diff options
Diffstat (limited to 'openssl-1.1.0h/doc/crypto/PKCS12_parse.pod')
| -rw-r--r-- | openssl-1.1.0h/doc/crypto/PKCS12_parse.pod | 71 |
1 files changed, 71 insertions, 0 deletions
diff --git a/openssl-1.1.0h/doc/crypto/PKCS12_parse.pod b/openssl-1.1.0h/doc/crypto/PKCS12_parse.pod new file mode 100644 index 0000000..c03c371 --- /dev/null +++ b/openssl-1.1.0h/doc/crypto/PKCS12_parse.pod @@ -0,0 +1,71 @@ +=pod + +=head1 NAME + +PKCS12_parse - parse a PKCS#12 structure + +=head1 SYNOPSIS + + #include <openssl/pkcs12.h> + +int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca); + +=head1 DESCRIPTION + +PKCS12_parse() parses a PKCS12 structure. + +B<p12> is the B<PKCS12> structure to parse. B<pass> is the passphrase to use. +If successful the private key will be written to B<*pkey>, the corresponding +certificate to B<*cert> and any additional certificates to B<*ca>. + +=head1 NOTES + +The parameters B<pkey> and B<cert> cannot be B<NULL>. B<ca> can be <NULL> in +which case additional certificates will be discarded. B<*ca> can also be a +valid STACK in which case additional certificates are appended to B<*ca>. If +B<*ca> is B<NULL> a new STACK will be allocated. + +The B<friendlyName> and B<localKeyID> attributes (if present) on each +certificate will be stored in the B<alias> and B<keyid> attributes of the +B<X509> structure. + +The parameter B<pass> is interpreted as a string in the UTF-8 encoding. If it +is not valid UTF-8, then it is assumed to be ISO8859-1 instead. + +In particular, this means that passwords in the locale character set +(or code page on Windows) must potentially be converted to UTF-8 before +use. This may include passwords from local text files, or input from +the terminal or command line. Refer to the documentation of +L<UI_OpenSSL(3)>, for example. + +=head1 RETURN VALUES + +PKCS12_parse() returns 1 for success and zero if an error occurred. + +The error can be obtained from L<ERR_get_error(3)> + +=head1 BUGS + +Only a single private key and corresponding certificate is returned by this +function. More complex PKCS#12 files with multiple private keys will only +return the first match. + +Only B<friendlyName> and B<localKeyID> attributes are currently stored in +certificates. Other attributes are discarded. + +Attributes currently cannot be stored in the private key B<EVP_PKEY> structure. + +=head1 SEE ALSO + +L<d2i_PKCS12(3)> + +=head1 COPYRIGHT + +Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the OpenSSL license (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L<https://www.openssl.org/source/license.html>. + +=cut |