen, unsigned char *salt,
int saltlen, int iter, PKCS8_PRIV_KEY_INFO *p8);
X509_SIG *PKCS8_encrypt_ex(int pbe_nid, const EVP_CIPHER *cipher,
const char *pass, int passlen, unsigned char *salt,
int saltlen, int iter, PKCS8_PRIV_KEY_INFO *p8,
OSSL_LIB_CTX *ctx, const char *propq);
X509_SIG *PKCS8_set0_pbe(const char *pass, int passlen,
PKCS8_PRIV_KEY_INFO *p8inf, X509_ALGOR *pbe);
X509_SIG *PKCS8_set0_pbe_ex(const char *pass, int passlen,
PKCS8_PRIV_KEY_INFO *p8inf, X509_ALGOR *pbe,
OSSL_LIB_CTX *ctx);
.Ve
DESCRIPTION
Header "DESCRIPTION" \fBPKCS8_encrypt() and
PKCS8_encrypt_ex() perform encryption of an object
p8 using
the password
pass of length
passlen, salt
salt of length
saltlen
and iteration count
iter.
The resulting
X509_SIG contains the encoded algorithm parameters and encrypted
key.
\fBPKCS8_decrypt() and PKCS8_decrypt_ex() perform decryption of an X509_SIG in
\fIp8 using the password pass of length passlen along with algorithm
parameters obtained from the p8.
\fBPKCS8_set0_pbe() and PKCS8_set0_pbe_ex() perform encryption of the p8inf
using the password pass of length passlen and parameters pbe.
Functions ending in _ex() allow for a library context ctx and property query
\fIpropq to be used to select algorithm implementations.
"RETURN VALUES"
Header "RETURN VALUES" \fBPKCS8_encrypt(),
PKCS8_encrypt_ex(),
PKCS8_set0_pbe() and
PKCS8_set0_pbe_ex()
return an encrypted key in a
X509_SIG structure or NULL if an error occurs.
\fBPKCS8_decrypt() and PKCS8_decrypt_ex() return a PKCS8_PRIV_KEY_INFO or NULL
if an error occurs.
"CONFORMING TO"
Header "CONFORMING TO" IETF RFC 7292 (<https://
tools.ietf.org/
html/
rfc7292>)
"SEE ALSO"
Header "SEE ALSO" \fBcrypto\|(7)
HISTORY
Header "HISTORY" \fBPKCS8_decrypt_ex(),
PKCS8_encrypt_ex() and
PKCS8_set0_pbe_ex() were added in
OpenSSL 3.0.
COPYRIGHT
Header "COPYRIGHT" Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.