openssl/doc/man3/PEM_read_bio_ex.pod

=pod

=head1 NAME

PEM_read_bio_ex, PEM_FLAG_SECURE, PEM_FLAG_EAY_COMPATIBLE,
PEM_FLAG_ONLY_B64 - read PEM format files with custom processing

=head1 SYNOPSIS

 #include <openssl/pem.h>

 #define PEM_FLAG_SECURE             0x1
 #define PEM_FLAG_EAY_COMPATIBLE     0x2
 #define PEM_FLAG_ONLY_B64           0x4
 int PEM_read_bio_ex(BIO *in, char **name, char **header,
                     unsigned char **data, long *len, unsigned int flags);

=head1 DESCRIPTION

PEM_read_bio_ex() reads in PEM formatted data from an input BIO, outputting
the name of the type of contained data, the header information regarding
the possibly encrypted data, and the binary data payload (after base64 decoding).
It should generally only be used to implement PEM_read_bio_-family functions
for specific data types or other usage, but is exposed to allow greater flexibility
over how processing is performed, if needed.

If PEM_FLAG_SECURE is set, the intermediate buffers used to read in lines of
input are allocated from the secure heap.

If PEM_FLAG_EAY_COMPATIBLE is set, a simple algorithm is used to remove whitespace
and control characters from the end of each line, so as to be compatible with
the historical behavior of PEM_read_bio().

If PEM_FLAG_ONLY_B64 is set, all characters are required to be valid base64
characters (or newlines); non-base64 characters are treated as end of input.

If neither PEM_FLAG_EAY_COMPATIBLE or PEM_FLAG_ONLY_B64 is set, control characters
are ignored.

If both PEM_FLAG_EAY_COMPATIBLE and PEM_FLAG_ONLY_B64 are set, an error is returned;
these options are not compatible with each other.

=head1 NOTES

The caller must release the storage allocated for *name, *header, and *data.
If PEM_FLAG_SECURE was set, use OPENSSL_secure_free(); otherwise,
OPENSSL_free() is used.

=head1 RETURN VALUES

PEM_read_bio_ex() returns 1 for success or 0 for failure.

=head1 SEE ALSO

L<PEM_bytes_read_bio(3)>

=head1 HISTORY

The PEM_read_bio_ex() function was added in OpenSSL 1.1.1.

=head1 COPYRIGHT

Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License").  You may not use
this file except in compliance with the License.  You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.

=cut
Add PEM_read_bio_ex The extended function includes a 'flags' argument to allow callers to specify different requested behaviors. In particular, callers can request that temporary storage buffers are allocated from the secure heap, which could be relevant when loading private key material. Refactor PEM_read_bio to use BIO_mems instead of BUFs directly, use some helper routines to reduce the overall function length, and make some of the checks more reasonable. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1700) 2016-02-19 11:24:27 +08:00			`=pod`

			`=head1 NAME`

			`PEM_read_bio_ex, PEM_FLAG_SECURE, PEM_FLAG_EAY_COMPATIBLE,`
			`PEM_FLAG_ONLY_B64 - read PEM format files with custom processing`

			`=head1 SYNOPSIS`

			`#include <openssl/pem.h>`

			`#define PEM_FLAG_SECURE 0x1`
			`#define PEM_FLAG_EAY_COMPATIBLE 0x2`
			`#define PEM_FLAG_ONLY_B64 0x4`
			`int PEM_read_bio_ex(BIO in, char name, char *header,`
			`unsigned char *data, long len, unsigned int flags);`

			`=head1 DESCRIPTION`

			`PEM_read_bio_ex() reads in PEM formatted data from an input BIO, outputting`
			`the name of the type of contained data, the header information regarding`
			`the possibly encrypted data, and the binary data payload (after base64 decoding).`
			`It should generally only be used to implement PEM_read_bio_-family functions`
			`for specific data types or other usage, but is exposed to allow greater flexibility`
			`over how processing is performed, if needed.`

			`If PEM_FLAG_SECURE is set, the intermediate buffers used to read in lines of`
			`input are allocated from the secure heap.`

			`If PEM_FLAG_EAY_COMPATIBLE is set, a simple algorithm is used to remove whitespace`
			`and control characters from the end of each line, so as to be compatible with`
			`the historical behavior of PEM_read_bio().`

			`If PEM_FLAG_ONLY_B64 is set, all characters are required to be valid base64`
			`characters (or newlines); non-base64 characters are treated as end of input.`

			`If neither PEM_FLAG_EAY_COMPATIBLE or PEM_FLAG_ONLY_B64 is set, control characters`
			`are ignored.`

			`If both PEM_FLAG_EAY_COMPATIBLE and PEM_FLAG_ONLY_B64 are set, an error is returned;`
			`these options are not compatible with each other.`

			`=head1 NOTES`

			`The caller must release the storage allocated for name, header, and *data.`
			`If PEM_FLAG_SECURE was set, use OPENSSL_secure_free(); otherwise,`
			`OPENSSL_free() is used.`

			`=head1 RETURN VALUES`

			`PEM_read_bio_ex() returns 1 for success or 0 for failure.`

			`=head1 SEE ALSO`

Fix reference to PEM docs Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/10101) 2019-10-06 01:48:50 +08:00			`L<PEM_bytes_read_bio(3)>`
Add PEM_read_bio_ex The extended function includes a 'flags' argument to allow callers to specify different requested behaviors. In particular, callers can request that temporary storage buffers are allocated from the secure heap, which could be relevant when loading private key material. Refactor PEM_read_bio to use BIO_mems instead of BUFs directly, use some helper routines to reduce the overall function length, and make some of the checks more reasonable. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1700) 2016-02-19 11:24:27 +08:00
			`=head1 HISTORY`

man: harmonize the various formulations in the HISTORY sections While stereotyped repetitions are frowned upon in literature, they serve a useful purpose in manual pages, because it is easier for the user to find certain information if it is always presented in the same way. For that reason, this commit harmonizes the varying formulations in the HISTORY section about which functions, flags, etc. were added in which OpenSSL version. It also attempts to make the pod files more grep friendly by avoiding to insert line breaks between the symbol names and the corresponding version number in which they were introduced (wherever possible). Some punctuation and typographical errors were fixed on the way. Reviewed-by: Tim Hudson <tjh@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7854) 2018-12-09 08:02:36 +08:00			`The PEM_read_bio_ex() function was added in OpenSSL 1.1.1.`
Add PEM_read_bio_ex The extended function includes a 'flags' argument to allow callers to specify different requested behaviors. In particular, callers can request that temporary storage buffers are allocated from the secure heap, which could be relevant when loading private key material. Refactor PEM_read_bio to use BIO_mems instead of BUFs directly, use some helper routines to reduce the overall function length, and make some of the checks more reasonable. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1700) 2016-02-19 11:24:27 +08:00
			`=head1 COPYRIGHT`

			`Copyright 2017 The OpenSSL Project Authors. All Rights Reserved.`

Following the license change, modify the boilerplates in doc/man3/ [skip ci] Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7829) 2018-12-06 21:04:44 +08:00			`Licensed under the Apache License 2.0 (the "License"). You may not use`
Add PEM_read_bio_ex The extended function includes a 'flags' argument to allow callers to specify different requested behaviors. In particular, callers can request that temporary storage buffers are allocated from the secure heap, which could be relevant when loading private key material. Refactor PEM_read_bio to use BIO_mems instead of BUFs directly, use some helper routines to reduce the overall function length, and make some of the checks more reasonable. Reviewed-by: Rich Salz <rsalz@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/1700) 2016-02-19 11:24:27 +08:00			`this file except in compliance with the License. You can obtain a copy`
			`in the file LICENSE in the source distribution or at`
			`L<https://www.openssl.org/source/license.html>.`

			`=cut`