1PKCS8_ENCRYPT(3ossl)                OpenSSL               PKCS8_ENCRYPT(3ossl)
2
3
4

NAME

6       PKCS8_decrypt, PKCS8_decrypt_ex, PKCS8_encrypt, PKCS8_encrypt_ex,
7       PKCS8_set0_pbe, PKCS8_set0_pbe_ex - PKCS8 encrypt/decrypt functions
8

SYNOPSIS

10        #include <openssl/x509.h>
11
12        PKCS8_PRIV_KEY_INFO *PKCS8_decrypt(const X509_SIG *p8, const char *pass,
13                                           int passlen);
14        PKCS8_PRIV_KEY_INFO *PKCS8_decrypt_ex(const X509_SIG *p8, const char *pass,
15                                              int passlen, OSSL_LIB_CTX *ctx,
16                                              const char *propq);
17        X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher,
18                                const char *pass, int passlen, unsigned char *salt,
19                                int saltlen, int iter, PKCS8_PRIV_KEY_INFO *p8);
20        X509_SIG *PKCS8_encrypt_ex(int pbe_nid, const EVP_CIPHER *cipher,
21                                   const char *pass, int passlen, unsigned char *salt,
22                                   int saltlen, int iter, PKCS8_PRIV_KEY_INFO *p8,
23                                   OSSL_LIB_CTX *ctx, const char *propq);
24        X509_SIG *PKCS8_set0_pbe(const char *pass, int passlen,
25                                PKCS8_PRIV_KEY_INFO *p8inf, X509_ALGOR *pbe);
26        X509_SIG *PKCS8_set0_pbe_ex(const char *pass, int passlen,
27                                    PKCS8_PRIV_KEY_INFO *p8inf, X509_ALGOR *pbe,
28                                    OSSL_LIB_CTX *ctx);
29

DESCRIPTION

31       PKCS8_encrypt() and PKCS8_encrypt_ex() perform encryption of an object
32       p8 using the password pass of length passlen, salt salt of length
33       saltlen and iteration count iter.  The resulting X509_SIG contains the
34       encoded algorithm parameters and encrypted key.
35
36       PKCS8_decrypt() and PKCS8_decrypt_ex() perform decryption of an
37       X509_SIG in p8 using the password pass of length passlen along with
38       algorithm parameters obtained from the p8.
39
40       PKCS8_set0_pbe() and PKCS8_set0_pbe_ex() perform encryption of the
41       p8inf using the password pass of length passlen and parameters pbe.
42
43       Functions ending in _ex() allow for a library context ctx and property
44       query propq to be used to select algorithm implementations.
45

RETURN VALUES

47       PKCS8_encrypt(), PKCS8_encrypt_ex(), PKCS8_set0_pbe() and
48       PKCS8_set0_pbe_ex() return an encrypted key in a X509_SIG structure or
49       NULL if an error occurs.
50
51       PKCS8_decrypt() and PKCS8_decrypt_ex() return a PKCS8_PRIV_KEY_INFO or
52       NULL if an error occurs.
53

CONFORMING TO

55       IETF RFC 7292 (<https://tools.ietf.org/html/rfc7292>)
56

SEE ALSO

58       crypto(7)
59

HISTORY

61       PKCS8_decrypt_ex(), PKCS8_encrypt_ex() and PKCS8_set0_pbe_ex() were
62       added in OpenSSL 3.0.
63
65       Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
66
67       Licensed under the Apache License 2.0 (the "License").  You may not use
68       this file except in compliance with the License.  You can obtain a copy
69       in the file LICENSE in the source distribution or at
70       <https://www.openssl.org/source/license.html>.
71
72
73
743.0.5                             2022-11-01              PKCS8_ENCRYPT(3ossl)
Impressum