diff options
author | Tomas Mraz <tomas@openssl.org> | 2021-12-21 15:58:44 +0100 |
---|---|---|
committer | Tomas Mraz <tomas@openssl.org> | 2022-01-03 10:35:36 +0100 |
commit | 5b5342e04ff24d5138c054c1677c32729d47e938 (patch) | |
tree | d7eb4231423b2c32711cee6ffc39fcfb6effc01f | |
parent | ef65bbb96352650bf9ce4ff46c60c71d9f138d08 (diff) |
pem_password_cb: Clarify the documentation on passphrases
Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/17320)
-rw-r--r-- | doc/man3/PEM_read_bio_PrivateKey.pod | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/doc/man3/PEM_read_bio_PrivateKey.pod b/doc/man3/PEM_read_bio_PrivateKey.pod index a71907b170..27e7849ef7 100644 --- a/doc/man3/PEM_read_bio_PrivateKey.pod +++ b/doc/man3/PEM_read_bio_PrivateKey.pod @@ -335,7 +335,7 @@ I<klen> bytes at I<kstr> are used as the passphrase and I<cb> is ignored. If the I<cb> parameters is set to NULL and the I<u> parameter is not -NULL then the I<u> parameter is interpreted as a null terminated string +NULL then the I<u> parameter is interpreted as a NUL terminated string to use as the passphrase. If both I<cb> and I<u> are NULL then the default callback routine is used which will typically prompt for the passphrase on the current terminal with echoing turned off. @@ -355,7 +355,8 @@ value as the I<u> parameter passed to the PEM routine. It allows arbitrary data to be passed to the callback by the application (for example a window handle in a GUI application). The callback I<must> return the number of characters in the passphrase or -1 if -an error occurred. +an error occurred. The passphrase can be arbitrary data; in the case where it +is a string, it is not NUL terminated. See the L</EXAMPLES> section below. Some implementations may need to use cryptographic algorithms during their operation. If this is the case and I<libctx> and I<propq> parameters have been |