PEM_read_PrivateKey() is a wrapper around PEM_ASN1_read() (which reads an arbitrary ASN.1 object from a PEM-encoded blob) and d2i_PrivateKey() (which knows how to read a private key blob specifically).
PEM_ASN1_read() simply creates a BIO from the FILE* that you give it, and calls PEM_ASN1_read_bio(). If you want, you can instead create a BIO from your string using something like BIO_new_mem_buf() and call PEM_ASN1_read_bio() yourself. (A BIO is an openssl object that's like a more general-purpose FILE*.) BTW, if your keys are stored in a database, there's probably no need for them to be PEM-encoded; you can save a bit of space and time by storing them in DER format and calling d2i_PrivateKey() directly. (PEM format is more or less just base64-encoded DER.) There's a FAQ entry on this: http://www.openssl.org/support/faq.html#PROG3 ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org