PKCS12_parse.pod 1.58 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57
=pod

=head1 NAME

PKCS12_parse - parse a PKCS#12 structure

=head1 SYNOPSIS

 #include <openssl/pkcs12.h>

int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, STACK_OF(X509) **ca);

=head1 DESCRIPTION

PKCS12_parse() parses a PKCS12 structure.

B<p12> is the B<PKCS12> structure to parse. B<pass> is the passphrase to use.
If successful the private key will be written to B<*pkey>, the corresponding
certificate to B<*cert> and any additional certificates to B<*ca>.

=head1 NOTES

The parameters B<pkey> and B<cert> cannot be B<NULL>. B<ca> can be <NULL> in
which case additional certificates will be discarded. B<*ca> can also be a
valid STACK in which case additional certificates are appended to B<*ca>. If
B<*ca> is B<NULL> a new STACK will be allocated.

The B<friendlyName> and B<localKeyID> attributes (if present) on each
certificate will be stored in the B<alias> and B<keyid> attributes of the
B<X509> structure.

=head1 RETURN VALUES

PKCS12_parse() returns 1 for success and zero if an error occurred.

The error can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>

=head1 BUGS

Only a single private key and corresponding certificate is returned by this
function. More complex PKCS#12 files with multiple private keys will only
return the first match.

Only B<friendlyName> and B<localKeyID> attributes are currently stored in
certificates. Other attributes are discarded.

Attributes currently cannot be stored in the private key B<EVP_PKEY> structure.

=head1 SEE ALSO

L<d2i_PKCS12(3)|d2i_PKCS12(3)>

=head1 HISTORY

PKCS12_parse was added in OpenSSL 0.9.3

=cut