PEM_bytes_read_bio.pod 3.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081
  1. =pod
  2. =head1 NAME
  3. PEM_bytes_read_bio, PEM_bytes_read_bio_secmem - read a PEM-encoded data structure from a BIO
  4. =head1 SYNOPSIS
  5. #include <openssl/pem.h>
  6. int PEM_bytes_read_bio(unsigned char **pdata, long *plen, char **pnm,
  7. const char *name, BIO *bp, pem_password_cb *cb,
  8. void *u);
  9. int PEM_bytes_read_bio_secmem(unsigned char **pdata, long *plen, char **pnm,
  10. const char *name, BIO *bp, pem_password_cb *cb,
  11. void *u);
  12. =head1 DESCRIPTION
  13. PEM_bytes_read_bio() reads PEM-formatted (RFC 1421) data from the BIO
  14. I<bp> for the data type given in I<name> (RSA PRIVATE KEY, CERTIFICATE,
  15. etc.). If multiple PEM-encoded data structures are present in the same
  16. stream, PEM_bytes_read_bio() will skip non-matching data types and
  17. continue reading. Non-PEM data present in the stream may cause an
  18. error.
  19. The PEM header may indicate that the following data is encrypted; if so,
  20. the data will be decrypted, waiting on user input to supply a passphrase
  21. if needed. The password callback I<cb> and rock I<u> are used to obtain
  22. the decryption passphrase, if applicable.
  23. Some data types have compatibility aliases, such as a file containing
  24. X509 CERTIFICATE matching a request for the deprecated type CERTIFICATE.
  25. The actual type indicated by the file is returned in I<*pnm> if I<pnm> is
  26. non-NULL. The caller must free the storage pointed to by I<*pnm>.
  27. The returned data is the DER-encoded form of the requested type, in
  28. I<*pdata> with length I<*plen>. The caller must free the storage pointed
  29. to by I<*pdata>.
  30. PEM_bytes_read_bio_secmem() is similar to PEM_bytes_read_bio(), but uses
  31. memory from the secure heap for its temporary buffers and the storage
  32. returned in I<*pdata> and I<*pnm>. Accordingly, the caller must use
  33. OPENSSL_secure_free() to free that storage.
  34. =head1 NOTES
  35. PEM_bytes_read_bio_secmem() only enforces that the secure heap is used for
  36. storage allocated within the PEM processing stack. The BIO stack from
  37. which input is read may also use temporary buffers, which are not necessarily
  38. allocated from the secure heap. In cases where it is desirable to ensure
  39. that the contents of the PEM file only appears in memory from the secure heap,
  40. care is needed in generating the BIO passed as I<bp>. In particular, the
  41. use of BIO_s_file() indicates the use of the operating system stdio
  42. functionality, which includes buffering as a feature; BIO_s_fd() is likely
  43. to be more appropriate in such cases.
  44. =head1 RETURN VALUES
  45. PEM_bytes_read_bio() and PEM_bytes_read_bio_secmem() return 1 for success or
  46. 0 for failure.
  47. =head1 SEE ALSO
  48. L<PEM(3)>,
  49. L<PEM_read_bio_ex(3)>
  50. =head1 HISTORY
  51. PEM_bytes_read_bio_secmem() was introduced in OpenSSL 1.1.1
  52. =head1 COPYRIGHT
  53. Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.
  54. Licensed under the OpenSSL license (the "License"). You may not use
  55. this file except in compliance with the License. You can obtain a copy
  56. in the file LICENSE in the source distribution or at
  57. L<https://www.openssl.org/source/license.html>.
  58. =cut