diff options
author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2021-03-22 14:16:56 +0100 |
---|---|---|
committer | Dr. David von Oheimb <dev@ddvo.net> | 2021-04-08 15:18:58 +0200 |
commit | c1fd710297a21336ec0410fe86784c322945b805 (patch) | |
tree | a03b44f007e132f873630fab2bb36d153d92a8d2 /doc | |
parent | 321ac1f2973c01f4a4a2719e4400c26ff01c3231 (diff) | |
download | openssl-c1fd710297a21336ec0410fe86784c322945b805.tar.gz |
d2i_PrivateKey{,_ex}() and PEM_X509_INFO_read_bio_ex(): Fix handling of RSA/DSA/EC private key
This is needed to correct d2i_PrivateKey() after it was changed by commit 576892d78f80cf9a.
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14647)
Diffstat (limited to 'doc')
-rw-r--r-- | doc/man3/d2i_PrivateKey.pod | 13 |
1 files changed, 6 insertions, 7 deletions
diff --git a/doc/man3/d2i_PrivateKey.pod b/doc/man3/d2i_PrivateKey.pod index 4e918f14c6..c28aae817e 100644 --- a/doc/man3/d2i_PrivateKey.pod +++ b/doc/man3/d2i_PrivateKey.pod @@ -50,13 +50,16 @@ i2d_PrivateKey_fp =head1 DESCRIPTION d2i_PrivateKey_ex() decodes a private key using algorithm I<type>. It attempts -to use any key specific format or PKCS#8 unencrypted PrivateKeyInfo format. The -I<type> parameter should be a public key algorithm constant such as +to use any key-specific format or PKCS#8 unencrypted PrivateKeyInfo format. +The I<type> parameter should be a public key algorithm constant such as B<EVP_PKEY_RSA>. An error occurs if the decoded key does not match I<type>. Some private key decoding implementations may use cryptographic algorithms (for example to automatically derive the public key if it is not explicitly included in the encoding). In this case the supplied library context I<libctx> and property query string I<propq> are used. +If successful and the I<a> parameter is not NULL the function assigns the +returned B<EVP_PKEY> structure pointer to I<*a>, overwriting any previous value. + d2i_PrivateKey() does the same as d2i_PrivateKey_ex() except that the default library context and property query string are used. d2i_PublicKey() does the same for public keys. @@ -87,10 +90,6 @@ All these functions use DER format and unencrypted keys. Applications wishing to encrypt or decrypt private keys should use other functions such as d2i_PKCS8PrivateKey() instead. -If the I<*a> is not NULL when calling d2i_PrivateKey() or d2i_AutoPrivateKey() -(i.e. an existing structure is being reused) and the key format is PKCS#8 -then I<*a> will be freed and replaced on a successful call. - To decode a key with type B<EVP_PKEY_EC>, d2i_PublicKey() requires I<*a> to be a non-NULL EVP_PKEY structure assigned an EC_KEY structure referencing the proper EC_GROUP. @@ -100,7 +99,7 @@ EC_GROUP. The d2i_PrivateKey_ex(), d2i_PrivateKey(), d2i_AutoPrivateKey_ex(), d2i_AutoPrivateKey(), d2i_PrivateKey_ex_bio(), d2i_PrivateKey_bio(), d2i_PrivateKey_ex_fp(), d2i_PrivateKey_fp(), d2i_PublicKey(), d2i_KeyParams() -and d2i_KeyParams_bio() functions return a valid B<EVP_KEY> structure or B<NULL> +and d2i_KeyParams_bio() functions return a valid B<EVP_PKEY> structure or NULL if an error occurs. The error code can be obtained by calling L<ERR_get_error(3)>. |