Cryptography and SSL/TLS Toolkit



d2i_Private_key, d2i_AutoPrivateKey, i2d_PrivateKey - decode and encode functions for reading and saving EVP_PKEY structures.


 #include <openssl/evp.h>

 EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
                          long length);
 EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
                              long length);
 int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp);


d2i_PrivateKey() decodes a private key using algorithm type. It attempts to use any key specific format or PKCS#8 unencrypted PrivateKeyInfo format. The type parameter should be a public key algorithm constant such as EVP_PKEY_RSA. An error occurs if the decoded key does not match type.

d2i_AutoPrivateKey() is similar to d2i_PrivateKey() except it attempts to automatically detect the private key format.

i2d_PrivateKey() encodes key. It uses a key specific format or, if none is defined for that key type, PKCS#8 unencrypted PrivateKeyInfo format.

These functions are similar to the d2i_X509() functions, and you should refer to that page for a detailed description (see d2i_X509(3)).


All these functions use DER format and unencrypted keys. Applications wishing to encrypt or decrypt private keys should use other functions such as d2i_PKC8PrivateKey() instead.

If the *a is not NULL when calling d2i_PrivateKey() or d2i_AutoPrivateKey() (i.e. an existing structure is being reused) and the key format is PKCS#8 then *a will be freed and replaced on a successful call.


d2i_PrivateKey() and d2i_AutoPrivateKey() return a valid EVP_KEY structure or NULL if an error occurs. The error code can be obtained by calling ERR_get_error(3).

i2d_PrivateKey() returns the number of bytes successfully encoded or a negative value if an error occurs. The error code can be obtained by calling ERR_get_error(3).


crypto(3), d2i_PKCS8PrivateKey(3)