[openssl-users] i2d_ d2i_ b2i_ i2b_ functions and EVP_PKEY

Michael Wojcik Michael.Wojcik at microfocus.com
Tue Feb 3 13:03:34 UTC 2015

"i" is an abbreviation for "internal", meaning OpenSSL's internal format.
"2" means "to".
"d" means "DER".
"b" means "blob", and refers to a "key blob" format used by Microsoft. (That's based on the OpenSSL source code; I haven't looked into the actual provenance of this blob format.)

It appears the key blob format typically uses the "PVK" file extension.

Lots of things in OpenSSL aren't documented. It's not strange at all - programmers tend to write code first, documentation second (or later). This is true of a great many open-source projects, and many commercial ones as well. If you want something documented, your best bet is to research it in the code and write the documentation yourself.

Regarding your second question: EVP_KEY is defined in evp.h, where we see it contains a pointer to one of the specific key types, such as rsa_st. rsa_st is defined in rsa.h, and if we look there we see that it contains all the RSA parameters, so it implicitly contains both the public and private key.

Michael Wojcik
Technology Specialist, Micro Focus

From: openssl-users [mailto:openssl-users-bounces at openssl.org] On Behalf Of Serj
Sent: Tuesday, February 03, 2015 06:22
To: openssl-users at openssl.org
Subject: Re: [openssl-users] i2d_ d2i_ b2i_ i2b_ functions and EVP_PKEY

I have found some info and now some questions more clear for me. But still have 2 questions...

i2d_ functions write the DER representation of the object into a buffer.
d2i_ functions read the DER representation of the object from a buffer and creates the appropriate object in memory.

1. What is b2i_ and i2b_ functions?

EVP_PKEY structure can hold public or private key. It's strangely why there is no this info in the official documentation on www.openssl.org<http://www.openssl.org>

2. Can EVP_PKEY structure hold both private and public keys at once?

I have some example of code and there is a use of EVP_PKEY in this manner, that's why I am asking.

03.02.2015, 13:21, "Serj" <rasjv at yandex.com<mailto:rasjv at yandex.com>>:
> Hello.
> I see many functions have prefixes: i2d_ d2i_ b2i_ i2b_
> For example:
> i2d_PublicKey
> i2d_PrivateKey
> d2i_PublicKey
> d2i_PrivateKey
> b2i_PublicKey
> b2i_PrivateKey
> i2b_PublicKey_bio
> i2b_PrivateKey_bio
> I think these letters: 'i', 'd', 'b' have some meaning. Can somebody help me to understand what they are mean?
> And one more question.
> In accordance to: https://www.openssl.org/docs/crypto/EVP_PKEY_new.html, EVP_PKEY structure is used by OpenSSL to store private keys. But there are above functions which use as parameters pointer to EVP_PKEY structure and as they are named they can work with both public and private keys. So the questions are:
> 1. can we save to EVP_PKEY structure public key not private?
> 2. can we save to EVP_PKEY structure public and private keys at once?
> For example:
> EVP_PKEY * pkey;
> pkey = EVP_PKEY_new();
> RSA * rsa;
> rsa = RSA_generate_key(...)
> EVP_PKEY_assign_RSA(pkey, rsa);
> What key or keys will be in pkey after that?

Best Regards,


Click here<https://www.mailcontrol.com/sr/MZbqvYs5QwJvpeaetUwhCQ==> to report this email as spam.

This message has been scanned for malware by Websense. www.websense.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150203/82008e9c/attachment.html>

More information about the openssl-users mailing list