d2i_PKCS8PrivateKey_bio.3ssl - Man Page

PKCS#8 format private key functions


 #include <openssl/evp.h>

 EVP_PKEY *d2i_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY **x, pem_password_cb *cb, void *u);
 EVP_PKEY *d2i_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY **x, pem_password_cb *cb, void *u);

 int i2d_PKCS8PrivateKey_bio(BIO *bp, EVP_PKEY *x, const EVP_CIPHER *enc,
                             char *kstr, int klen,
                             pem_password_cb *cb, void *u);

 int i2d_PKCS8PrivateKey_fp(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc,
                            char *kstr, int klen,
                            pem_password_cb *cb, void *u);

 int i2d_PKCS8PrivateKey_nid_bio(BIO *bp, EVP_PKEY *x, int nid,
                                 char *kstr, int klen,
                                 pem_password_cb *cb, void *u);

 int i2d_PKCS8PrivateKey_nid_fp(FILE *fp, EVP_PKEY *x, int nid,
                                char *kstr, int klen,
                                pem_password_cb *cb, void *u);


The PKCS#8 functions encode and decode private keys in PKCS#8 format using both PKCS#5 v1.5 and PKCS#5 v2.0 password based encryption algorithms.

Other than the use of DER as opposed to PEM these functions are identical to the corresponding PEM function as described in PEM_read_PrivateKey(3).


These functions are currently the only way to store encrypted private keys using DER format.

Currently all the functions use BIOs or FILE pointers, there are no functions which work directly on memory: this can be readily worked around by converting the buffers to memory BIOs, see BIO_s_mem(3) for details.

These functions make no assumption regarding the pass phrase received from the password callback. It will simply be treated as a byte sequence.

Return Values

d2i_PKCS8PrivateKey_bio() and d2i_PKCS8PrivateKey_fp() return a valid EVP_PKEY structure or NULL if an error occurred.

i2d_PKCS8PrivateKey_bio(), i2d_PKCS8PrivateKey_fp(), i2d_PKCS8PrivateKey_nid_bio() and i2d_PKCS8PrivateKey_nid_fp() return 1 on success or 0 on error.

See Also

PEM_read_PrivateKey(3), passphrase-encoding(7)

Referenced By

d2i_PrivateKey.3ssl(3), passphrase-encoding.7ssl(7), PEM_read.3ssl(3).

The man pages d2i_PKCS8PrivateKey_fp.3ssl(3), i2d_PKCS8PrivateKey_bio.3ssl(3), i2d_PKCS8PrivateKey_fp.3ssl(3), i2d_PKCS8PrivateKey_nid_bio.3ssl(3) and i2d_PKCS8PrivateKey_nid_fp.3ssl(3) are aliases of d2i_PKCS8PrivateKey_bio.3ssl(3).

2020-06-22 1.1.1g OpenSSL